From 2717a1083e4576665f6ce80cb3e298b880f93709 Mon Sep 17 00:00:00 2001
From: adrianp <adrianp@pkgsrc.org>
Date: Sat, 3 Dec 2005 17:04:23 +0000
Subject: Patch via Debian for: 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694

---
 chat/centericq/Makefile         |  3 ++-
 chat/centericq/distinfo         |  3 ++-
 chat/centericq/patches/patch-at | 12 ++++++++++++
 3 files changed, 16 insertions(+), 2 deletions(-)
 create mode 100644 chat/centericq/patches/patch-at

(limited to 'chat/centericq')

diff --git a/chat/centericq/Makefile b/chat/centericq/Makefile
index 49321424220..f226a072583 100644
--- a/chat/centericq/Makefile
+++ b/chat/centericq/Makefile
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.54 2005/10/16 19:28:03 tonio Exp $
+# $NetBSD: Makefile,v 1.55 2005/12/03 17:04:23 adrianp Exp $
 #
 
 DISTNAME=	centericq-4.21.0
 CATEGORIES=	chat
+PKGREVISION=	1
 MASTER_SITES=	http://konst.org.ua/download/ \
 		http://centericq.de/archive/source/releases/
 EXTRACT_SUFX=	.tar.bz2
diff --git a/chat/centericq/distinfo b/chat/centericq/distinfo
index 35fdcb39b0e..4ce819f5eff 100644
--- a/chat/centericq/distinfo
+++ b/chat/centericq/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.19 2005/10/16 19:28:03 tonio Exp $
+$NetBSD: distinfo,v 1.20 2005/12/03 17:04:23 adrianp Exp $
 
 SHA1 (centericq-4.21.0.tar.bz2) = 26b07c4bdcbe8c6888ceab98140b33007bec8554
 RMD160 (centericq-4.21.0.tar.bz2) = 69207fcaf5c90b9ae4609221526b839659c5ccfc
@@ -22,3 +22,4 @@ SHA1 (patch-ap) = 3092f56b292a3fe57cb80ad7a9fe26d8c6842840
 SHA1 (patch-aq) = ce0db172171d874cd35c4b0293ea96f5a580810e
 SHA1 (patch-ar) = b06ba8fad9a2dbcfacb0c81e2689cca02a38dd01
 SHA1 (patch-as) = 55822a88a4fd17e57a06f0f186a6649fe3e4b092
+SHA1 (patch-at) = 7dd7158371940522c7d393ea8d9194c2e4154cf8
diff --git a/chat/centericq/patches/patch-at b/chat/centericq/patches/patch-at
new file mode 100644
index 00000000000..8c5c2a79ca1
--- /dev/null
+++ b/chat/centericq/patches/patch-at
@@ -0,0 +1,12 @@
+$NetBSD: patch-at,v 1.1 2005/12/03 17:04:23 adrianp Exp $
+
+--- libicq2000-0.1/src/DirectClient.cpp.orig
++++ libicq2000-0.1/src/DirectClient.cpp
+@@ -162,6 +162,7 @@
+ 
+       m_recv.setLittleEndian();
+       m_recv >> length;
++      if (length == 0) return; // short read, toss it back (nothing to do)
+       if (length > Incoming_Packet_Limit) throw ParseException("Received too long incoming packet");
+       if (m_recv.remains() < length) return; // waiting for more of the packet
+ 
-- 
cgit v1.2.3