From f5eea914adaea8bedf002ce15b9a24c2733d7465 Mon Sep 17 00:00:00 2001
From: salo <salo>
Date: Wed, 5 Oct 2005 13:38:13 +0000
Subject: Security fix for SA17028:

"A vulnerability in Weex can be exploited by malicious users to cause a DoS
(Denial of Service) or to compromise a vulnerable system.

The vulnerability is caused due to a format string error in the "log_flush()"
function when flushing an error log entry that contains format string
specifiers to disk. This may be exploited to execute arbitrary code on a
user's system via a directory name containing format string specifiers.

Successful exploitation requires that the attacker is able to create
directories within the user's Weex home directory."

http://secunia.com/advisories/17028/

Patch from FreeBSD PR ports/86833.
---
 www/weex/Makefile         |  3 ++-
 www/weex/distinfo         |  3 ++-
 www/weex/patches/patch-ad | 15 +++++++++++++++
 3 files changed, 19 insertions(+), 2 deletions(-)
 create mode 100644 www/weex/patches/patch-ad

(limited to 'www/weex')

diff --git a/www/weex/Makefile b/www/weex/Makefile
index b8df83b0d27..ada39182662 100644
--- a/www/weex/Makefile
+++ b/www/weex/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.8 2005/06/17 04:49:49 jlam Exp $
+# $NetBSD: Makefile,v 1.9 2005/10/05 13:38:13 salo Exp $
 
 DISTNAME=	weex-2.6.1
+PKGREVISION=	1
 CATEGORIES=	www
 MASTER_SITES=	http://www.enjoy.ne.jp/~gm/program/weex/arc/
 
diff --git a/www/weex/distinfo b/www/weex/distinfo
index 73f7c23d92e..e226c44557e 100644
--- a/www/weex/distinfo
+++ b/www/weex/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.3 2005/07/08 17:51:32 kristerw Exp $
+$NetBSD: distinfo,v 1.4 2005/10/05 13:38:13 salo Exp $
 
 SHA1 (weex-2.6.1.tar.gz) = 8613e7c1a1621bbe042d076883f10b330934de5e
 RMD160 (weex-2.6.1.tar.gz) = d286d24d3d87ce78fb5032d50f0d6a0ac2876a04
@@ -6,3 +6,4 @@ Size (weex-2.6.1.tar.gz) = 200858 bytes
 SHA1 (patch-aa) = f8f092150b3556d78ab8ef66070447724c9c118d
 SHA1 (patch-ab) = 49e383c1c766d63b56256afe3293bf473ca63f6f
 SHA1 (patch-ac) = e22d816ad7177fdc3bd68f33fd1118cc8f5164d2
+SHA1 (patch-ad) = 0474aa99d979ff90aa1d9c179e7c44eccceefce2
diff --git a/www/weex/patches/patch-ad b/www/weex/patches/patch-ad
new file mode 100644
index 00000000000..e39e4e52e4f
--- /dev/null
+++ b/www/weex/patches/patch-ad
@@ -0,0 +1,15 @@
+$NetBSD: patch-ad,v 1.1 2005/10/05 13:38:13 salo Exp $
+
+Fix for SA17028, via FreeBSD.
+
+--- src/log.c.orig	2000-05-03 16:42:05.000000000 +0200
++++ src/log.c	2005-10-05 15:31:06.000000000 +0200
+@@ -182,7 +182,7 @@
+ 
+ 	fp=log_open();
+ 	for(i=0;i<max_log;i++){
+-		fprintf(fp,log_str[i]);
++		fprintf(fp,"%s",log_str[i]);
+ 		free(log_str[i]);
+ 	}
+ 	free(log_str);
-- 
cgit v1.2.3