Hello community, here is the log from the commit of package libopenvas for openSUSE:Factory checked in at 2011-11-07 14:20:16 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libopenvas (Old) and /work/SRC/openSUSE:Factory/.libopenvas.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libopenvas", Maintainer is "" Changes: -------- --- /work/SRC/openSUSE:Factory/libopenvas/libopenvas.changes 2011-10-18 14:30:25.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.libopenvas.new/libopenvas.changes 2011-11-07 14:20:19.000000000 +0100 @@ -1,0 +2,8 @@ +Fri Nov 4 20:21:34 UTC 2011 - [email protected] + +- Update to 4.0.6 + * A bug which caused outdated cache files to be used under rare circumstances + has been fixed. + * Compiler warnings from gcc 4.6 have been addressed. + +------------------------------------------------------------------- Old: ---- openvas-libraries-4.0.5.tar.gz New: ---- openvas-libraries-4.0.6.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libopenvas.spec ++++++ --- /var/tmp/diff_new_pack.Ul138P/_old 2011-11-07 14:20:32.000000000 +0100 +++ /var/tmp/diff_new_pack.Ul138P/_new 2011-11-07 14:20:32.000000000 +0100 @@ -20,7 +20,7 @@ %define soname 4 Name: libopenvas -Version: 4.0.5 +Version: 4.0.6 Release: 4 License: GPLv2 Group: Productivity/Networking/Security ++++++ debian.changelog ++++++ --- /var/tmp/diff_new_pack.Ul138P/_old 2011-11-07 14:20:32.000000000 +0100 +++ /var/tmp/diff_new_pack.Ul138P/_new 2011-11-07 14:20:32.000000000 +0100 @@ -1,3 +1,12 @@ +libopenvas (4.0.6-1) unstable; urgency=low + + * New upstream release. + - A bug which caused outdated cache files to be used under rare circumstances + has been fixed. + - Compiler warnings from gcc 4.6 have been addressed. + + -- Stephan Kleine <[email protected]> Fri, 04 Nov 2011 21:22:26 +0100 + libopenvas (4.0.5-1) unstable; urgency=low * New upstream release. ++++++ libopenvas.dsc ++++++ --- /var/tmp/diff_new_pack.Ul138P/_old 2011-11-07 14:20:32.000000000 +0100 +++ /var/tmp/diff_new_pack.Ul138P/_new 2011-11-07 14:20:32.000000000 +0100 @@ -2,13 +2,13 @@ Source: libopenvas Binary: libopenvas4-dev, libopenvas4 Architecture: any -Version: 4.0.4-1 +Version: 4.0.6-1 Maintainer: Stephan Kleine <[email protected]> Homepage: http://www.openvas.org/ Standards-Version: 3.8.0 Build-Depends: bison, cmake (>= 2.6), debhelper (>= 5), doxygen, dpatch, hardening-wrapper, libgcrypt11-dev, libglib2.0-dev, libgnutls-dev, libgpgme11-dev (>= 1.1.2), libldap2-dev, libpcap-dev, uuid-dev Files: - b55a7a72ba7b9c8da7b1372a91fbdf88 464106 libopenvas-4.0.4.tar.gz - f657b454af293e32275da3400cc7c67b 4369 libopenvas-4.0.4.diff.gz + b55a7a72ba7b9c8da7b1372a91fbdf88 464106 libopenvas-4.0.6.tar.gz + f657b454af293e32275da3400cc7c67b 4369 libopenvas-4.0.6.diff.gz ++++++ openvas-libraries-4.0.5.tar.gz -> openvas-libraries-4.0.6.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-libraries-4.0.5/CHANGES new/openvas-libraries-4.0.6/CHANGES --- old/openvas-libraries-4.0.5/CHANGES 2011-06-01 15:38:37.000000000 +0200 +++ new/openvas-libraries-4.0.6/CHANGES 2011-11-03 09:30:08.000000000 +0100 @@ -1,3 +1,20 @@ +openvas-libraries 4.0.6 (2011-11-03) + +This is the sixth maintenance release of the openvas-libraries 4.0 module for +the Open Vulnerability Assessment System (OpenVAS). + +This release fixes a cache file management issue and addresses compiler warnings +discovered by Henri Doreau. + +Many thanks to everyone who has contributed this release: +Henri Doreau, Jan-Oliver Wagner and Michael Wiegand. + +Main changes compared to 4.0.5: +* A bug which caused outdated cache files to be used under rare circumstances + has been fixed. +* Compiler warnings from gcc 4.6 have been addressed. + + openvas-libraries 4.0.5 (2011-06-01) This is the fifth maintenance release of the openvas-libraries 4.0 module for diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-libraries-4.0.5/CMakeLists.txt new/openvas-libraries-4.0.6/CMakeLists.txt --- old/openvas-libraries-4.0.5/CMakeLists.txt 2011-06-01 15:38:38.000000000 +0200 +++ new/openvas-libraries-4.0.6/CMakeLists.txt 2011-11-03 09:30:08.000000000 +0100 @@ -81,7 +81,7 @@ set (CPACK_TOPLEVEL_TAG "") set (CPACK_PACKAGE_VERSION_MAJOR "4") set (CPACK_PACKAGE_VERSION_MINOR "0") -set (CPACK_PACKAGE_VERSION_PATCH "5${SVN_REVISION}") +set (CPACK_PACKAGE_VERSION_PATCH "6${SVN_REVISION}") set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}") set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-libraries-4.0.5/ChangeLog new/openvas-libraries-4.0.6/ChangeLog --- old/openvas-libraries-4.0.5/ChangeLog 2011-06-01 15:38:37.000000000 +0200 +++ new/openvas-libraries-4.0.6/ChangeLog 2011-11-03 09:30:08.000000000 +0100 @@ -1,6 +1,46 @@ +2011-11-03 Michael Wiegand <[email protected]> + + Preparing the openvas-libraries 4.0.6 release. + + * CHANGES: Updated. + + * ChangeLog: Fixed last entry. + +2011-07-24 Jan-Oliver Wagner <[email protected]> + + Backport of r11135 from trunk by Henri Doreau. + + * nasl/nasl_host.c (nasl_islocalhost, nasl_islocalnet), nasl/smb_crypt + (SMBencrypt_ntlmssp), nasl/nasl_packet_forgery.c (forge_tcp_packet, + nasl_tcp_ping), nasl/nasl_packet_forgery_v6.c (set_ipv6_elements, + forge_tcp_v6_packet, get_udp_v6_element), + nasl/nasl_builtin_openvas_tcp_scanner.c (banner_grab), + nasl/nasl_misc_funcs.c (nasl_make_array), nasl/nasl_builtin_synscan.c + (plugin_run_synscan), nasl/charcnv.c (convert_string_internal_ntlmssp): + fixed GCC 4.6 warnings concerning set but never used variables. + +2011-06-22 Michael Wiegand <[email protected]> + + Enforce that timestamps for newly cached files are identical with + those of the original NVTs. This prevents cache issues for rare cases + where the cache file was erroneously considered newer than an updated + NVT. Backport from trunk r11184. + + * base/nvti.c (nvti_to_keyfile): Set the timestamp of the cache file + to the timestamp of the original NVT. + + * base/nvticache.c (nvticache_get): Accept caches with the same + timestamp as the original file. + +2011-06-01 Michael Wiegand <[email protected]> + + Post release version bump. + + * CMakeLists.txt: Set version to 4.0.6. + 2011-06-01 Michael Wiegand <[email protected]> - Preparing the openvas-libraries 4.0.4 release. + Preparing the openvas-libraries 4.0.5 release. * CHANGES: Updated. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-libraries-4.0.5/base/nvti.c new/openvas-libraries-4.0.6/base/nvti.c --- old/openvas-libraries-4.0.5/base/nvti.c 2011-06-01 15:38:38.000000000 +0200 +++ new/openvas-libraries-4.0.6/base/nvti.c 2011-11-03 09:30:08.000000000 +0100 @@ -39,6 +39,8 @@ #include <stdio.h> #include <errno.h> #include <sys/stat.h> +#include <sys/types.h> +#include <utime.h> #include "nvti.h" @@ -1349,6 +1351,24 @@ fputs (text, fp); fclose (fp); + + /* Set timestamp of cache file to the timestamp of the original NVT, if + * possible */ + if (n->src) + { + struct stat src_stat; + if (stat (n->src, &src_stat) == 0) + { + struct utimbuf src_timestamp; + src_timestamp.actime = src_stat.st_atime; + src_timestamp.modtime = src_stat.st_mtime; + if (utime (fn, &src_timestamp) != 0) + fprintf (stderr, "utime(%s) : %s\n", fn, strerror (errno)); + } + else + fprintf (stderr, "stat(%s) : %s\n", n->src, strerror (errno)); + } + g_free (text); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-libraries-4.0.5/base/nvticache.c new/openvas-libraries-4.0.6/base/nvticache.c --- old/openvas-libraries-4.0.5/base/nvticache.c 2011-06-01 15:38:37.000000000 +0200 +++ new/openvas-libraries-4.0.6/base/nvticache.c 2011-11-03 09:30:08.000000000 +0100 @@ -108,7 +108,7 @@ if (src_file && cache_file && stat (src_file, &src_stat) >= 0 && stat (cache_file, &cache_stat) >= 0 - && (cache_stat.st_mtime > src_stat.st_mtime)) + && (cache_stat.st_mtime >= src_stat.st_mtime)) { n = nvti_from_keyfile (cache_file); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-libraries-4.0.5/nasl/charcnv.c new/openvas-libraries-4.0.6/nasl/charcnv.c --- old/openvas-libraries-4.0.5/nasl/charcnv.c 2011-06-01 15:38:37.000000000 +0200 +++ new/openvas-libraries-4.0.6/nasl/charcnv.c 2011-11-03 09:30:08.000000000 +0100 @@ -330,27 +330,26 @@ retval = smb_iconv_ntlmssp(descriptor, &inbuf, &i_len, &outbuf, &o_len); if(retval==(size_t)-1) { - const char *reason="unknown error"; switch(errno) { case EINVAL: - reason="Incomplete multibyte sequence"; + /* Incomplete multibyte sequence */ if (!conv_silent_ntlmssp) if (allow_bad_conv) goto use_as_is; return (size_t)-1; case E2BIG: - reason="No more room"; + /* No more room */ break; case EILSEQ: - reason="Illegal multibyte sequence"; + /* Illegal multibyte sequence */ if (allow_bad_conv) goto use_as_is; return (size_t)-1; default: + /* unknown error */ return (size_t)-1; } - /* printf(reason); */ } return destlen-o_len; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-libraries-4.0.5/nasl/nasl_builtin_openvas_tcp_scanner.c new/openvas-libraries-4.0.6/nasl/nasl_builtin_openvas_tcp_scanner.c --- old/openvas-libraries-4.0.5/nasl/nasl_builtin_openvas_tcp_scanner.c 2011-06-01 15:38:37.000000000 +0200 +++ new/openvas-libraries-4.0.6/nasl/nasl_builtin_openvas_tcp_scanner.c 2011-11-03 09:30:08.000000000 +0100 @@ -690,11 +690,16 @@ if (wait_sock_nb == 0) if (rtt_max[0] > 0 || ping_rtt > 0) { +#if DEBUG > 1 int y; +#endif if (rtt_max[0] > 0) - y = x = rtt_max[0]; + x = rtt_max[0]; else - y = x = ping_rtt; + x = ping_rtt; +#if DEBUG > 1 + y = x; +#endif if (doublecheck_flag) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-libraries-4.0.5/nasl/nasl_builtin_synscan.c new/openvas-libraries-4.0.6/nasl/nasl_builtin_synscan.c --- old/openvas-libraries-4.0.5/nasl/nasl_builtin_synscan.c 2011-06-01 15:38:37.000000000 +0200 +++ new/openvas-libraries-4.0.6/nasl/nasl_builtin_synscan.c 2011-11-03 09:30:08.000000000 +0100 @@ -927,7 +927,9 @@ struct in6_addr *dst6 = plug_get_host_ip (env); struct in_addr *dst; struct in_addr inaddr; +#ifdef DEBUG struct timeval tv; +#endif inaddr.s_addr = dst6->s6_addr32[3]; dst = &inaddr; @@ -944,14 +946,9 @@ rtt = htonl (1 << 28); #ifdef DEBUG - printf ("RTT = 0x%.8x\n", ntohl (rtt)); -#endif - - /** @TODO belongs to debug section? */ + printf ("RTT = 0x%.8x\n", ntohl (rtt)); tv = timeval (rtt); - -#ifdef DEBUG - printf ("That's %ld seconds and %ld usecs\n", tv.tv_sec, tv.tv_usec); + printf ("That's %ld seconds and %ld usecs\n", tv.tv_sec, tv.tv_usec); #endif struct arglist *hostinfos = arg_get_value (env, "HOSTNAME"); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-libraries-4.0.5/nasl/nasl_host.c new/openvas-libraries-4.0.6/nasl/nasl_host.c --- old/openvas-libraries-4.0.5/nasl/nasl_host.c 2011-06-01 15:38:37.000000000 +0200 +++ new/openvas-libraries-4.0.6/nasl/nasl_host.c 2011-11-03 09:30:08.000000000 +0100 @@ -155,11 +155,9 @@ struct arglist *script_infos = lexic->script_infos; struct in6_addr *dst = plug_get_host_ip (script_infos); tree_cell *retc; - struct in_addr inaddr; retc = alloc_tree_cell (0, NULL); retc->type = CONST_INT; - inaddr.s_addr = dst->s6_addr32[3]; retc->x.i_val = v6_islocalhost (dst); return retc; } @@ -171,11 +169,9 @@ struct arglist *script_infos = lexic->script_infos; struct in6_addr *ip = plug_get_host_ip (script_infos); tree_cell *retc; - struct in_addr inaddr; retc = alloc_tree_cell (0, NULL); retc->type = CONST_INT; - inaddr.s_addr = ip->s6_addr32[3]; retc->x.i_val = v6_is_local_ip (ip); return retc; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-libraries-4.0.5/nasl/nasl_misc_funcs.c new/openvas-libraries-4.0.6/nasl/nasl_misc_funcs.c --- old/openvas-libraries-4.0.5/nasl/nasl_misc_funcs.c 2011-06-01 15:38:37.000000000 +0200 +++ new/openvas-libraries-4.0.6/nasl/nasl_misc_funcs.c 2011-11-03 09:30:08.000000000 +0100 @@ -430,7 +430,7 @@ nasl_make_array (lex_ctxt * lexic) { tree_cell *retc = NULL; - int i, vi; + int vi; anon_nasl_var *v, *v2; nasl_array *a; @@ -439,7 +439,7 @@ retc->type = DYN_ARRAY; retc->x.ref_val = a = emalloc (sizeof (nasl_array)); - i = vi = 0; + vi = 0; while ((v = nasl_get_var_by_num (&lexic->ctx_vars, vi++, 0)) != NULL) { v2 = nasl_get_var_by_num (&lexic->ctx_vars, vi++, 0); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-libraries-4.0.5/nasl/nasl_packet_forgery.c new/openvas-libraries-4.0.6/nasl/nasl_packet_forgery.c --- old/openvas-libraries-4.0.5/nasl/nasl_packet_forgery.c 2011-06-01 15:38:37.000000000 +0200 +++ new/openvas-libraries-4.0.6/nasl/nasl_packet_forgery.c 2011-11-03 09:30:08.000000000 +0100 @@ -465,7 +465,6 @@ tree_cell *retc; char *data; int len; - u_char *pkt; struct ip *ip, *tcp_packet; struct tcphdr *tcp; int ipsz; @@ -492,7 +491,6 @@ retc->type = CONST_DATA; tcp_packet = (struct ip *) emalloc (ipsz + sizeof (struct tcphdr) + len); retc->x.str_val = (char *) tcp_packet; - pkt = (u_char *) tcp_packet; bcopy (ip, tcp_packet, ipsz); /* recompute the ip checksum, because the ip length changed */ @@ -1409,13 +1407,11 @@ { 139, 135, 445, 80, 22, 515, 23, 21, 6000, 1025, 25, 111, 1028, 9100, 1029, 79, 497, 548, 5000, 1917, 53, 161, 9001, 65535, 443, 113, 993, 8080, 0 }; int num_ports = 0; - struct in_addr *pinaddr; struct in_addr inaddr; if (dst == NULL || (IN6_IS_ADDR_V4MAPPED (dst) != 1)) return NULL; inaddr.s_addr = dst->s6_addr32[3]; - pinaddr = &inaddr; for (i = 0; i < sizeof (sports) / sizeof (int); i++) { if (sports[i] == 0) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-libraries-4.0.5/nasl/nasl_packet_forgery_v6.c new/openvas-libraries-4.0.6/nasl/nasl_packet_forgery_v6.c --- old/openvas-libraries-4.0.5/nasl/nasl_packet_forgery_v6.c 2011-06-01 15:38:37.000000000 +0200 +++ new/openvas-libraries-4.0.6/nasl/nasl_packet_forgery_v6.c 2011-11-03 09:30:08.000000000 +0100 @@ -292,9 +292,6 @@ tree_cell *retc = alloc_tree_cell (0, NULL); struct ip6_hdr *pkt; char *s; - int ver; - int tc; - int fl; if (o_pkt == NULL) { @@ -305,11 +302,6 @@ pkt = (struct ip6_hdr *) emalloc (size); bcopy (o_pkt, pkt, size); - ver = get_int_local_var_by_name (lexic, "ip6_v", (pkt->ip6_flow & 0x3ffff)); - tc = - get_int_local_var_by_name (lexic, "ip6_tc", (pkt->ip6_flow >> 20) & 0xff); - fl = get_int_local_var_by_name (lexic, "ip6_fl", pkt->ip6_flow >> 28); - pkt->ip6_plen = get_int_local_var_by_name (lexic, "ip6_plen", pkt->ip6_plen); pkt->ip6_nxt = get_int_local_var_by_name (lexic, "ip6_nxt", pkt->ip6_nxt); pkt->ip6_hlim = get_int_local_var_by_name (lexic, "ip6_hlim", pkt->ip6_hlim); @@ -476,7 +468,6 @@ tree_cell *retc; char *data; int len; - u_char *pkt; struct ip6_hdr *ip6, *tcp_packet; struct tcphdr *tcp; int ipsz; @@ -502,7 +493,6 @@ retc->type = CONST_DATA; tcp_packet = (struct ip6_hdr *) emalloc (ipsz + sizeof (struct tcphdr) + len); retc->x.str_val = (char *) tcp_packet; - pkt = (u_char *) tcp_packet; bcopy (ip6, tcp_packet, ipsz); /* Adjust length in ipv6 header */ @@ -949,7 +939,6 @@ tree_cell *retc; char *udp; char *element; - struct ip6_hdr *ip6; int ipsz; struct udphdr *udphdr; int ret; @@ -964,7 +953,6 @@ printf ("element = get_udp_v6_element(udp:<udp>,element:<element>\n"); return NULL; } - ip6 = (struct ip6_hdr *) udp; if (40 + sizeof (struct udphdr) > ipsz) return NULL; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-libraries-4.0.5/nasl/smb_crypt.c new/openvas-libraries-4.0.6/nasl/smb_crypt.c --- old/openvas-libraries-4.0.5/nasl/smb_crypt.c 2011-06-01 15:38:37.000000000 +0200 +++ new/openvas-libraries-4.0.6/nasl/smb_crypt.c 2011-11-03 09:30:08.000000000 +0100 @@ -455,10 +455,9 @@ void SMBencrypt_ntlmssp(const char *passwd, const uchar *c8, uchar p24[24]) { - bool ret; uchar lm_hash[16]; - ret = E_deshash_ntlmssp(passwd, lm_hash); + E_deshash_ntlmssp(passwd, lm_hash); SMBencrypt_hash_ntlmssp(lm_hash, c8, p24); } -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
