OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Thomas Lotterer
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src openpkg-web Date: 05-Mar-2003 12:29:03
Branch: HEAD Handle: 2003030511290002
Modified files:
openpkg-src/ethereal ethereal.patch ethereal.spec
openpkg-web news.txt
Log:
CAN-2003-0081
Summary:
Revision Changes Path
1.2 +17 -0 openpkg-src/ethereal/ethereal.patch
1.14 +1 -1 openpkg-src/ethereal/ethereal.spec
1.3545 +1 -0 openpkg-web/news.txt
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/ethereal/ethereal.patch
============================================================================
$ cvs diff -u -r1.1 -r1.2 ethereal.patch
--- openpkg-src/ethereal/ethereal.patch 30 Sep 2002 07:06:31 -0000 1.1
+++ openpkg-src/ethereal/ethereal.patch 5 Mar 2003 11:29:02 -0000 1.2
@@ -8,3 +8,20 @@
#ifdef HAVE_IO_H
#include <io.h> /* open/close on win32 */
+# This is a security patch for ethereal vendor release-0-9-9
+# It will be included in future vendor releases and must be removed from here
accordingly
+# http://www.ethereal.com/cgi-bin/viewcvs.cgi/ethereal/packet-socks.c
+#
http://www.ethereal.com/cgi-bin/viewcvs.cgi/ethereal/packet-socks.c.diff?r1=text&tr1=1.43&r2=text&tr2=1.44&diff_format=u
+# http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0081
+#
+--- packet-socks.c.orig Wed Mar 5 11:41:01 2003
++++ packet-socks.c Wed Mar 5 11:46:52 2003
+@@ -908,7 +908,7 @@
+ linelen = lineend - data;
+
+ proto_tree_add_text( tree, tvb, offset,
linelen,
+- format_text(data, linelen));
++ "%s", format_text(data, linelen));
+ offset += linelen;
+ data = lineend;
+ }
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/ethereal/ethereal.spec
============================================================================
$ cvs diff -u -r1.13 -r1.14 ethereal.spec
--- openpkg-src/ethereal/ethereal.spec 31 Jan 2003 12:25:50 -0000 1.13
+++ openpkg-src/ethereal/ethereal.spec 5 Mar 2003 11:29:02 -0000 1.14
@@ -33,7 +33,7 @@
Group: Misc
License: GPL
Version: 0.9.9
-Release: 20030124
+Release: 20030305
# package options
%option with_zlib no
@@ .
patch -p0 <<'@@ .'
Index: openpkg-web/news.txt
============================================================================
$ cvs diff -u -r1.3544 -r1.3545 news.txt
--- openpkg-web/news.txt 5 Mar 2003 09:36:46 -0000 1.3544
+++ openpkg-web/news.txt 5 Mar 2003 11:29:00 -0000 1.3545
@@ -1,3 +1,4 @@
+05-Mar-2003: Upgraded package: P<ethereal-0.9.9-20030305>
05-Mar-2003: Upgraded package: P<postfix-2.0.5-20030305>
05-Mar-2003: Upgraded package: P<proftpd-1.2.8-20030305>
05-Mar-2003: Upgraded package: P<linkchecker-1.8.9-20030305>
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
