diff options
author | Michael Sterrett <mr_bones_@gentoo.org> | 2009-10-09 20:53:47 +0000 |
---|---|---|
committer | Michael Sterrett <mr_bones_@gentoo.org> | 2009-10-09 20:53:47 +0000 |
commit | 6fb6c2e559f547bd2b7dc4c9586a4fef7bfb9b76 (patch) | |
tree | 40852f5449f0bf345406ac91ecbad019266c4081 /games-strategy | |
parent | arm stable, bug #282290 (diff) | |
download | gentoo-2-6fb6c2e559f547bd2b7dc4c9586a4fef7bfb9b76.tar.gz gentoo-2-6fb6c2e559f547bd2b7dc4c9586a4fef7bfb9b76.tar.bz2 gentoo-2-6fb6c2e559f547bd2b7dc4c9586a4fef7bfb9b76.zip |
rev bump to get patch to fix Server DoS (bug #288295)
(Portage version: 2.1.6.13/cvs/Linux i686)
Diffstat (limited to 'games-strategy')
-rw-r--r-- | games-strategy/dopewars/ChangeLog | 10 | ||||
-rw-r--r-- | games-strategy/dopewars/dopewars-1.5.12-r2.ebuild | 69 | ||||
-rw-r--r-- | games-strategy/dopewars/files/dopewars-1.5.12-CVE-2009-3591.patch | 20 |
3 files changed, 97 insertions, 2 deletions
diff --git a/games-strategy/dopewars/ChangeLog b/games-strategy/dopewars/ChangeLog index 6d2cfa203cd0..abb22f971c15 100644 --- a/games-strategy/dopewars/ChangeLog +++ b/games-strategy/dopewars/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for games-strategy/dopewars -# Copyright 2002-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/games-strategy/dopewars/ChangeLog,v 1.21 2009/06/02 17:17:10 mr_bones_ Exp $ +# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/games-strategy/dopewars/ChangeLog,v 1.22 2009/10/09 20:53:46 mr_bones_ Exp $ + +*dopewars-1.5.12-r2 (09 Oct 2009) + + 09 Oct 2009; Michael Sterrett <mr_bones_@gentoo.org> + +dopewars-1.5.12-r2.ebuild, +files/dopewars-1.5.12-CVE-2009-3591.patch: + rev bump to get patch to fix Server DoS (bug #288295) 02 Jun 2009; Michael Sterrett <mr_bones_@gentoo.org> dopewars-1.5.12-r1.ebuild: diff --git a/games-strategy/dopewars/dopewars-1.5.12-r2.ebuild b/games-strategy/dopewars/dopewars-1.5.12-r2.ebuild new file mode 100644 index 000000000000..2a9d7369719b --- /dev/null +++ b/games-strategy/dopewars/dopewars-1.5.12-r2.ebuild @@ -0,0 +1,69 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/games-strategy/dopewars/dopewars-1.5.12-r2.ebuild,v 1.1 2009/10/09 20:53:46 mr_bones_ Exp $ + +EAPI=2 +inherit games + +DESCRIPTION="Re-Write of the game Drug Wars" +HOMEPAGE="http://dopewars.sourceforge.net/" +SRC_URI="mirror://sourceforge/dopewars/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~x86" +IUSE="nls ncurses gtk gnome sdl" + +RDEPEND="ncurses? ( >=sys-libs/ncurses-5.2 ) + gtk? ( x11-libs/gtk+:2 ) + dev-libs/glib + nls? ( virtual/libintl ) + sdl? ( + media-libs/libsdl + media-libs/sdl-mixer + )" +DEPEND="${RDEPEND} + dev-util/pkgconfig + nls? ( sys-devel/gettext )" + +src_prepare() { + epatch "${FILESDIR}"/${P}-CVE-2009-3591.patch + sed -i \ + -e "/priv_hiscore/ s:DPDATADIR:\"${GAMES_STATEDIR}\":" \ + -e "/\/doc\// s:DPDATADIR:\"/usr/share\":" \ + -e 's:index.html:html/index.html:' \ + src/dopewars.c \ + || die "sed failed" +} + +src_configure() { + local myservconf + + if ! use gtk ; then + myservconf="--disable-gui-client --disable-gui-server --disable-glibtest --disable-gtktest" + fi + + egamesconf \ + --disable-dependency-tracking \ + $(use_enable ncurses curses-client) \ + $(use_enable nls) \ + $(use_with sdl) \ + --without-esd \ + --enable-networking \ + --enable-plugins \ + ${myservconf} +} + +src_install() { + emake DESTDIR="${D}" install || die "emake install failed" + dodoc AUTHORS ChangeLog NEWS README TODO + + dodir /usr/share + cd "${D}/${GAMES_DATADIR}" + use gnome && mv gnome "${D}/usr/share" || rm -rf gnome + mv pixmaps "${D}/usr/share" + dohtml -r doc/*/* + rm -rf doc + + prepgamesdirs +} diff --git a/games-strategy/dopewars/files/dopewars-1.5.12-CVE-2009-3591.patch b/games-strategy/dopewars/files/dopewars-1.5.12-CVE-2009-3591.patch new file mode 100644 index 000000000000..d657bf8744f1 --- /dev/null +++ b/games-strategy/dopewars/files/dopewars-1.5.12-CVE-2009-3591.patch @@ -0,0 +1,20 @@ +Patch for CVE-2009-3591 -- bug 288295. + +Fetched from upstream SVN: +http://dopewars.svn.sourceforge.net/viewvc/dopewars/dopewars/trunk/src/serverside.c?r1=1033&r2=1032&pathrev=1033 + +--- dopewars/trunk/src/serverside.c 2009/03/10 07:18:49 1032 ++++ dopewars/trunk/src/serverside.c 2009/10/05 04:11:32 1033 +@@ -504,6 +504,12 @@ + break; + case C_REQUESTJET: + i = atoi(Data); ++ /* Make sure value is within range */ ++ if (i < 0 || i >= NumLocation) { ++ dopelog(3, LF_SERVER, _("%s: DENIED jet to invalid location %s"), ++ GetPlayerName(Play), Data); ++ break; ++ } + if (Play->EventNum == E_FIGHT || Play->EventNum == E_FIGHTASK) { + if (CanRunHere(Play)) { + break; |