OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Thomas Lotterer
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src openpkg-web Date: 05-Mar-2003 13:10:29
Branch: OPENPKG_1_2_SOLID HEAD Handle: 2003030512102502
Modified files:
openpkg-web news.txt
Modified files: (Branch: OPENPKG_1_2_SOLID)
openpkg-src/ethereal ethereal.patch ethereal.spec
Log:
MFS: CAN-2003-0081
Summary:
Revision Changes Path
1.1.4.1 +17 -0 openpkg-src/ethereal/ethereal.patch
1.11.2.1.2.2+2 -2 openpkg-src/ethereal/ethereal.spec
1.3546 +1 -0 openpkg-web/news.txt
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/ethereal/ethereal.patch
============================================================================
$ cvs diff -u -r1.1 -r1.1.4.1 ethereal.patch
--- openpkg-src/ethereal/ethereal.patch 30 Sep 2002 07:06:31 -0000 1.1
+++ openpkg-src/ethereal/ethereal.patch 5 Mar 2003 12:10:27 -0000 1.1.4.1
@@ -8,3 +8,20 @@
#ifdef HAVE_IO_H
#include <io.h> /* open/close on win32 */
+# This is a security patch for ethereal vendor release-0-9-9; it fits for
release-0-9-8 and release-0-9-7, too
+# It will be included in future vendor releases and must be removed from here
accordingly
+# http://www.ethereal.com/cgi-bin/viewcvs.cgi/ethereal/packet-socks.c
+#
http://www.ethereal.com/cgi-bin/viewcvs.cgi/ethereal/packet-socks.c.diff?r1=text&tr1=1.43&r2=text&tr2=1.44&diff_format=u
+# http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0081
+#
+--- packet-socks.c.orig Wed Mar 5 11:41:01 2003
++++ packet-socks.c Wed Mar 5 11:46:52 2003
+@@ -908,7 +908,7 @@
+ linelen = lineend - data;
+
+ proto_tree_add_text( tree, tvb, offset,
linelen,
+- format_text(data, linelen));
++ "%s", format_text(data, linelen));
+ offset += linelen;
+ data = lineend;
+ }
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/ethereal/ethereal.spec
============================================================================
$ cvs diff -u -r1.11.2.1.2.1 -r1.11.2.1.2.2 ethereal.spec
--- openpkg-src/ethereal/ethereal.spec 18 Jan 2003 17:19:33 -0000
1.11.2.1.2.1
+++ openpkg-src/ethereal/ethereal.spec 5 Mar 2003 12:10:27 -0000
1.11.2.1.2.2
@@ -9,7 +9,7 @@
## the above copyright notice and this permission notice appear in all
## copies.
##
-## THIS SOFTWARE IS PROVIDED AS IS'' AND ANY EXPRESSED OR IMPLIED
+## THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
## WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
## MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
## IN NO EVENT SHALL THE AUTHORS AND COPYRIGHT HOLDERS AND THEIR
@@ -33,7 +33,7 @@
Group: Misc
License: GPL
Version: 0.9.8
-Release: 1.2.0
+Release: 1.2.1
# package options
%option with_zlib no
@@ .
patch -p0 <<'@@ .'
Index: openpkg-web/news.txt
============================================================================
$ cvs diff -u -r1.3545 -r1.3546 news.txt
--- openpkg-web/news.txt 5 Mar 2003 11:29:00 -0000 1.3545
+++ openpkg-web/news.txt 5 Mar 2003 12:10:25 -0000 1.3546
@@ -1,3 +1,4 @@
+05-Mar-2003: Upgraded package: P<ethereal-0.9.8-1.2.1>
05-Mar-2003: Upgraded package: P<ethereal-0.9.9-20030305>
05-Mar-2003: Upgraded package: P<postfix-2.0.5-20030305>
05-Mar-2003: Upgraded package: P<proftpd-1.2.8-20030305>
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
