OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 04-Mar-2003 10:41:28
Branch: OPENPKG_1_STABLE Handle: 2003030409412700
Added files: (Branch: OPENPKG_1_STABLE)
openpkg-src/tcpdump tcpdump.patch
Modified files: (Branch: OPENPKG_1_STABLE)
openpkg-src/tcpdump tcpdump.spec
Log:
apply security patch (see OpenPKG-SA-2003.014-tcpdump); merge in
OpenSSL DES fixes
Summary:
Revision Changes Path
1.1.6.1 +242 -0 openpkg-src/tcpdump/tcpdump.patch
1.25.2.2 +7 -4 openpkg-src/tcpdump/tcpdump.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/tcpdump/tcpdump.patch
============================================================================
$ cvs diff -u -r0 -r1.1.6.1 tcpdump.patch
--- /dev/null 2003-03-04 10:41:27.000000000 +0100
+++ tcpdump.patch 2003-03-04 10:41:28.000000000 +0100
@@ -0,0 +1,242 @@
+--- print-bgp.c Thu Oct 18 11:52:17 2001
++++ print-bgp.c Tue Mar 4 10:33:39 2003
+@@ -469,11 +469,19 @@
+ switch (af) {
+ case AFNUM_INET:
+ advance = decode_prefix4(p, buf, sizeof(buf));
++ if (advance < 0) {
++ p = dat + len;
++ break;
++ }
+ printf(" %s", buf);
+ break;
+ #ifdef INET6
+ case AFNUM_INET6:
+ advance = decode_prefix6(p, buf, sizeof(buf));
++ if (advance < 0) {
++ p = dat + len;
++ break;
++ }
+ printf(" %s", buf);
+ break;
+ #endif
+@@ -505,11 +513,19 @@
+ switch (af) {
+ case AFNUM_INET:
+ advance = decode_prefix4(p, buf, sizeof(buf));
++ if (advance < 0) {
++ p = dat + len;
++ break;
++ }
+ printf(" %s", buf);
+ break;
+ #ifdef INET6
+ case AFNUM_INET6:
+ advance = decode_prefix6(p, buf, sizeof(buf));
++ if (advance < 0) {
++ p = dat + len;
++ break;
++ }
+ printf(" %s", buf);
+ break;
+ #endif
+@@ -598,6 +614,7 @@
+ printf(" (Withdrawn routes: %d bytes)", len);
+ #else
+ char buf[MAXHOSTNAMELEN + 100];
++ int wpfx;
+
+ TCHECK2(p[2], len);
+ i = 2;
+@@ -605,7 +622,10 @@
+ printf(" (Withdrawn routes:");
+
+ while(i < 2 + len) {
+- i += decode_prefix4(&p[i], buf, sizeof(buf));
++ wpfx = decode_prefix4(&p[i], buf, sizeof(buf));
++ if (wpfx < 0)
++ break;
++ i += wpfx;
+ printf(" %s", buf);
+ }
+ printf(")\n");
+@@ -666,9 +686,9 @@
+ while (dat + length > p) {
+ char buf[MAXHOSTNAMELEN + 100];
+ i = decode_prefix4(p, buf, sizeof(buf));
+- printf(" %s", buf);
+ if (i < 0)
+ break;
++ printf(" %s", buf);
+ p += i;
+ }
+
+--- print-isakmp.c Fri Oct 26 05:41:29 2001
++++ print-isakmp.c Tue Mar 4 10:33:39 2003
+@@ -1028,6 +1028,7 @@
+ {
+ u_char *cp;
+ struct isakmp_gen e;
++ u_int item_len;
+
+ cp = (u_char *)ext;
+ safememcpy(&e, ext, sizeof(e));
+@@ -1036,7 +1037,16 @@
+ cp = (*NPFUNC(np))(ext, ep, phase, doi, proto);
+ else {
+ printf("%s", NPSTR(np));
+- cp += ntohs(e.len);
++ item_len = ntohs(e.len);
++ if (item_len == 0) {
++ /*
++ * We don't want to loop forever processing this
++ * bogus (zero-length) item; return NULL so that
++ * we stop dissecting.
++ */
++ cp = NULL;
++ } else
++ cp += item_len;
+ }
+ return cp;
+ }
+@@ -1068,6 +1078,11 @@
+ cp = isakmp_sub0_print(np, ext, ep, phase, doi, proto);
+ printf(")");
+ depth--;
++
++ if (cp == NULL) {
++ /* Zero-length subitem */
++ return NULL;
++ }
+
+ np = e.np;
+ ext = (struct isakmp_gen *)cp;
+--- print-nfs.c Sun Jul 8 10:01:43 2001
++++ print-nfs.c Tue Mar 4 10:33:39 2003
+@@ -716,10 +716,16 @@
+
+ case NFSPROC_FSINFO:
+ printf(" fsinfo");
++ if ((dp = parsereq(rp, length)) != NULL &&
++ parsefh(dp, v3) != NULL)
++ return;
+ break;
+
+ case NFSPROC_PATHCONF:
+ printf(" pathconf");
++ if ((dp = parsereq(rp, length)) != NULL &&
++ parsefh(dp, v3) != NULL)
++ return;
+ break;
+
+ case NFSPROC_COMMIT:
+@@ -1027,7 +1033,6 @@
+ printf(" ERROR: %s",
+ tok2str(status2str, "unk %d", errnum));
+ nfserr = 1;
+- return (NULL);
+ }
+ return (dp + 1);
+ trunc:
+@@ -1109,8 +1114,10 @@
+ int er;
+
+ dp = parsestatus(dp, &er);
+- if (dp == NULL || er)
++ if (dp == NULL)
+ return (0);
++ if (er)
++ return (1);
+
+ return (parsefattr(dp, verbose, v3) != NULL);
+ }
+@@ -1120,8 +1127,10 @@
+ {
+ int er;
+
+- if (!(dp = parsestatus(dp, &er)) || er)
++ if (!(dp = parsestatus(dp, &er)))
+ return (0);
++ if (er)
++ return (1);
+
+ dp = parsefh(dp, 0);
+ if (dp == NULL)
+@@ -1136,8 +1145,10 @@
+ int er;
+
+ dp = parsestatus(dp, &er);
+- if (dp == NULL || er)
++ if (dp == NULL)
+ return(0);
++ if (er)
++ return(1);
+ if (v3 && !(dp = parse_post_op_attr(dp, vflag)))
+ return (0);
+ putchar(' ');
+@@ -1151,8 +1162,10 @@
+ int er;
+
+ dp = parsestatus(dp, &er);
+- if (dp == NULL || (!v3 && er))
++ if (dp == NULL)
+ return (0);
++ if (!v3 && er)
++ return (1);
+
+ if (qflag)
+ return(1);
+@@ -1164,7 +1177,7 @@
+ return (0);
+ }
+
+- TCHECK2(dp, (v3 ? NFSX_V3STATFS : NFSX_V2STATFS));
++ TCHECK2(*dp, (v3 ? NFSX_V3STATFS : NFSX_V2STATFS));
+
+ sfsp = (const struct nfs_statfs *)dp;
+
+@@ -1205,8 +1218,10 @@
+ int er;
+
+ dp = parsestatus(dp, &er);
+- if (dp == NULL || er)
++ if (dp == NULL)
+ return (0);
++ if (er)
++ return (1);
+ if (qflag)
+ return (1);
+
+@@ -1242,7 +1257,7 @@
+ if (!ntohl(dp[0]))
+ return (dp + 1);
+ dp++;
+- TCHECK2(dp, 24);
++ TCHECK2(*dp, 24);
+ if (verbose > 1) {
+ return parse_wcc_attr(dp);
+ } else {
+@@ -1379,9 +1394,9 @@
+ (u_int32_t) ntohl(sfp->fs_timedelta.nfsv3_sec),
+ (u_int32_t) ntohl(sfp->fs_timedelta.nfsv3_nsec));
+ }
+- return (0);
+-trunc:
+ return (1);
++trunc:
++ return (0);
+ }
+
+ static int
+@@ -1409,9 +1424,9 @@
+ ntohl(spp->pc_chownrestricted) ? "chownres" : "",
+ ntohl(spp->pc_caseinsensitive) ? "igncase" : "",
+ ntohl(spp->pc_casepreserving) ? "keepcase" : "");
+- return (0);
+-trunc:
+ return (1);
++trunc:
++ return (0);
+ }
+
+ static void
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/tcpdump/tcpdump.spec
============================================================================
$ cvs diff -u -r1.25.2.1 -r1.25.2.2 tcpdump.spec
--- openpkg-src/tcpdump/tcpdump.spec 18 Jan 2003 14:14:58 -0000 1.25.2.1
+++ openpkg-src/tcpdump/tcpdump.spec 4 Mar 2003 09:41:27 -0000 1.25.2.2
@@ -33,10 +33,11 @@
Group: Network
License: GPL
Version: 3.7.1
-Release: 1.20020822
+Release: 1.20030304
# list of sources
Source0: http://www.tcpdump.org/release/tcpdump-%{version}.tar.gz
+Patch0: tcpdump.patch
# build information
Prefix: %{l_prefix}
@@ -51,12 +52,14 @@
%prep
%setup -q
+ %patch -p0
%build
+ %{l_shtool} subst -e 's;des_;DES_;g' configure
CC="%{l_cc}" \
- CFLAGS="%{l_cflags -O} -I%{l_prefix}/include -I%{l_prefix}/include/openssl" \
- CPPFLAGS="-I%{l_prefix}/include -I%{l_prefix}/include/openssl" \
- LDFLAGS="-L%{l_prefix}/lib" \
+ CFLAGS="%{l_cflags -O} %{l_cppflags openssl}
-DOPENSSL_DES_LIBDES_COMPATIBILITY" \
+ CPPFLAGS="%{l_cppflags openssl}" \
+ LDFLAGS="%{l_ldflags}" \
./configure \
--prefix=%{l_prefix}
%{l_shtool} subst -e 's;-I/usr/include;;' -e 's;-L/usr/lib;;' Makefile
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
