diff options
author | Pete Michaleas <tutor@gentoo.org> | 2002-04-25 22:26:49 +0000 |
---|---|---|
committer | Pete Michaleas <tutor@gentoo.org> | 2002-04-25 22:26:49 +0000 |
commit | ae65a3491160ef43958417ad6997cc32820c6e93 (patch) | |
tree | 9a37cc9276629e45258273c9b1cdbfa7945be5a2 /net-analyzer/ntop | |
parent | new freetype - simple version bump (diff) | |
download | gentoo-2-ae65a3491160ef43958417ad6997cc32820c6e93.tar.gz gentoo-2-ae65a3491160ef43958417ad6997cc32820c6e93.tar.bz2 gentoo-2-ae65a3491160ef43958417ad6997cc32820c6e93.zip |
Fix for remote vulnerability
Diffstat (limited to 'net-analyzer/ntop')
-rw-r--r-- | net-analyzer/ntop/ChangeLog | 10 | ||||
-rw-r--r-- | net-analyzer/ntop/files/ntop-2.0_syslog_format.patch | 29 | ||||
-rw-r--r-- | net-analyzer/ntop/ntop-2.0-r1.ebuild | 88 |
3 files changed, 126 insertions, 1 deletions
diff --git a/net-analyzer/ntop/ChangeLog b/net-analyzer/ntop/ChangeLog index b96b763ff511..8ed66b99cc3f 100644 --- a/net-analyzer/ntop/ChangeLog +++ b/net-analyzer/ntop/ChangeLog @@ -1,6 +1,6 @@ # ChangeLog for net-analyzer/ntop # Copyright 2002 Gentoo Technologies, Inc.; Distributed under the GPL -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ntop/ChangeLog,v 1.1 2002/02/01 21:53:32 gbevin Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ntop/ChangeLog,v 1.2 2002/04/25 22:26:49 tutor Exp $ *ntop-2.0 (1 Feb 2002) @@ -11,3 +11,11 @@ comments should well explained and written in clean English. The details about writing correct changelogs are explained in the skel.ChangeLog file which you can find in the root directory of the portage repository. + +*ntop-2.0 (25 Apr 2002) + + 25 Apr 2002; Pete Michaleas <tutor@gentoo.org> ntop-2.0-r1.ebuild : + + Included patch to fix vulnerability with syslog() call, found in + util.c. + diff --git a/net-analyzer/ntop/files/ntop-2.0_syslog_format.patch b/net-analyzer/ntop/files/ntop-2.0_syslog_format.patch new file mode 100644 index 000000000000..5fab91a38a47 --- /dev/null +++ b/net-analyzer/ntop/files/ntop-2.0_syslog_format.patch @@ -0,0 +1,29 @@ +diff -u ntop_original/util.c ntop/util.c +--- ntop_original/util.c Thu Dec 27 02:54:29 2001 ++++ ntop/util.c Thu Apr 25 17:34:55 2002 +@@ -2179,20 +2179,20 @@ + #if 0 + switch(traceLevel) { + case 0: +- syslog(LOG_ERR, buf); ++ syslog(LOG_ERR, "%s", buf); + break; + case 1: +- syslog(LOG_WARNING, buf); ++ syslog(LOG_WARNING, "%s", buf); + break; + case 2: +- syslog(LOG_NOTICE, buf); ++ syslog(LOG_NOTICE, "%s", buf); + break; + default: +- syslog(LOG_INFO, buf); ++ syslog(LOG_INFO, "%s", buf); + break; + } + #else +- syslog(LOG_ERR, buf); ++ syslog(LOG_ERR, "%s", buf); + #endif + } + #endif diff --git a/net-analyzer/ntop/ntop-2.0-r1.ebuild b/net-analyzer/ntop/ntop-2.0-r1.ebuild new file mode 100644 index 000000000000..4213260774bb --- /dev/null +++ b/net-analyzer/ntop/ntop-2.0-r1.ebuild @@ -0,0 +1,88 @@ +# Copyright 1999-2000 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License, v2 or later +# Author Achim Gottinger <achim@gentoo.org>, Bruce A. Locke <blocke@shivan.org> +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/ntop/ntop-2.0-r1.ebuild,v 1.1 2002/04/25 22:26:49 tutor Exp $ + +A="${P}-src.tgz" +S=${WORKDIR}/ntop +DESCRIPTION="ntop is a unix tool that shows network usage like top" +SRC_URI="http://luca.ntop.org/${A}" +HOMEPAGE="http://www.ntop.org/ntop.html" + +DEPEND="virtual/glibc sys-devel/gcc + >=sys-libs/gdbm-1.8.0 + >=net-libs/libpcap-0.5.2 + ssl? ( >=dev-libs/openssl-0.9.6 ) + mysql? ( dev-db/mysql ) + readline? ( >=sys-libs/readline-4.1 ) + tcpd? ( >=sys-apps/tcp-wrappers-7.6 )" + +RDEPEND="${DEPEND}" + +src_compile() { + + local myconf + if [ -z "`use ssl`" ] ; then + myconf="--disable-ssl" + else + cp configure configure.orig + sed -e "s:/usr/local/ssl:/usr:" configure.orig > configure + export CFLAGS="$CFLAGS -I/usr/include/openssl" + fi + + use mysql || myconf="$myconf --disable-mysql" + use readline || myconf="$myconf --disable-readline" + use tcpd || myconf="$myconf --enable-tcpwrap" + + # ntop 2.0 ships with its own version of gdchart... gdchart should + # get its own package but ntop should be built with the version it + # shipped with just in case future versions are incompatible -- blocke + + # compile gdchart + cd ../gdchart0.94c + ./configure || die + + # subtree #1 + cd gd-1.8.3/libpng-1.0.8 + make -f scripts/makefile.linux || die + + # subtree #2 + cd ../../zlib-1.1.3/ + ./configure || die + make || die + + # gdchart make + cd ../ + make || die + + # now ntop itself... + cd ../ntop + # fix syslog() format strings vulnerability. + patch -p1 < ${FILESDIR}/ntop-2.0_syslog_format.patch + try ./configure --prefix=/usr --sysconfdir=/usr/share --mandir=/usr/share/man --host=${CHOST} $myconf + try make + +} + +src_install () { + + # slight issue with man file installation + mv Makefile Makefile.orig + sed 's/man_MANS = ntop.8 intop\/intop.1//g' Makefile.orig > Makefile + + try make prefix=${D}/usr sysconfdir=/${D}/usr/share mandir=${D}/usr/share/man install + + # fixme: bad handling of plugins (in /usr/lib with unsuggestive names) + # (don't know if there is a clean way to handle it) + + doman ntop-rules.8 ntop.8 + + dodoc AUTHORS CONTENTS COPYING ChangeLog INSTALL MANIFESTO NEWS + dodoc PORTING README SUPPORT_NTOP.txt THANKS + + docinto html + dodoc ntop.html +} + + + |