From 925c22ecea300470c33774f36724b3e92d9e2c01 Mon Sep 17 00:00:00 2001 From: Alex Legler Date: Thu, 9 Sep 2010 14:52:43 +0000 Subject: Revbump to fix CVE-2010-3071 (remote DoS), bug 336321. Package-Manager: portage-2.2_rc67/cvs/Linux x86_64 --- net-irc/bip/ChangeLog | 8 +++- net-irc/bip/Manifest | 10 +++-- net-irc/bip/bip-0.8.5-r1.ebuild | 69 +++++++++++++++++++++++++++++++ net-irc/bip/files/bip-CVE-2010-3071.patch | 43 +++++++++++++++++++ 4 files changed, 125 insertions(+), 5 deletions(-) create mode 100644 net-irc/bip/bip-0.8.5-r1.ebuild create mode 100644 net-irc/bip/files/bip-CVE-2010-3071.patch (limited to 'net-irc/bip') diff --git a/net-irc/bip/ChangeLog b/net-irc/bip/ChangeLog index 4092eeaa32d5..c07a393f338a 100644 --- a/net-irc/bip/ChangeLog +++ b/net-irc/bip/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-irc/bip # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-irc/bip/ChangeLog,v 1.15 2010/08/07 16:41:44 a3li Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-irc/bip/ChangeLog,v 1.16 2010/09/09 14:52:42 a3li Exp $ + +*bip-0.8.5-r1 (09 Sep 2010) + + 09 Sep 2010; Alex Legler +bip-0.8.5-r1.ebuild, + +files/bip-CVE-2010-3071.patch: + Revbump to fix CVE-2010-3071 (remote DoS), bug 336321. 07 Aug 2010; Alex Legler bip-0.8.5.ebuild, +files/bip-configure.patch: diff --git a/net-irc/bip/Manifest b/net-irc/bip/Manifest index 355d0221e1d8..477041a13b8f 100644 --- a/net-irc/bip/Manifest +++ b/net-irc/bip/Manifest @@ -1,19 +1,21 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 +AUX bip-CVE-2010-3071.patch 1388 RMD160 4c9a853437c91503b90ad83663f17b58fa058fcf SHA1 8f4333ce21dd9b6491f529c2eb0d15c09076065d SHA256 587b889a16e13fd93dfeb6f66e10bcecb843071ebbbef1dc6b727e2c202f41e9 AUX bip-configure.patch 813 RMD160 d09c941021ab093f37bb4fc7bc9b2ab65361cf13 SHA1 5d2212cba40696d739ae3efdb0337f2d91eb54f6 SHA256 e713c197fedc1abf6424528b51ffb5afe6acb69dd8f1d93bb7b2770ab4306d99 AUX bip-freenode.patch 671 RMD160 8a418013b4443e3ea916399346d216984bcb17b1 SHA1 bce7080721511c50f361b2cb4f4a2d39b32b5a23 SHA256 a67e582f89cc6a32d5bb48c7e8ceb647b889808c2c8798ae3eb27d88869b892f AUX bip.vim 157 RMD160 b6b18f156f31ea515e271e7cec714d994c056a41 SHA1 7d0b4e3ddaf6dc5dae04ba1c853075f3ad3232fc SHA256 7c97eaef6d3b51d0e2f9572c919e25a5fc2f480a95469194b012fc507da55fc5 DIST bip-0.8.4.tar.gz 218014 RMD160 b82370595a092dd6a57586355084a777ef04b034 SHA1 f5677004a1ce4eb86fa01c1d1f3a29d764ac5df6 SHA256 7636663137372e6890cd935112b285be904b376b86a4c7c164daa9981ccd4e2c DIST bip-0.8.5.tar.gz 219985 RMD160 2e0d610f5b8883bd7f453524676ebe95a1a9ea4c SHA1 c8dc9cde94d0ff6b12d6ad2c5c316a58a70f98a5 SHA256 06adbfde12ee7c93b55793d340f6eec60f70dfddbf091ba6664f0b2af593be12 EBUILD bip-0.8.4.ebuild 1652 RMD160 718528e19719233e4c0141b97bdcac9561d681dd SHA1 c89ce6f73b18d43a01b7fcde271b1652326797a7 SHA256 a882505106d518b1e1c35142b969ea87a3af40cb98f86ea8875ff13b419d645a +EBUILD bip-0.8.5-r1.ebuild 1778 RMD160 2df9ce7bd8d01b3103e2cba2149533fef9f6981a SHA1 7d681f630acb1028b9ea1d790fe93c31e92299e7 SHA256 840e08b524ee15a43b5dee0d8d46bba45b1932dc71bbeebd4c3af5492542d96d EBUILD bip-0.8.5.ebuild 1716 RMD160 ca058e1ee38001b927ccc31953d6522c6208a16d SHA1 2cfa9fd5f12eea3a7cfdf380fdd42b731d840eb6 SHA256 e0ef326180df8965ed5c7fd41e4558bf0c24dc1265fa80dd7a17ef171a368c88 -MISC ChangeLog 2662 RMD160 ae3f08b33c15bab761aa03d5966d188012f5ffc4 SHA1 1fd8b88b56e7a813eb4d0dc96f102bffa65814c1 SHA256 9adbf246a808de743d0b797b830a0ab575f667e852c4c563bcb091224e8a2b68 +MISC ChangeLog 2850 RMD160 4e00985ba63ee3536fe155969910b9955ff71fd3 SHA1 1c68268d5f961dc8bb0af21a258c036423b2fe79 SHA256 6e97e7fc9a2b439896f07bdde2c861a8b5926f527f038ea594eb46ed8967eb7d MISC metadata.xml 1102 RMD160 7cd449daed13af6f3f4165e99361542eb51b4820 SHA1 95d8b6681d216d97a3348b2799bbeb560a195325 SHA256 e5303154ae5787821fb38ca9be06d1e7cf033cc04a7098b07581c2e8ead8bbf4 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) -iF4EAREIAAYFAkxdjNIACgkQ3Ca6Xy8+rvQRnQD/T1I6mPk8t14JBSsLAmEB3QPa -tlAd9TOEz0Fz7NciynsA/jlctOhea4PZTFJkV9UCRIDoKcS7Mw7gZIO6eputhKo2 -=vfiI +iF4EAREIAAYFAkyI9MIACgkQ3Ca6Xy8+rvQNnQD/VDDUkaEK+eY6kNKwt7Sc23iX +aJDGrmgN1GBRGflYZ2IA/Rfiybk3e8n+o3q9cvm3pbOj1xRGzSSYv/H5Guxi1dBU +=+YDy -----END PGP SIGNATURE----- diff --git a/net-irc/bip/bip-0.8.5-r1.ebuild b/net-irc/bip/bip-0.8.5-r1.ebuild new file mode 100644 index 000000000000..d2dbabf50c28 --- /dev/null +++ b/net-irc/bip/bip-0.8.5-r1.ebuild @@ -0,0 +1,69 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-irc/bip/bip-0.8.5-r1.ebuild,v 1.1 2010/09/09 14:52:43 a3li Exp $ + +EAPI="2" +inherit eutils autotools + +DESCRIPTION="Multiuser IRC proxy with ssl support" +HOMEPAGE="http://bip.t1r.net/" +SRC_URI="http://bip.t1r.net/downloads/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~x86" +IUSE="debug freenode noctcp ssl vim-syntax oidentd" + +DEPEND="ssl? ( dev-libs/openssl )" +RDEPEND="${DEPEND} + vim-syntax? ( || ( app-editors/vim + app-editors/gvim ) ) + oidentd? ( >=net-misc/oidentd-2.0 )" + +src_prepare() { + epatch "${FILESDIR}/${PN}-configure.patch" || die + epatch "${FILESDIR}/${PN}-CVE-2010-3071.patch" || die + + eautoreconf + + if use noctcp; then + sed -i -e '/irc_privmsg_check_ctcp(server, line);/s:^://:' src/irc.c || die + fi + + if use freenode; then + epatch "${FILESDIR}/${PN}-freenode.patch" || die + fi +} + +src_configure() { + econf \ + $(use_with ssl openssl) \ + $(use_enable debug) \ + $(use_enable oidentd) +} + +src_compile() { + # Parallel make fails. + emake -j1 || die "emake failed" +} + +src_install() { + dobin src/bip src/bipmkpw || die "dobin failed" + + dodoc AUTHORS ChangeLog README NEWS TODO || die "dodoc failed" + newdoc samples/bip.conf bip.conf.sample || die "newdoc failed" + doman bip.1 bip.conf.5 bipmkpw.1 || die "doman failed" + + if use vim-syntax; then + insinto /usr/share/vim/vimfiles/syntax + doins samples/bip.vim || die "doins failed" + insinto /usr/share/vim/vimfiles/ftdetect + doins "${FILESDIR}"/bip.vim || die "doins failed" + fi +} + +pkg_postinst() { + elog 'The default configuration file is "~/.bip/bip.conf"' + elog "You can find a sample configuration file in" + elog "/usr/share/doc/${PF}/bip.conf.sample" +} diff --git a/net-irc/bip/files/bip-CVE-2010-3071.patch b/net-irc/bip/files/bip-CVE-2010-3071.patch new file mode 100644 index 000000000000..be862aa62748 --- /dev/null +++ b/net-irc/bip/files/bip-CVE-2010-3071.patch @@ -0,0 +1,43 @@ +From ad771372ac3f2f649a9f3f300c2d51a4701ad9ea Mon Sep 17 00:00:00 2001 +From: Alex Legler +Date: Thu, 9 Sep 2010 16:37:43 +0200 +Subject: [PATCH] Check LINK(lc) before using it to avoid a null-pointer dereference (CVE-2010-3071) + +--- + src/irc.c | 6 +++--- + 1 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/irc.c b/src/irc.c +index fa98e09..c5f65a2 100644 +--- a/src/irc.c ++++ b/src/irc.c +@@ -2449,7 +2449,7 @@ void bip_on_event(bip_t *bip, connection_t *conn) + if (err) { + if (TYPE(lc) == IRC_TYPE_SERVER) { + mylog(LOG_ERROR, "[%s] read_lines error, closing...", +- LINK(lc)->name); ++ LINK(lc) ? LINK(lc)->name : "?"); + irc_server_shutdown(LINK(lc)->l_server); + } else { + mylog(LOG_ERROR, "client read_lines error, closing..."); +@@ -2471,7 +2471,7 @@ void bip_on_event(bip_t *bip, connection_t *conn) + line = irc_line_new_from_string(line_s); + if (!line) { + mylog(LOG_ERROR, "[%s] Error in protocol, closing...", +- LINK(lc)->name); ++ LINK(lc) ? LINK(lc)->name : "?"); + free(line_s); + goto prot_err_lines; + } +@@ -2481,7 +2481,7 @@ void bip_on_event(bip_t *bip, connection_t *conn) + free(line_s); + if (r == ERR_PROTOCOL) { + mylog(LOG_ERROR, "[%s] Error in protocol, closing...", +- LINK(lc)->name); ++ LINK(lc) ? LINK(lc)->name : "?"); + goto prot_err_lines; + } + if (r == ERR_AUTH) +-- +1.7.2 + -- cgit v1.2.3-65-gdbad