OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 19-May-2004 22:04:14
Branch: OPENPKG_1_3_SOLID Handle: 2004051921041300
Modified files: (Branch: OPENPKG_1_3_SOLID)
openpkg-src/neon neon.patch neon.spec
Log:
apply security fix (OpenPKG-SA-2004.024-neon, CAN-2004-0398)
Summary:
Revision Changes Path
1.1.2.2.2.2 +47 -0 openpkg-src/neon/neon.patch
1.27.2.3.2.3+1 -1 openpkg-src/neon/neon.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/neon/neon.patch
============================================================================
$ cvs diff -u -r1.1.2.2.2.1 -r1.1.2.2.2.2 neon.patch
--- openpkg-src/neon/neon.patch 16 Apr 2004 14:08:29 -0000 1.1.2.2.2.1
+++ openpkg-src/neon/neon.patch 19 May 2004 20:04:13 -0000 1.1.2.2.2.2
@@ -1,3 +1,5 @@
+Security Fix
+
diff -Nau src/ne_207.c.orig src/ne_207.c
--- src/ne_207.c.orig 2003-04-21 19:18:06.000000000 +0200
+++ src/ne_207.c 2004-04-16 14:36:07.000000000 +0200
@@ -140,3 +142,48 @@
T(NULL)
};
+
+-----------------------------------------------------------------------------
+
+Security Fix
+OpenPKG-SA-2004.024-neon, CAN-2004-0398
+
+Index: src/ne_dates.c
+--- src/ne_dates.c 2 May 2004 16:00:35 -0000 1.28.2.1
++++ src/ne_dates.c 2 May 2004 18:21:53 -0000
+@@ -47,7 +47,7 @@
+ /* RFC1123: Sun, 06 Nov 1994 08:49:37 GMT */
+ #define RFC1123_FORMAT "%3s, %02d %3s %4d %02d:%02d:%02d GMT"
+ /* RFC850: Sunday, 06-Nov-94 08:49:37 GMT */
+-#define RFC1036_FORMAT "%s %2d-%3s-%2d %2d:%2d:%2d GMT"
++#define RFC1036_FORMAT "%10s %2d-%3s-%2d %2d:%2d:%2d GMT"
+ /* asctime: Wed Jun 30 21:49:08 1993 */
+ #define ASCTIME_FORMAT "%3s %3s %2d %2d:%2d:%2d %4d"
+
+@@ -133,7 +133,7 @@
+ time_t ne_rfc1123_parse(const char *date)
+ {
+ struct tm gmt = {0};
+- static char wkday[4], mon[4];
++ char wkday[4], mon[4];
+ int n;
+ /* it goes: Sun, 06 Nov 1994 08:49:37 GMT */
+ n = sscanf(date, RFC1123_FORMAT,
+@@ -156,7 +156,7 @@
+ {
+ struct tm gmt = {0};
+ int n;
+- static char wkday[10], mon[4];
++ char wkday[11], mon[4];
+ /* RFC850/1036 style dates: Sunday, 06-Nov-94 08:49:37 GMT */
+ n = sscanf(date, RFC1036_FORMAT,
+ wkday, &gmt.tm_mday, mon, &gmt.tm_year,
+@@ -189,7 +189,7 @@
+ {
+ struct tm gmt = {0};
+ int n;
+- static char wkday[4], mon[4];
++ char wkday[4], mon[4];
+ n = sscanf(date, ASCTIME_FORMAT,
+ wkday, mon, &gmt.tm_mday,
+ &gmt.tm_hour, &gmt.tm_min, &gmt.tm_sec,
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/neon/neon.spec
============================================================================
$ cvs diff -u -r1.27.2.3.2.2 -r1.27.2.3.2.3 neon.spec
--- openpkg-src/neon/neon.spec 16 Apr 2004 14:08:29 -0000 1.27.2.3.2.2
+++ openpkg-src/neon/neon.spec 19 May 2004 20:04:13 -0000 1.27.2.3.2.3
@@ -33,7 +33,7 @@
Group: Web
License: LGPL
Version: 0.24.0
-Release: 1.3.1
+Release: 1.3.2
# list of sources
Source0: http://www.webdav.org/neon/neon-%{version}.tar.gz
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
