Hello community, here is the log from the commit of package openvas-scanner for openSUSE:Factory checked in at Fri Jun 10 13:05:41 CEST 2011.
-------- --- openvas-scanner/openvas-scanner.changes 2011-04-11 20:07:18.000000000 +0200 +++ /mounts/work_src_done/STABLE/openvas-scanner/openvas-scanner.changes 2011-06-08 20:53:27.000000000 +0200 @@ -1,0 +2,8 @@ +Wed Jun 8 18:14:49 UTC 2011 - [email protected] + +- Updated to 3.2.4 + * Fixed: Two potential resource leaks. + * Fixed: A number of compiler warning when compiling with gcc 4.6. + * Fixed: Usage of the mktemp template in openvas-nvt-sync. + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- openvas-scanner-3.2.3.tar.gz New: ---- openvas-scanner-3.2.4.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openvas-scanner.spec ++++++ --- /var/tmp/diff_new_pack.lCAhzA/_old 2011-06-10 13:04:59.000000000 +0200 +++ /var/tmp/diff_new_pack.lCAhzA/_new 2011-06-10 13:04:59.000000000 +0200 @@ -19,7 +19,7 @@ Name: openvas-scanner -Version: 3.2.3 +Version: 3.2.4 Release: 1 License: GPLv2 Group: Productivity/Networking/Security ++++++ debian.changelog ++++++ --- /var/tmp/diff_new_pack.lCAhzA/_old 2011-06-10 13:04:59.000000000 +0200 +++ /var/tmp/diff_new_pack.lCAhzA/_new 2011-06-10 13:04:59.000000000 +0200 @@ -1,3 +1,12 @@ +openvas-scanner (3.2.4-1) UNRELEASED; urgency=low + + * New upstream release + - Fixed: Two potential resource leaks. + - Fixed: A number of compiler warning when compiling with gcc 4.6. + - Fixed: Usage of the mktemp template in openvas-nvt-sync. + + -- Stephan Kleine <[email protected]> Wed, 08 Jun 2011 20:16:05 +0200 + openvas-scanner (3.2.3-1) UNRELEASED; urgency=low * New upstream release ++++++ openvas-scanner-3.2.3.tar.gz -> openvas-scanner-3.2.4.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/CHANGES new/openvas-scanner-3.2.4/CHANGES --- old/openvas-scanner-3.2.3/CHANGES 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/CHANGES 2011-06-08 14:22:08.000000000 +0200 @@ -1,3 +1,22 @@ +openvas-scanner 3.2.4 (2011-06-08) + +This is the fourth maintenance release of the openvas-scanner 3.2 module for the +Open Vulnerability Assessment System release 4 (OpenVAS-4). + +This release addresses a number of compiler warnings discovered by Stephan +Kleine, fixes two potential resource leaks reported by Henri Doreau and +addresses an issue in the synchronization script which could cause an error +under certain circumstances. + +Many thanks to everyone who has contributed to this release: +Henri Doreau, Stephan Kleine, Matthew Mundell and Michael Wiegand. + +Main changes compared to 3.2.3: +* Fixed: Two potential resource leaks. +* Fixed: A number of compiler warning when compiling with gcc 4.6. +* Fixed: Usage of the mktemp template in openvas-nvt-sync. + + openvas-scanner 3.2.3 (2011-04-11) This is the third maintenance release of the openvas-scanner 3.2 module for the diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/CMakeLists.txt new/openvas-scanner-3.2.4/CMakeLists.txt --- old/openvas-scanner-3.2.3/CMakeLists.txt 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/CMakeLists.txt 2011-06-08 14:22:08.000000000 +0200 @@ -79,7 +79,7 @@ set (CPACK_TOPLEVEL_TAG "") set (CPACK_PACKAGE_VERSION_MAJOR "3") set (CPACK_PACKAGE_VERSION_MINOR "2") -set (CPACK_PACKAGE_VERSION_PATCH "3${SVN_REVISION}") +set (CPACK_PACKAGE_VERSION_PATCH "4${SVN_REVISION}") set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}") set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/ChangeLog new/openvas-scanner-3.2.4/ChangeLog --- old/openvas-scanner-3.2.3/ChangeLog 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/ChangeLog 2011-06-08 14:22:08.000000000 +0200 @@ -1,3 +1,73 @@ +2011-06-08 Michael Wiegand <[email protected]> + + Preparing the openvas-scanner 3.2.4 release. + + * CHANGES: Updated. + +2011-06-06 Michael Wiegand <[email protected]> + + * src/ntp_11.c (ntp_1x_send_dependencies): Revert last commit as it + removed a used variable. + +2011-06-05 Stephan Kleine + + * src/ntp_11.c: remove unused variable to fix compilation wih GCC 4.6. + +2011-06-01 Matthew Mundell <[email protected]> + + Close some leaks. Based on patch from Michael Wiegand. Backport from + trunk r11050. + + * src/oval_plugins.c (start_element, text, oval_plugin_add): Always free + memory that is allocated by glib functions. Take into account that the + nvti_set_* functions duplicate the given memory. + (ovaldi_launch): Add leak todos. + +2011-05-31 Matthew Mundell <[email protected]> + + Deal with GCC 4.6 warnings. Thanks to Stephan Kleine for original patch. + Backport from trunk r11034. + + * src/attack.c (attack_network): Remove stray variables. + + * src/nasl_plugins.c (nasl_thread): Check nice return. + + * src/openvassd.c (scanner_thread): Check nice return. + + * src/oval_plugins.c (oval_plugin_add): Set NVT description correctly in + overlength case. + + * src/preferences.c (preferences_drop_privileges): Remove variable + previously used for trace message. + + * src/shared_socket.c (openvassd_shared_socket_register): Check + internal_recv return. + + * src/sighand.c (let_em_die): Remove return variable, as the waitpid may + fail in legitimate cases. + +2011-04-18 Matthew Mundell <[email protected]> + + * tools/openvas-nvt-sync.in: Put the mktemp template last, otherwise + Ubuntu 9.10 gives an error. + (do_sync): Correct typo. + +2011-04-18 Henri Doreau <[email protected]> + + * src/ntp_11.c (ntp_1x_send_dependencies): fixed memory leak reported + by Valgrind. + +2011-04-18 Henri Doreau <[email protected]> + + * src/pluginload.c (collect_nvts): fixed memory leak reported by + Valgrind. + +2011-04-11 Michael Wiegand <[email protected]> + + Post release version bump. + + * CMakeLists.txt: Set to version to 3.2.4. + 2011-04-11 Michael Wiegand <[email protected]> Preparing the openvas-scanner 3.2.3 release. @@ -280,7 +350,7 @@ * doc/HTTP_authentication.txt: Removed. There is no new or helpful information in there. - + * src/COPYING: Removed. Since we maintain a explicit list in COPYING, we don't need that file anymore. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/doc/openvassd.8 new/openvas-scanner-3.2.4/doc/openvassd.8 --- old/openvas-scanner-3.2.3/doc/openvassd.8 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/doc/openvassd.8 2011-06-08 14:22:08.000000000 +0200 @@ -23,7 +23,7 @@ .TP .BI "-c " <config-file> ", --config-file=" <config-file> Use the alternate configuration file instead of -.I /home/michael/vol1/openvas-testing/etc/openvas/openvassd.conf +.I /home/michael/vol1/openvas-testing-release/etc/openvas/openvassd.conf .TP .BI "-a " <address> ", --listen=" <address> @@ -81,12 +81,12 @@ The default .B openvassd configuration file, -.I /home/michael/vol1/openvas-testing/etc/openvas/openvassd.conf +.I /home/michael/vol1/openvas-testing-release/etc/openvas/openvassd.conf contains these options: .IP plugins_folder Contains the location of the plugins folder. This is usually -/home/michael/vol1/openvas-testing/var/lib/openvas/plugins, but you may change this. +/home/michael/vol1/openvas-testing-release/var/lib/openvas/plugins, but you may change this. .IP logfile path to the logfile. You can enter .I syslog @@ -159,7 +159,7 @@ .SH USERS MANAGEMENT The utility openvas-adduser(8) creates new openvassd users. Each openvassd user -is attributed a "home", in /home/michael/vol1/openvas-testing/var/lib/openvas/users/<username>. This home contains the following directories : +is attributed a "home", in /home/michael/vol1/openvas-testing-release/var/lib/openvas/users/<username>. This home contains the following directories : .IP auth/ This directory contains the authentication information for this user. It might contain the file 'dname' if the user is authenticating using a certificate, or 'hash' (or 'passwd') if the user is authenticating using a password. The file 'hash' contains a MD5 hash of the user password, as well as a random seed. The file 'password' should contain the password in clear text. @@ -175,7 +175,7 @@ When a user attempts to log in, openvassd first checks that the directory -/home/michael/vol1/openvas-testing/var/lib/openvas/users/<username> exists, then hashes the password sent by the user with the random salt found in <username>/auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then openvassd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in <username>/dname. +/home/michael/vol1/openvas-testing-release/var/lib/openvas/users/<username> exists, then hashes the password sent by the user with the random salt found in <username>/auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then openvassd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in <username>/dname. To remove a given user, use the command openvas-rmuser(8). diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/attack.c new/openvas-scanner-3.2.4/src/attack.c --- old/openvas-scanner-3.2.3/src/attack.c 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/src/attack.c 2011-06-08 14:22:08.000000000 +0200 @@ -1,5 +1,5 @@ /* OpenVAS -* $Id: attack.c 9983 2011-01-17 17:46:44Z jan $ +* $Id: attack.c 11038 2011-05-31 18:53:24Z mattm $ * Description: Launches the plugins, and manages multithreading. * * Authors: - Renaud Deraison <[email protected]> (Original pre-fork develoment) @@ -939,7 +939,6 @@ { int max_hosts = 0; int num_tested = 0; - int host_pending = 0; char hostname[1024]; char *hostlist; struct in6_addr host_ip; @@ -1139,7 +1138,6 @@ } } - host_pending = 0; memcpy (&addrs.ip6, &host_ip, sizeof (struct in6_addr)); /* Do we have the right to test this host ? */ @@ -1156,9 +1154,7 @@ int s; char *MAC = NULL; int mac_err = -1; - struct in_addr addr; - addr.s_addr = host_ip.s6_addr32[3]; if (preferences_use_mac_addr (preferences) && v6_is_local_ip (&host_ip)) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/nasl_plugins.c new/openvas-scanner-3.2.4/src/nasl_plugins.c --- old/openvas-scanner-3.2.3/src/nasl_plugins.c 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/src/nasl_plugins.c 2011-06-08 14:22:08.000000000 +0200 @@ -1,5 +1,5 @@ /* OpenVAS -* $Id: nasl_plugins.c 9983 2011-01-17 17:46:44Z jan $ +* $Id: nasl_plugins.c 11038 2011-05-31 18:53:24Z mattm $ * Description: Launches NASL plugins. * * Authors: - Renaud Deraison <[email protected]> (Original pre-fork develoment) @@ -29,6 +29,7 @@ * @brief The nasl - plugin class. Loads or launches nasl- plugins. */ +#include <errno.h> #include <stdio.h> /* for fprintf() */ #include <unistd.h> /* for close() */ #include <signal.h> /* for SIGTERM */ @@ -252,10 +253,14 @@ int nice_retval; if (preferences_benice (NULL)) - nice_retval = nice (-5); - // @todo: Check value of nice_retval to see if it was successful. - // Keep in mind that even -1 can mean success here; see man page of nice - // for details. + { + errno = 0; + nice_retval = nice (-5); + if (nice_retval == -1 && errno != 0) + { + log_write ("Unable to renice process: %d", errno); + } + } /* XXX ugly hack */ soc = dup2 (soc, 4); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/ntp_11.c new/openvas-scanner-3.2.4/src/ntp_11.c --- old/openvas-scanner-3.2.3/src/ntp_11.c 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/src/ntp_11.c 2011-06-08 14:22:08.000000000 +0200 @@ -1,5 +1,5 @@ /* OpenVAS -* $Id: ntp_11.c 9926 2011-01-11 20:33:45Z jan $ +* $Id: ntp_11.c 11076 2011-06-06 08:29:59Z mwiegand $ * Description: OpenVAS Communication Manager; it manages the OpenVAS Transfer Protocol, * version 1.1 and 1.2. * @@ -843,9 +843,7 @@ strncat (buf, " <|> ", buf_size); deps = deps->next; } -#if 0 arg_free_all (d); -#endif auth_printf (globals, "%s\n", buf); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/openvassd.c new/openvas-scanner-3.2.4/src/openvassd.c --- old/openvas-scanner-3.2.3/src/openvassd.c 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/src/openvassd.c 2011-06-08 14:22:08.000000000 +0200 @@ -1,5 +1,5 @@ /* OpenVAS -* $Id: openvassd.c 10073 2011-01-24 07:48:34Z jan $ +* $Id: openvassd.c 11038 2011-05-31 18:53:24Z mattm $ * Description: Runs the OpenVAS-scanner. * * Authors: - Renaud Deraison <[email protected]> (Original pre-fork develoment) @@ -40,6 +40,7 @@ * OpenVAS Scanner main module, runs the scanner. */ +#include <errno.h> #include <string.h> /* for strchr() */ #include <stdio.h> /* for fprintf() */ #include <stdlib.h> /* for atoi() */ @@ -428,11 +429,14 @@ /* Everyone runs with a nicelevel of 10 */ if (preferences_benice (prefs)) - nice_retval = nice (10); - // @todo: Check value of nice_retval to see if it was successful. - // Keep in mind that even -1 can mean success here; see man page of nice - // for details. - + { + errno = 0; + nice_retval = nice (10); + if (nice_retval == -1 && errno != 0) + { + log_write ("Unable to renice process: %d", errno); + } + } openvas_signal (SIGCHLD, sighand_chld); #if 1 /* To let some time to attach a debugger to the child process */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/oval_plugins.c new/openvas-scanner-3.2.4/src/oval_plugins.c --- old/openvas-scanner-3.2.3/src/oval_plugins.c 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/src/oval_plugins.c 2011-06-08 14:22:08.000000000 +0200 @@ -202,13 +202,14 @@ { // TODO: This currently assigns only IDs in the range intended for // RedHat security advisories. - // TODO: g_strdup really necessary? - nvti_set_oid (current_plugin, - (const gchar *) g_strconcat ("1.3.6.1.4.1.25623.1.2.2312.", - g_strrstr (g_strdup (*value_cursor), ":") + 1, NULL)); + gchar *nvt_oid = g_strconcat ("1.3.6.1.4.1.25623.1.2.2312.", + g_strrstr (*value_cursor, ":") + 1, + NULL); + nvti_set_oid (current_plugin, nvt_oid); + g_free (nvt_oid); } if (strcmp (*name_cursor, "version") == 0) - nvti_set_version(current_plugin, *value_cursor); + nvti_set_version (current_plugin, *value_cursor); name_cursor++; value_cursor++; } @@ -268,11 +269,14 @@ gchar **title_split = g_strsplit (text, "\n", 0); if (g_strv_length (title_split) > 1) { + gchar *nvt_name; for (i = 0; i < g_strv_length (title_split); i++) { g_strstrip (title_split[i]); } - nvti_set_name (current_plugin, g_strjoinv (" ", title_split)); + nvt_name = g_strjoinv (" ", title_split); + nvti_set_name (current_plugin, nvt_name); + g_free (nvt_name); } else { @@ -360,7 +364,6 @@ gchar *filebuffer = NULL; gsize length = 0; gchar *descriptions = NULL; - gchar *description = NULL; int i; if (plugin_list != NULL) @@ -383,6 +386,7 @@ if (args == NULL) { + gchar *nvt_filename; char *sign_fprs = nasl_extract_signature_fprs (fullname); // If server accepts signed plugins only, discard if signature file missing. if (preferences_nasl_no_signature_check (preferences) == 0 @@ -425,6 +429,8 @@ if (g_slist_length (plugin_list) > 1) { gchar **title_array; + gchar *nvt_description; + gchar *nvt_name; title_array = g_malloc0 ((g_slist_length (plugin_list) + 1) * sizeof (gchar *)); @@ -437,23 +443,27 @@ descriptions = g_strjoinv (NULL, title_array); if (strlen (descriptions) > 3100) { - description = - g_strconcat + gchar *short_description = g_strndup (descriptions, 3100); + nvt_description = g_strconcat ("This OVAL file contains the following definitions:\n", - g_strndup (descriptions, 3100), - "\n(list cut due to memory limitations)", NULL); + short_description, "\n(list cut due to memory limitations)", NULL); + g_free (short_description); } else { - nvti_set_description (first_plugin, g_strconcat + nvt_description = g_strconcat ("This OVAL file contains the following definitions:\n", - g_strdup (descriptions), NULL)); + descriptions, NULL); } + nvti_set_description (first_plugin, nvt_description); + g_free (nvt_description); g_free (descriptions); g_strfreev (title_array); - nvti_set_name (first_plugin, - g_strdup_printf ("%s (%d OVAL definitions)", name, - g_slist_length (plugin_list))); + nvt_name = g_strdup_printf ("%s (%d OVAL definitions)", + name, + g_slist_length (plugin_list)); + nvti_set_name (first_plugin, nvt_name); + g_free (nvt_name); } nvti_set_summary (first_plugin, nvti_name (first_plugin)); @@ -461,7 +471,11 @@ nvti_set_dependencies (first_plugin, "toolcheck.nasl"); nvti_set_mandatory_keys (first_plugin, "Tools/Present/ovaldi"); nvti_set_category (first_plugin, ACT_END); - nvti_set_src (first_plugin, g_build_filename (folder, name, NULL)); + + nvt_filename = g_build_filename (folder, name, NULL); + nvti_set_src (first_plugin, nvt_filename); + g_free (nvt_filename); + nvti_set_sign_key_ids (first_plugin, sign_fprs); args = emalloc (sizeof (struct arglist)); @@ -559,14 +573,18 @@ // struct arglist * args = arg_get_value (g_args, "args"); struct kb_item **kb = arg_get_value (g_args, "key"); gchar *basename = + /** @todo What frees the g_strdup string? */ g_strrstr (g_strdup ((char *) arg_get_value (g_args, "name")), "/") + 1; gchar *result_string = NULL; + /** @todo What frees this? */ gchar *folder = g_strndup ((char *) arg_get_value (g_args, "name"), strlen ((char *) arg_get_value (g_args, "name")) - strlen (basename)); + /** @todo What frees this? */ sc_filename = g_strconcat (folder, "sc-out.xml", NULL); log_write ("SC Filename: %s\n", sc_filename); + /** @todo What if some other process does an ovaldi scan? */ results_filename = "/tmp/results.xml"; if (g_file_test (results_filename, G_FILE_TEST_EXISTS)) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/pluginload.c new/openvas-scanner-3.2.4/src/pluginload.c --- old/openvas-scanner-3.2.3/src/pluginload.c 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/src/pluginload.c 2011-06-08 14:22:08.000000000 +0200 @@ -1,5 +1,5 @@ /* OpenVAS -* $Id: pluginload.c 9967 2011-01-14 15:38:08Z jan $ +* $Id: pluginload.c 10795 2011-04-18 08:23:01Z hdoreau $ * Description: Loads plugins from disk into memory. * * Authors: - Renaud Deraison <[email protected]> (Original pre-fork develoment) @@ -95,7 +95,7 @@ collect_nvts (const char *folder, const char *subdir, GSList * files) { GDir *dir; - const gchar *fname, *path; + const gchar *fname; if (folder == NULL) return files; @@ -107,11 +107,23 @@ fname = g_dir_read_name (dir); while (fname) { + char *path; + path = g_build_filename (folder, fname, NULL); if (g_file_test (path, G_FILE_TEST_IS_DIR)) - files = - collect_nvts (g_build_filename (folder, fname, NULL), - g_build_filename (subdir, fname, NULL), files); + { + char *new_folder, *new_subdir; + + new_folder = g_build_filename (folder, fname, NULL); + new_subdir = g_build_filename (subdir, fname, NULL); + + files = collect_nvts (new_folder, new_subdir, files); + + if (new_folder) + g_free (new_folder); + if (new_subdir) + g_free (new_subdir); + } else { pl_class_t *cl_ptr = plugin_classes; @@ -127,6 +139,7 @@ cl_ptr = cl_ptr->pl_next; } } + g_free (path); fname = g_dir_read_name (dir); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/preferences.c new/openvas-scanner-3.2.4/src/preferences.c --- old/openvas-scanner-3.2.3/src/preferences.c 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/src/preferences.c 2011-06-08 14:22:08.000000000 +0200 @@ -1,5 +1,5 @@ /* OpenVAS -* $Id: preferences.c 10320 2011-02-16 13:27:43Z mwiegand $ +* $Id: preferences.c 11038 2011-05-31 18:53:24Z mattm $ * Description: Loads the preferences set in openvassd.conf into the memory. * * Authors: - Renaud Deraison <[email protected]> (Original pre-fork develoment) @@ -452,7 +452,6 @@ int preferences_drop_privileges (struct arglist *preferences, char *oid) { - char *pref; int ret = 0; if (preferences == NULL) @@ -464,7 +463,6 @@ ret = 1; } - pref = arg_get_value (preferences, "drop_privileges"); return ret; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/shared_socket.c new/openvas-scanner-3.2.4/src/shared_socket.c --- old/openvas-scanner-3.2.3/src/shared_socket.c 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/src/shared_socket.c 2011-06-08 14:22:08.000000000 +0200 @@ -1,5 +1,5 @@ /* OpenVAS -* $Id: shared_socket.c 9926 2011-01-11 20:33:45Z jan $ +* $Id: shared_socket.c 11038 2011-05-31 18:53:24Z mattm $ * Description: Manage shared sockets. * * Authors: - Renaud Deraison <[email protected]> (Original pre-fork develoment) @@ -100,6 +100,12 @@ int type; e = internal_recv (soc, &buffer, &bufsz, &type); + if (e == -1) + { + log_write ("shared_socket_register(): Error - internal_recv() failed\n"); + return -1; + } + if ((type & INTERNAL_COMM_MSG_SHARED_SOCKET) == 0 || (type & INTERNAL_COMM_SHARED_SOCKET_DORECVMSG) == 0) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/sighand.c new/openvas-scanner-3.2.4/src/sighand.c --- old/openvas-scanner-3.2.3/src/sighand.c 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/src/sighand.c 2011-06-08 14:22:08.000000000 +0200 @@ -1,5 +1,5 @@ /* OpenVAS -* $Id: sighand.c 9881 2011-01-04 18:23:58Z jan $ +* $Id: sighand.c 11038 2011-05-31 18:53:24Z mattm $ * Description: Provides signal handling functions. * * Authors: - Renaud Deraison <[email protected]> (Original pre-fork develoment) @@ -46,9 +46,9 @@ void let_em_die (int pid) { - int status, x; + int status; - x = waitpid (pid, &status, WNOHANG); + waitpid (pid, &status, WNOHANG); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/tools/openvas-nvt-sync.in new/openvas-scanner-3.2.4/tools/openvas-nvt-sync.in --- old/openvas-scanner-3.2.3/tools/openvas-nvt-sync.in 2011-04-11 09:29:40.000000000 +0200 +++ new/openvas-scanner-3.2.4/tools/openvas-nvt-sync.in 2011-06-08 14:22:08.000000000 +0200 @@ -87,7 +87,7 @@ SYNC_TMP_DIR=/tmp # If we have mktemp, create a temporary dir (safer) if [ -n "`which mktemp`" ]; then - SYNC_TMP_DIR=`mktemp -d openvas-nvt-sync.XXXXXXXXXX -t` || { echo "ERROR: Cannot create temporary directory for file download" >&2; exit 1 ; } + SYNC_TMP_DIR=`mktemp -t -d openvas-nvt-sync.XXXXXXXXXX` || { echo "ERROR: Cannot create temporary directory for file download" >&2; exit 1 ; } trap "rm -rf $SYNC_TMP_DIR" EXIT HUP INT TRAP TERM fi else @@ -252,7 +252,7 @@ do_sync () { if [ -z "$CMD_RSYNC" ] || [ $FEED_PRESENT -eq 0 ] ; then if [ $FEED_PRESENT -eq 0 ] ; then - echo "[i] rsync not is recommended for the initial sync. Falling back on http." + echo "[i] rsync is not recommended for the initial sync. Falling back on http." else echo "[w] rsync not found!" fi ++++++ openvas-scanner.dsc ++++++ --- /var/tmp/diff_new_pack.lCAhzA/_old 2011-06-10 13:04:59.000000000 +0200 +++ /var/tmp/diff_new_pack.lCAhzA/_new 2011-06-10 13:04:59.000000000 +0200 @@ -2,13 +2,13 @@ Source: openvas-scanner Binary: openvas-scanner Architecture: any -Version: 3.2.3-1 +Version: 3.2.4-1 Maintainer: Stephan Kleine <[email protected]> Homepage: http://www.openvas.org/ Standards-Version: 3.8.0 Build-Depends: debhelper (>= 6), devscripts, dpatch, cmake, hardening-wrapper, libopenvas4-dev, libwrap0-dev, pkg-config, po-debconf Files: - 776ce4e1000137c9aec7863372c8c876 373800 openvas-scanner-3.2.3.orig.tar.gz - 131e6720b0526ade9405eade0d9150ac 56625 openvas-scanner-3.2.3.diff.gz + 776ce4e1000137c9aec7863372c8c876 373800 openvas-scanner-3.2.4.orig.tar.gz + 131e6720b0526ade9405eade0d9150ac 56625 openvas-scanner-3.2.4.diff.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
