From e0bd026a648518fc6b077e2bab816c13453eb1ce Mon Sep 17 00:00:00 2001 From: tron Date: Wed, 21 Aug 2013 19:40:13 +0000 Subject: Pullup ticket #4216 - requested by drochner security/putty: security update Revisions pulled up: - security/putty/Makefile 1.34-1.35 - security/putty/distinfo 1.14-1.15 - security/putty/patches/patch-CVE-2013-4852-1 deleted - security/putty/patches/patch-CVE-2013-4852-2 deleted - security/putty/patches/patch-import.c 1.2-1.3 - security/putty/patches/patch-terminal.c deleted - security/putty/patches/patch-timing.c 1.2 - security/putty/patches/patch-unix_gtkfont_c deleted - security/putty/patches/patch-unix_gtkwin.c 1.3 - security/putty/patches/patch-unix_uxnet.c 1.2 - security/putty/patches/patch-unix_uxucs.c 1.2 - security/putty/patches/patch-windows_window.c 1.2 --- Module Name: pkgsrc Committed By: drochner Date: Tue Aug 6 12:23:37 UTC 2013 Modified Files: pkgsrc/security/putty: Makefile distinfo pkgsrc/security/putty/patches: patch-import.c Added Files: pkgsrc/security/putty/patches: patch-CVE-2013-4852-1 patch-CVE-2013-4852-2 Log Message: add patch from upstream to fix possible heap overflow in SSH handshake due to integer overflow (CVE-2013-4852) bump PKGREV --- Module Name: pkgsrc Committed By: drochner Date: Wed Aug 7 11:06:39 UTC 2013 Modified Files: pkgsrc/security/putty: Makefile distinfo pkgsrc/security/putty/patches: patch-import.c patch-timing.c patch-unix_gtkwin.c patch-unix_uxnet.c patch-unix_uxucs.c patch-windows_window.c Removed Files: pkgsrc/security/putty/patches: patch-CVE-2013-4852-1 patch-CVE-2013-4852-2 patch-terminal.c patch-unix_gtkfont_c Log Message: update to 0.63 This fixes a buffer overflow which was patched in pkgsrc (CVE-2013-4852), two other buffer overflows (CVE-2013-4206, CVE-2013-4207), and it clears private keys after use now (CVE-2013-4208). Other than that, there are mostly bug fixes from 0.62 and a few small features. --- security/putty/Makefile | 7 +-- security/putty/distinfo | 22 +++---- security/putty/patches/patch-import.c | 8 +-- security/putty/patches/patch-terminal.c | 46 -------------- security/putty/patches/patch-timing.c | 14 ++--- security/putty/patches/patch-unix_gtkfont_c | 87 --------------------------- security/putty/patches/patch-unix_gtkwin.c | 11 ++-- security/putty/patches/patch-unix_uxnet.c | 10 +-- security/putty/patches/patch-unix_uxucs.c | 8 +-- security/putty/patches/patch-windows_window.c | 11 ++-- 10 files changed, 44 insertions(+), 180 deletions(-) delete mode 100644 security/putty/patches/patch-terminal.c delete mode 100644 security/putty/patches/patch-unix_gtkfont_c diff --git a/security/putty/Makefile b/security/putty/Makefile index 182e1661c0f..e6b6454495f 100644 --- a/security/putty/Makefile +++ b/security/putty/Makefile @@ -1,10 +1,9 @@ -# $NetBSD: Makefile,v 1.33 2013/06/06 12:55:01 wiz Exp $ +# $NetBSD: Makefile,v 1.33.2.1 2013/08/21 19:40:13 tron Exp $ # -DISTNAME= putty-0.62 -PKGREVISION= 9 +DISTNAME= putty-0.63 CATEGORIES= security -MASTER_SITES= http://the.earth.li/~sgtatham/putty/0.62/ +MASTER_SITES= http://the.earth.li/~sgtatham/putty/0.63/ MAINTAINER= pkgsrc-users@NetBSD.org HOMEPAGE= http://www.chiark.greenend.org.uk/~sgtatham/putty/ diff --git a/security/putty/distinfo b/security/putty/distinfo index 1b0d6bbc401..3503fefa4bd 100644 --- a/security/putty/distinfo +++ b/security/putty/distinfo @@ -1,15 +1,13 @@ -$NetBSD: distinfo,v 1.13 2012/11/01 19:32:44 joerg Exp $ +$NetBSD: distinfo,v 1.13.6.1 2013/08/21 19:40:13 tron Exp $ -SHA1 (putty-0.62.tar.gz) = 5898438614117ee7e3704fc3f30a3c4bf2041380 -RMD160 (putty-0.62.tar.gz) = 48324416005eb4b14654fc9e0e14d39f20971507 -Size (putty-0.62.tar.gz) = 1783106 bytes -SHA1 (patch-import.c) = c2dc26aa851a326ea89e782ef93ae7bfdc916366 +SHA1 (putty-0.63.tar.gz) = 195c0603ef61082b91276faa8d4246ea472bba3b +RMD160 (putty-0.63.tar.gz) = cf28d88a5f0e1db6c21bb0308bd59ed4d6399e5f +Size (putty-0.63.tar.gz) = 1887913 bytes +SHA1 (patch-import.c) = da6a34ec3412985858babb28821296c40e30d96b SHA1 (patch-ldisc.c) = e4dd89bfb2ddcb47aad46cc7c311f424aa6ab6be -SHA1 (patch-terminal.c) = bed37a83bb7afc56ff34d48f8079b37d9db0f948 -SHA1 (patch-timing.c) = b836da7194aa72ac88d94951070dc65f11978703 +SHA1 (patch-timing.c) = 9dd79fde390878960e97c456628bbd5dcbcd07f9 SHA1 (patch-unix_Makefile.gtk) = 0ad8226e2ad8e6e40d3eb9ddef4b22e7d07b7895 -SHA1 (patch-unix_gtkfont_c) = 0e57d4f49466ac73fb0d8cc8efb635e6f8a37f44 -SHA1 (patch-unix_gtkwin.c) = c62d1888b93476972180d14b1fd06d0ab8c8b04b -SHA1 (patch-unix_uxnet.c) = 50e39093ece97b189da4a736713b59ed72c162d9 -SHA1 (patch-unix_uxucs.c) = c8a2c4a5f0f50a0c87ec643acd7a02f16dba576f -SHA1 (patch-windows_window.c) = 0c9f4ad5870e63793278d6f04cae88154611e596 +SHA1 (patch-unix_gtkwin.c) = ccabdde03fda8bbc24d659a440fe48f96ab5d867 +SHA1 (patch-unix_uxnet.c) = 2d1c2939721993fe5616c2fe3f1935c03a31bb35 +SHA1 (patch-unix_uxucs.c) = a2a5021b515c3bade1126ed062bdc1eece1ca0f9 +SHA1 (patch-windows_window.c) = e851bad963967429131286c18e39d1ac4add4ae7 diff --git a/security/putty/patches/patch-import.c b/security/putty/patches/patch-import.c index aa74a4e69ff..7c791965dbd 100644 --- a/security/putty/patches/patch-import.c +++ b/security/putty/patches/patch-import.c @@ -1,8 +1,8 @@ -$NetBSD: patch-import.c,v 1.1 2012/02/22 15:27:16 wiz Exp $ +$NetBSD: patch-import.c,v 1.1.14.1 2013/08/21 19:40:13 tron Exp $ ---- import.c.orig 2010-04-12 11:02:06.000000000 +0000 +--- import.c.orig 2013-07-20 13:15:20.000000000 +0000 +++ import.c -@@ -717,8 +717,8 @@ int openssh_write(const Filename *filena +@@ -725,8 +725,8 @@ int openssh_write(const Filename *filena unsigned char *outblob; int outlen; struct mpint_pos numbers[9]; @@ -13,7 +13,7 @@ $NetBSD: patch-import.c,v 1.1 2012/02/22 15:27:16 wiz Exp $ char zero[1]; unsigned char iv[8]; int ret = 0; -@@ -1513,8 +1513,8 @@ int sshcom_write(const Filename *filenam +@@ -1547,8 +1547,8 @@ int sshcom_write(const Filename *filenam unsigned char *outblob; int outlen; struct mpint_pos numbers[6]; diff --git a/security/putty/patches/patch-terminal.c b/security/putty/patches/patch-terminal.c deleted file mode 100644 index 2b8c6a15cd0..00000000000 --- a/security/putty/patches/patch-terminal.c +++ /dev/null @@ -1,46 +0,0 @@ -$NetBSD: patch-terminal.c,v 1.2 2012/11/01 19:32:44 joerg Exp $ - -Make the home/end keys work on BSD servers as well as Linux ones - ---- terminal.c.orig 2011-07-16 11:27:05.000000000 +0000 -+++ terminal.c -@@ -6202,13 +6202,6 @@ void term_key(Terminal *term, Key_Sym ke - } - } - -- /* RXVT Home/End */ -- if (term->cfg.rxvt_homeend && -- (keysym == PK_HOME || keysym == PK_END)) { -- p += sprintf((char *) p, keysym == PK_HOME ? "\x1B[H" : "\x1BOw"); -- goto done; -- } -- - if (term->vt52_mode) { - int xkey; - -@@ -6229,11 +6222,23 @@ void term_key(Terminal *term, Key_Sym ke - goto done; - } - -+ /* Home/End */ -+ if (keysym == PK_HOME || keysym == PK_END) { -+ /* Send the correct XTerm or rxvt codes for home/end -+ * We used to send ^[1~ and [4~ for Xterm, -+ * but those are Linux console */ -+ const char *he; -+ if (term->cfg.rxvt_homeend) -+ he = keysym == PK_HOME ? "\x1B[7~" : "\x1B[8~"; -+ else -+ he = keysym == PK_HOME ? "\x1BOH" : "\x1BOF"; -+ p += sprintf((char *) p, "%s", he); -+ goto done; -+ } -+ - switch (keysym) { -- case PK_HOME: code = 1; break; - case PK_INSERT: code = 2; break; - case PK_DELETE: code = 3; break; -- case PK_END: code = 4; break; - case PK_PAGEUP: code = 5; break; - case PK_PAGEDOWN: code = 6; break; - default: code = 0; break; /* else gcc warns `enum value not used' */ diff --git a/security/putty/patches/patch-timing.c b/security/putty/patches/patch-timing.c index 36d0925334f..c7885b77f20 100644 --- a/security/putty/patches/patch-timing.c +++ b/security/putty/patches/patch-timing.c @@ -1,19 +1,17 @@ -$NetBSD: patch-timing.c,v 1.1 2012/11/01 19:32:44 joerg Exp $ +$NetBSD: patch-timing.c,v 1.1.6.1 2013/08/21 19:40:13 tron Exp $ ---- timing.c.orig 2012-10-30 22:23:57.000000000 +0000 +--- timing.c.orig 2012-09-19 22:12:00.000000000 +0000 +++ timing.c -@@ -41,21 +41,10 @@ static int compare_timers(void *av, void +@@ -60,19 +60,10 @@ static int compare_timers(void *av, void * Failing that, compare on the other two fields, just so that * we don't get unwanted equality. */ --#ifdef __LCC__ +-#if defined(__LCC__) || defined(__clang__) - /* lcc won't let us compare function pointers. Legal, but annoying. */ - { - int c = memcmp(&a->fn, &b->fn, sizeof(a->fn)); -- if (c < 0) -- return -1; -- else if (c > 0) -- return +1; +- if (c) +- return c; - } -#else - if (a->fn < b->fn) diff --git a/security/putty/patches/patch-unix_gtkfont_c b/security/putty/patches/patch-unix_gtkfont_c deleted file mode 100644 index 49f62a63ba6..00000000000 --- a/security/putty/patches/patch-unix_gtkfont_c +++ /dev/null @@ -1,87 +0,0 @@ -$NetBSD: patch-unix_gtkfont_c,v 1.1 2012/05/07 01:14:15 dholland Exp $ - -Fix build with latest glib2. - ---- unix/gtkfont.c~ 2010-08-10 17:21:25.000000000 +0000 -+++ unix/gtkfont.c -@@ -524,21 +524,21 @@ static void x11font_enum_fonts(GtkWidget - style = p; - p += sprintf(p, "%s", components[2][0] ? components[2] : - "regular"); -- if (!g_strcasecmp(components[3], "i")) -+ if (!g_ascii_strcasecmp(components[3], "i")) - p += sprintf(p, " italic"); -- else if (!g_strcasecmp(components[3], "o")) -+ else if (!g_ascii_strcasecmp(components[3], "o")) - p += sprintf(p, " oblique"); -- else if (!g_strcasecmp(components[3], "ri")) -+ else if (!g_ascii_strcasecmp(components[3], "ri")) - p += sprintf(p, " reverse italic"); -- else if (!g_strcasecmp(components[3], "ro")) -+ else if (!g_ascii_strcasecmp(components[3], "ro")) - p += sprintf(p, " reverse oblique"); -- else if (!g_strcasecmp(components[3], "ot")) -+ else if (!g_ascii_strcasecmp(components[3], "ot")) - p += sprintf(p, " other-slant"); -- if (components[4][0] && g_strcasecmp(components[4], "normal")) -+ if (components[4][0] && g_ascii_strcasecmp(components[4], "normal")) - p += sprintf(p, " %s", components[4]); -- if (!g_strcasecmp(components[10], "m")) -+ if (!g_ascii_strcasecmp(components[10], "m")) - p += sprintf(p, " [M]"); -- if (!g_strcasecmp(components[10], "c")) -+ if (!g_ascii_strcasecmp(components[10], "c")) - p += sprintf(p, " [C]"); - if (components[5][0]) - p += sprintf(p, " %s", components[5]); -@@ -550,23 +550,23 @@ static void x11font_enum_fonts(GtkWidget - */ - p++; - stylekey = p; -- if (!g_strcasecmp(components[2], "medium") || -- !g_strcasecmp(components[2], "regular") || -- !g_strcasecmp(components[2], "normal") || -- !g_strcasecmp(components[2], "book")) -+ if (!g_ascii_strcasecmp(components[2], "medium") || -+ !g_ascii_strcasecmp(components[2], "regular") || -+ !g_ascii_strcasecmp(components[2], "normal") || -+ !g_ascii_strcasecmp(components[2], "book")) - weightkey = 0; -- else if (!g_strncasecmp(components[2], "demi", 4) || -- !g_strncasecmp(components[2], "semi", 4)) -+ else if (!g_ascii_strncasecmp(components[2], "demi", 4) || -+ !g_ascii_strncasecmp(components[2], "semi", 4)) - weightkey = 1; - else - weightkey = 2; -- if (!g_strcasecmp(components[3], "r")) -+ if (!g_ascii_strcasecmp(components[3], "r")) - slantkey = 0; -- else if (!g_strncasecmp(components[3], "r", 1)) -+ else if (!g_ascii_strncasecmp(components[3], "r", 1)) - slantkey = 2; - else - slantkey = 1; -- if (!g_strcasecmp(components[4], "normal")) -+ if (!g_ascii_strcasecmp(components[4], "normal")) - setwidthkey = 0; - else - setwidthkey = 1; -@@ -774,7 +774,7 @@ static int pangofont_check_desc_makes_se - - matched = FALSE; - for (i = 0; i < nfamilies; i++) { -- if (!g_strcasecmp(pango_font_family_get_name(families[i]), -+ if (!g_ascii_strcasecmp(pango_font_family_get_name(families[i]), - pango_font_description_get_family(desc))) { - matched = TRUE; - break; -@@ -1393,7 +1393,7 @@ static int strnullcasecmp(const char *a, - /* - * Otherwise, ordinary strcasecmp. - */ -- return g_strcasecmp(a, b); -+ return g_ascii_strcasecmp(a, b); - } - - static int fontinfo_realname_compare(void *av, void *bv) diff --git a/security/putty/patches/patch-unix_gtkwin.c b/security/putty/patches/patch-unix_gtkwin.c index 5c5e7e080e4..99582b260b1 100644 --- a/security/putty/patches/patch-unix_gtkwin.c +++ b/security/putty/patches/patch-unix_gtkwin.c @@ -1,14 +1,15 @@ -$NetBSD: patch-unix_gtkwin.c,v 1.2 2012/11/01 19:32:44 joerg Exp $ +$NetBSD: patch-unix_gtkwin.c,v 1.2.6.1 2013/08/21 19:40:13 tron Exp $ Make the home/end keys work on BSD servers as well as Linux ones ---- unix/gtkwin.c.orig 2011-05-07 10:57:19.000000000 +0000 +--- unix/gtkwin.c.orig 2013-07-20 13:15:10.000000000 +0000 +++ unix/gtkwin.c -@@ -1033,9 +1033,17 @@ gint key_event(GtkWidget *widget, GdkEve +@@ -1132,10 +1132,17 @@ gint key_event(GtkWidget *widget, GdkEve use_ucsoutput = FALSE; goto done; } -- if (inst->cfg.rxvt_homeend && (code == 1 || code == 4)) { +- if ((code == 1 || code == 4) && +- conf_get_int(inst->conf, CONF_rxvt_homeend)) { - end = 1 + sprintf(output+1, code == 1 ? "\x1B[H" : "\x1BOw"); - use_ucsoutput = FALSE; + /* Home/End */ @@ -17,7 +18,7 @@ Make the home/end keys work on BSD servers as well as Linux ones + * We used to send ^[1~ and [4~ for Xterm, + * but those are Linux console */ + const char *he; -+ if (inst->cfg.rxvt_homeend) ++ if (conf_get_int(inst->conf, CONF_rxvt_homeend)) + he = code == 1 ? "\x1B[7~" : "\x1B[8~"; + else + he = code == 1 ? "\x1BOH" : "\x1BOF"; diff --git a/security/putty/patches/patch-unix_uxnet.c b/security/putty/patches/patch-unix_uxnet.c index 7268e372779..ea3c8b85857 100644 --- a/security/putty/patches/patch-unix_uxnet.c +++ b/security/putty/patches/patch-unix_uxnet.c @@ -1,8 +1,8 @@ -$NetBSD: patch-unix_uxnet.c,v 1.1 2012/02/22 15:27:17 wiz Exp $ +$NetBSD: patch-unix_uxnet.c,v 1.1.14.1 2013/08/21 19:40:13 tron Exp $ ---- unix/uxnet.c.orig 2009-08-06 22:55:15.000000000 +0000 +--- unix/uxnet.c.orig 2013-07-27 18:35:48.000000000 +0000 +++ unix/uxnet.c -@@ -526,10 +526,10 @@ static int try_connect(Actual_Socket soc +@@ -534,10 +534,10 @@ static int try_connect(Actual_Socket soc { int s; union sockaddr_union u; @@ -10,8 +10,8 @@ $NetBSD: patch-unix_uxnet.c,v 1.1 2012/02/22 15:27:17 wiz Exp $ + const union sockaddr_union *sa = NULL; int err = 0; short localport; -- int fl, salen, family; -+ int fl, salen = 0, family; +- int salen, family; ++ int salen = 0, family; /* * Remove the socket from the tree before we overwrite its diff --git a/security/putty/patches/patch-unix_uxucs.c b/security/putty/patches/patch-unix_uxucs.c index bfdc3d92258..c24d6f7098e 100644 --- a/security/putty/patches/patch-unix_uxucs.c +++ b/security/putty/patches/patch-unix_uxucs.c @@ -1,9 +1,9 @@ -$NetBSD: patch-unix_uxucs.c,v 1.1 2012/11/01 19:32:44 joerg Exp $ +$NetBSD: patch-unix_uxucs.c,v 1.1.6.1 2013/08/21 19:40:13 tron Exp $ ---- unix/uxucs.c.orig 2012-10-30 22:26:02.000000000 +0000 +--- unix/uxucs.c.orig 2013-07-22 07:12:05.000000000 +0000 +++ unix/uxucs.c -@@ -76,7 +76,7 @@ int wc_to_mb(int codepage, int flags, wc - setlocale(LC_CTYPE, ""); +@@ -72,7 +72,7 @@ int wc_to_mb(int codepage, int flags, co + memset(&state, 0, sizeof state); while (wclen > 0) { - int i = wcrtomb(output, wcstr[0], &state); diff --git a/security/putty/patches/patch-windows_window.c b/security/putty/patches/patch-windows_window.c index c7087749845..3df3c07df72 100644 --- a/security/putty/patches/patch-windows_window.c +++ b/security/putty/patches/patch-windows_window.c @@ -1,14 +1,15 @@ -$NetBSD: patch-windows_window.c,v 1.1 2012/02/22 15:27:17 wiz Exp $ +$NetBSD: patch-windows_window.c,v 1.1.14.1 2013/08/21 19:40:13 tron Exp $ Make the home/end keys work on BSD servers as well as Linux ones ---- windows/window.c.orig 2011-07-16 11:26:19.000000000 +0000 +--- windows/window.c.orig 2013-08-04 19:32:10.000000000 +0000 +++ windows/window.c -@@ -4302,8 +4302,17 @@ static int TranslateKey(UINT message, WP +@@ -4520,9 +4520,17 @@ static int TranslateKey(UINT message, WP p += sprintf((char *) p, "\x1BO%c", code + 'P' - 11); return p - output; } -- if (cfg.rxvt_homeend && (code == 1 || code == 4)) { +- if ((code == 1 || code == 4) && +- conf_get_int(conf, CONF_rxvt_homeend)) { - p += sprintf((char *) p, code == 1 ? "\x1B[H" : "\x1BOw"); + /* Home/End */ + if (code == 1 || code == 4) { @@ -16,7 +17,7 @@ Make the home/end keys work on BSD servers as well as Linux ones + * We used to send ^[1~ and [4~ for Xterm, + * but those are Linux console */ + const char *he; -+ if (cfg.rxvt_homeend) ++ if (conf_get_int(conf, CONF_rxvt_homeend)) + he = code == 1 ? "\x1B[7~" : "\x1B[8~"; + else + he = code == 1 ? "\x1BOH" : "\x1BOF"; -- cgit v1.2.3