Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=85031604d5836e1f19fdc6107590ce611a8096af
commit 85031604d5836e1f19fdc6107590ce611a8096af Author: Miklos Vajna <[EMAIL PROTECTED]> Date: Thu May 22 13:55:28 2008 +0200 net-snmp-5.4.1-4-i686 - added CVE-2008-2292.patch - closes #3092 diff --git a/source/network-extra/net-snmp/CVE-2008-2292.patch b/source/network-extra/net-snmp/CVE-2008-2292.patch new file mode 100644 index 0000000..2295f11 --- /dev/null +++ b/source/network-extra/net-snmp/CVE-2008-2292.patch @@ -0,0 +1,101 @@ +--- net-snmp/perl/SNMP/SNMP.xs 2007/12/20 16:26:01 16765 ++++ net-snmp/perl/SNMP/SNMP.xs 2007/12/22 19:22:44 16770 +@@ -470,14 +470,16 @@ + if (flag == USE_ENUMS) { + for(ep = tp->enums; ep; ep = ep->next) { + if (ep->value == *var->val.integer) { +- strcpy(buf, ep->label); ++ strncpy(buf, ep->label, buf_len); ++ buf[buf_len-1] = '\0'; + len = strlen(buf); + break; + } + } + } + if (!len) { +- sprintf(buf,"%ld", *var->val.integer); ++ snprintf(buf, buf_len, "%ld", *var->val.integer); ++ buf[buf_len-1] = '\0'; + len = strlen(buf); + } + break; +@@ -486,21 +488,25 @@ + case ASN_COUNTER: + case ASN_TIMETICKS: + case ASN_UINTEGER: +- sprintf(buf,"%lu", (unsigned long) *var->val.integer); ++ snprintf(buf, buf_len, "%lu", (unsigned long) *var->val.integer); ++ buf[buf_len-1] = '\0'; + len = strlen(buf); + break; + + case ASN_OCTET_STR: + case ASN_OPAQUE: +- memcpy(buf, (char*)var->val.string, var->val_len); + len = var->val_len; ++ if ( len > buf_len ) ++ len = buf_len; ++ memcpy(buf, (char*)var->val.string, len); + break; + + case ASN_IPADDRESS: +- ip = (u_char*)var->val.string; +- sprintf(buf, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]); +- len = strlen(buf); +- break; ++ ip = (u_char*)var->val.string; ++ snprintf(buf, buf_len, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]); ++ buf[buf_len-1] = '\0'; ++ len = strlen(buf); ++ break; + + case ASN_NULL: + break; +@@ -512,14 +518,14 @@ + break; + + case SNMP_ENDOFMIBVIEW: +- sprintf(buf,"%s", "ENDOFMIBVIEW"); +- break; ++ snprintf(buf, buf_len, "%s", "ENDOFMIBVIEW"); ++ break; + case SNMP_NOSUCHOBJECT: +- sprintf(buf,"%s", "NOSUCHOBJECT"); +- break; ++ snprintf(buf, buf_len, "%s", "NOSUCHOBJECT"); ++ break; + case SNMP_NOSUCHINSTANCE: +- sprintf(buf,"%s", "NOSUCHINSTANCE"); +- break; ++ snprintf(buf, buf_len, "%s", "NOSUCHINSTANCE"); ++ break; + + case ASN_COUNTER64: + #ifdef NETSNMP_WITH_OPAQUE_SPECIAL_TYPES +@@ -538,19 +544,19 @@ + #endif + + case ASN_BIT_STR: +- snprint_bitstring(buf, sizeof(buf), var, NULL, NULL, NULL); ++ snprint_bitstring(buf, buf_len, var, NULL, NULL, NULL); + len = strlen(buf); + break; + #ifdef NETSNMP_WITH_OPAQUE_SPECIAL_TYPES + case ASN_OPAQUE_FLOAT: +- if (var->val.floatVal) +- sprintf(buf,"%f", *var->val.floatVal); +- break; ++ if (var->val.floatVal) ++ snprintf(buf, buf_len, "%f", *var->val.floatVal); ++ break; + + case ASN_OPAQUE_DOUBLE: +- if (var->val.doubleVal) +- sprintf(buf,"%f", *var->val.doubleVal); +- break; ++ if (var->val.doubleVal) ++ snprintf(buf, buf_len, "%f", *var->val.doubleVal); ++ break; + #endif + + case ASN_NSAP: diff --git a/source/network-extra/net-snmp/FrugalBuild b/source/network-extra/net-snmp/FrugalBuild index 56cb130..62421d3 100644 --- a/source/network-extra/net-snmp/FrugalBuild +++ b/source/network-extra/net-snmp/FrugalBuild @@ -4,7 +4,7 @@ pkgname=net-snmp pkgver=5.4.1 -pkgrel=3 +pkgrel=4 pkgdesc="A suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6" url="http://www.net-snmp.org/" depends=('openssl' 'perl>=5.10.0') @@ -12,7 +12,10 @@ groups=('network-extra') archs=('i686' 'x86_64') Finclude sourceforge up2date="lynx -dump http://www.net-snmp.org/download.html |grep Supported -A 2 |sed -ne 's/.*\([0-9].[0-9].[0-9]\).*/\1/;$ p'" -source=([EMAIL PROTECTED] rc.snmpd) +source=([EMAIL PROTECTED] CVE-2008-2292.patch rc.snmpd) +sha1sums=('ac5ba033c10d53d3057415121f8c4936c643c208' \ + '7f7f770fcebdeb8bb19515937895c9c545cc0609' \ + 'df7a817499d12c53e9d2809f68c24fea9d3307b0') build() { unset MAKEFLAGS @@ -22,7 +25,5 @@ build() { --with-logfile="/var/log/snmpd.log" --with-persistent-directory="/var/net-snmp" Frcd2 snmpd } -sha1sums=('ac5ba033c10d53d3057415121f8c4936c643c208' \ - 'df7a817499d12c53e9d2809f68c24fea9d3307b0') # optimization OK _______________________________________________ Frugalware-git mailing list Frugalware-git@frugalware.org http://frugalware.org/mailman/listinfo/frugalware-git