diff options
| author |   Heinrich Wendel <lanius@gentoo.org> | 2004-07-20 17:23:42 +0000 |
|---|---|---|
| committer | Heinrich Wendel <lanius@gentoo.org> | 2004-07-20 17:23:42 +0000 |
| commit | 4d9886b6e41587f72a9af2f4d93c27ab9eb1942f (patch) | |
| tree | f6d72781efd287cca73743584058259b4d3dc9d3 /net-dialup | |
| parent | version bump, mark stable for security reasons (diff) | |
| download | historical-4d9886b6e41587f72a9af2f4d93c27ab9eb1942f.tar.gz historical-4d9886b6e41587f72a9af2f4d93c27ab9eb1942f.tar.bz2 historical-4d9886b6e41587f72a9af2f4d93c27ab9eb1942f.zip | |
fix possible buffer overflow, remove vulnerable versions
Diffstat (limited to 'net-dialup')
| -rw-r--r-- | net-dialup/l2tpd/ChangeLog | 9 | ||||
| -rw-r--r-- | net-dialup/l2tpd/Manifest | 9 | ||||
| -rw-r--r-- | net-dialup/l2tpd/files/digest-l2tpd-0.69 | 2 | ||||
| -rw-r--r-- | net-dialup/l2tpd/files/digest-l2tpd-0.69-r2 (renamed from net-dialup/l2tpd/files/digest-l2tpd-0.69-r1) | 0 | ||||
| -rw-r--r-- | net-dialup/l2tpd/files/l2tpd-0.69-can-2004-0649.patch | 18 | ||||
| -rw-r--r-- | net-dialup/l2tpd/l2tpd-0.69-r2.ebuild (renamed from net-dialup/l2tpd/l2tpd-0.69-r1.ebuild) | 4 | ||||
| -rw-r--r-- | net-dialup/l2tpd/l2tpd-0.69.ebuild | 59 |
7 files changed, 33 insertions, 68 deletions
diff --git a/net-dialup/l2tpd/ChangeLog b/net-dialup/l2tpd/ChangeLog index 4dde12be24cc..fe3caf5e4cfb 100644 --- a/net-dialup/l2tpd/ChangeLog +++ b/net-dialup/l2tpd/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-dialup/l2tpd # Copyright 2003-2004 Gentoo Foundation; Distributed under the GPL -# $Header: /var/cvsroot/gentoo-x86/net-dialup/l2tpd/ChangeLog,v 1.8 2004/07/01 22:08:11 eradicator Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-dialup/l2tpd/ChangeLog,v 1.9 2004/07/20 17:23:42 lanius Exp $ + +*l2tpd-0.69-r2 (20 Jul 2004) + + 20 Jul 2004; Heinrich Wendel <lanius@gentoo.org> l2tpd-0.69-r1.ebuild, + l2tpd-0.69-r2.ebuild, l2tpd-0.69.ebuild, + files/l2tpd-0.69-can-2004-0649.patch: + fix possible buffer overflow, remove vulnerable versions 01 Jul 2004; Jeremy Huddleston <eradicator@gentoo.org> l2tpd-0.69-r1.ebuild, l2tpd-0.69.ebuild: diff --git a/net-dialup/l2tpd/Manifest b/net-dialup/l2tpd/Manifest index eab6d0e7a8d8..1d9a8cd0a6dc 100644 --- a/net-dialup/l2tpd/Manifest +++ b/net-dialup/l2tpd/Manifest @@ -1,7 +1,6 @@ -MD5 7c82809977f2042181e35001ac159d8a l2tpd-0.69-r1.ebuild 1819 -MD5 75ed52d02bcc1f0bb29abfb9cf8d0ebc l2tpd-0.69.ebuild 1668 -MD5 3f79d173c26bee5eedfb50ce22530939 ChangeLog 1190 +MD5 3b5d2c53ae3632a56f48252b9a533c17 l2tpd-0.69-r2.ebuild 1861 +MD5 538abb35bd787bc21bfe4c25ced69dcb ChangeLog 1432 MD5 ec2f84816306825d125d0c01bd86758d metadata.xml 163 -MD5 8fac6f64a3fa92ee4046a60f1c09dc66 files/digest-l2tpd-0.69-r1 67 -MD5 0a7a25480329c8228d50acee1917b683 files/digest-l2tpd-0.69 133 +MD5 8fac6f64a3fa92ee4046a60f1c09dc66 files/digest-l2tpd-0.69-r2 67 +MD5 a89d2270d8abbae0aa7faf07488736f0 files/l2tpd-0.69-can-2004-0649.patch 700 MD5 3105ccaa9c02a3339e446b267ebc3d7f files/l2tpd-init 375 diff --git a/net-dialup/l2tpd/files/digest-l2tpd-0.69 b/net-dialup/l2tpd/files/digest-l2tpd-0.69 deleted file mode 100644 index 5697792addd2..000000000000 --- a/net-dialup/l2tpd/files/digest-l2tpd-0.69 +++ /dev/null @@ -1,2 +0,0 @@ -MD5 c5dba6b80f583070fe9e6ed6e0c2162e l2tpd-0.69.tar.gz 127693 -MD5 0df73df624eb01307c2edff00f52b1d1 l2tpd-0.69-gcc-3.3.patch.gz 19123 diff --git a/net-dialup/l2tpd/files/digest-l2tpd-0.69-r1 b/net-dialup/l2tpd/files/digest-l2tpd-0.69-r2 index 4060c95bf5dd..4060c95bf5dd 100644 --- a/net-dialup/l2tpd/files/digest-l2tpd-0.69-r1 +++ b/net-dialup/l2tpd/files/digest-l2tpd-0.69-r2 diff --git a/net-dialup/l2tpd/files/l2tpd-0.69-can-2004-0649.patch b/net-dialup/l2tpd/files/l2tpd-0.69-can-2004-0649.patch new file mode 100644 index 000000000000..90d3150dc4f5 --- /dev/null +++ b/net-dialup/l2tpd/files/l2tpd-0.69-can-2004-0649.patch @@ -0,0 +1,18 @@ +--- l2tpd-0.69.orig/control.c ++++ l2tpd-0.69/control.c +@@ -1575,6 +1575,15 @@ + wbuf[pos++] = e; + for (x = 0; x < buf->len; x++) + { ++ // we must at least still have 3 bytes left in the worst case scenario: ++ // 1 for a possible escape, 1 for the value and 1 to end the PPP stream. ++ if(pos >= (sizeof(wbuf) - 4)) { ++ if(DEBUG) ++ log(LOG_CRIT, "%s: rx packet is too big after PPP encoding (size %u, max is %u)\n", ++ __FUNCTION__, buf->len, MAX_RECV_SIZE); ++ return -EINVAL; ++ } ++ + e = *((char *) buf->start + x); + if ((e < 0x20) || (e == PPP_ESCAPE) || (e == PPP_FLAG)) + { diff --git a/net-dialup/l2tpd/l2tpd-0.69-r1.ebuild b/net-dialup/l2tpd/l2tpd-0.69-r2.ebuild index b9791afd6cbf..ce26067f878a 100644 --- a/net-dialup/l2tpd/l2tpd-0.69-r1.ebuild +++ b/net-dialup/l2tpd/l2tpd-0.69-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-dialup/l2tpd/l2tpd-0.69-r1.ebuild,v 1.5 2004/07/01 22:08:11 eradicator Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-dialup/l2tpd/l2tpd-0.69-r2.ebuild,v 1.1 2004/07/20 17:23:42 lanius Exp $ inherit eutils @@ -34,6 +34,8 @@ src_unpack() { epatch ../${PN}-listenaddr.patch.bz2 epatch ../${PN}-MSL2TP-hostname.patch.bz2 + epatch ${FILESDIR}/${P}-can-2004-0649.patch + sed -i.orig -e "s|-g -O2|${CFLAGS}|" Makefile #-e "s|^#\(OSFLAGS+= -DUSE_KERNEL\)|\1|" \ #^wants an #include <linux/l2tp> diff --git a/net-dialup/l2tpd/l2tpd-0.69.ebuild b/net-dialup/l2tpd/l2tpd-0.69.ebuild deleted file mode 100644 index 03dcc35f22a1..000000000000 --- a/net-dialup/l2tpd/l2tpd-0.69.ebuild +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright 1999-2004 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-dialup/l2tpd/l2tpd-0.69.ebuild,v 1.5 2004/07/01 22:08:11 eradicator Exp $ - -inherit eutils - -DESCRIPTION="Layer 2 Tunnelling Protocol Daemon" -HOMEPAGE="http://www.l2tpd.org/" -SRC_URI="http://www.l2tpd.org/downloads/${P}.tar.gz - mirror://gentoo/${PN}-${PV}-gcc-3.3.patch.gz" -# http://www.jacco2.dds.nl/networking/freeswanl2tpconfig-1.1.tgz" -DEPEND="virtual/libc" -LICENSE="GPL-2" -KEYWORDS="x86" -SLOT="0" -IUSE="" - -src_unpack() { - unpack ${A} || die - cd ${S} || die - - epatch ${DISTDIR}/${PN}-${PV}-gcc-3.3.patch.gz - - #compile optimized - cp Makefile Makefile.orig - sed -e "s|-g -O2|${CFLAGS}|" Makefile.orig >Makefile - #-e "s|^#\(OSFLAGS+= -DUSE_KERNEL\)|\1|" \ - #^wants an #include <linux/l2tp> - - #make sure these stay just like so - cp file.h file.h.orig - sed -e 's|\(#define DEFAULT_AUTH_FILE \).*|\1"/etc/l2tpd/l2tp-secrets"|' \ - -e 's|\(#define DEFAULT_CONFIG_FILE \).*|\1"/etc/l2tpd/l2tpd.conf"|' \ - -e 's|\(#define DEFAULT_PID_FILE \).*|\1"/var/run/l2tpd.pid"|' \ - file.h.orig >file.h -} - -src_compile() { - emake || die -} - -src_install() { - dosbin l2tpd - doman doc/*.[85] - - dodoc BUGS CHANGELOG LICENSE CREDITS README TODO \ - doc/rfc2661.txt doc/*.sample - #cp -a ../freeswanl2tpconfig ${D}/usr/share/doc/${PF} - #chown -R root.root ${D}/usr/share/doc/${PF} - #mv ${D}/usr/share/doc/${PF}/freeswanl2tpconfig \ - # ${D}/usr/share/doc/${PF}/samples - - insinto /etc/l2tpd - newins doc/l2tp-secrets.sample l2tp-secrets - newins doc/l2tpd.conf.sample l2tpd.conf - - exeinto /etc/init.d - newexe ${FILESDIR}/l2tpd-init l2tpd -} |