From f0409ac0f0ec8f2e3f81f5c2cc55611fbdae129b Mon Sep 17 00:00:00 2001 From: tron Date: Fri, 13 Aug 2010 14:26:23 +0000 Subject: Pullup ticket #3206 - requested by tron net/socat: security update Revisions pulled up: - net/socat/Makefile 1.24 - net/socat/distinfo 1.15 --- Module Name: pkgsrc Committed By: zafer Date: Thu Aug 12 17:54:14 UTC 2010 Modified Files: pkgsrc/net/socat: Makefile distinfo Log Message: Update socat to 1.7.1.3 Changelog: security: fixed a stack overflow vulnerability that occurred when command line arguments (whole addresses, host names, file names) were longer than 512 bytes. Note that this could only be exploited when an attacker was able to inject data into socat's command line. Full credits to Felix Grobert, Google Security Team, for finding and reporting this issue --- net/socat/Makefile | 4 ++-- net/socat/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/net/socat/Makefile b/net/socat/Makefile index d7138aeb684..8347a776819 100644 --- a/net/socat/Makefile +++ b/net/socat/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.23 2010/04/19 19:52:13 zafer Exp $ +# $NetBSD: Makefile,v 1.23.2.1 2010/08/13 14:26:23 tron Exp $ -DISTNAME= socat-1.7.1.2 +DISTNAME= socat-1.7.1.3 CATEGORIES= net MASTER_SITES= http://www.dest-unreach.org/socat/download/ diff --git a/net/socat/distinfo b/net/socat/distinfo index 37be3d38bea..c35e235e6da 100644 --- a/net/socat/distinfo +++ b/net/socat/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.14 2010/04/19 19:52:13 zafer Exp $ +$NetBSD: distinfo,v 1.14.2.1 2010/08/13 14:26:23 tron Exp $ -SHA1 (socat-1.7.1.2.tar.gz) = dbd76e9fdac13ae95c46be9bb8a95ef4258bb466 -RMD160 (socat-1.7.1.2.tar.gz) = 2ef9b80cf5e6cc57a837c0c78e269538460aaeee -Size (socat-1.7.1.2.tar.gz) = 554091 bytes +SHA1 (socat-1.7.1.3.tar.gz) = 5a42275da0d8a5182452b36535a74c3cdf21793b +RMD160 (socat-1.7.1.3.tar.gz) = fa4fdb731b5bef344f6c24a5bc242ae910728d57 +Size (socat-1.7.1.3.tar.gz) = 553489 bytes SHA1 (patch-aa) = c10b68a5ca36ec27c6e77a01f6f89a832a4862eb -- cgit v1.2.3