diff options
| author |   Paweł Hajdan <phajdan.jr@gentoo.org> | 2013-10-13 19:58:32 +0000 |
|---|---|---|
| committer | Paweł Hajdan <phajdan.jr@gentoo.org> | 2013-10-13 19:58:32 +0000 |
| commit | 02caf286297e547fb9e291c00f8d286982a13b20 (patch) | |
| tree | c6ae2ad3c77c7a15d9ab3cf6416453152352c65f /net-libs | |
| parent | Explicitly call einstalldocs in multilib_src_install_all() to accomodate bug ... (diff) | |
| download | historical-02caf286297e547fb9e291c00f8d286982a13b20.tar.gz historical-02caf286297e547fb9e291c00f8d286982a13b20.tar.bz2 historical-02caf286297e547fb9e291c00f8d286982a13b20.zip | |
Version bump for security bug #472302 .
Package-Manager: portage-2.2.1/cvs/Linux i686
Manifest-Sign-Key: 0x30427902
Diffstat (limited to 'net-libs')
| -rw-r--r-- | net-libs/libsrtp/ChangeLog | 8 | ||||
| -rw-r--r-- | net-libs/libsrtp/Manifest | 14 | ||||
| -rw-r--r-- | net-libs/libsrtp/files/libsrtp-CVE-2013-2139.diff | 46 | ||||
| -rw-r--r-- | net-libs/libsrtp/libsrtp-1.4.4_p20121108-r1.ebuild | 77 |
4 files changed, 143 insertions, 2 deletions
diff --git a/net-libs/libsrtp/ChangeLog b/net-libs/libsrtp/ChangeLog index 63605afd3c7c..fea51ab75dc9 100644 --- a/net-libs/libsrtp/ChangeLog +++ b/net-libs/libsrtp/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-libs/libsrtp # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-libs/libsrtp/ChangeLog,v 1.29 2013/10/01 15:30:04 chithanh Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-libs/libsrtp/ChangeLog,v 1.30 2013/10/13 19:58:24 phajdan.jr Exp $ + +*libsrtp-1.4.4_p20121108-r1 (13 Oct 2013) + + 13 Oct 2013; Pawel Hajdan jr <phajdan.jr@gentoo.org> + +libsrtp-1.4.4_p20121108-r1.ebuild, +files/libsrtp-CVE-2013-2139.diff: + Version bump for security bug #472302 . 01 Oct 2013; Chí-Thanh Christopher Nguyễn <chithanh@gentoo.org> metadata.xml: Add chainsaw to maintainers. diff --git a/net-libs/libsrtp/Manifest b/net-libs/libsrtp/Manifest index 5717cda20f3e..44eb52790d1f 100644 --- a/net-libs/libsrtp/Manifest +++ b/net-libs/libsrtp/Manifest @@ -1,10 +1,22 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + AUX libsrtp-1.4.4-invalid-index.patch 412 SHA256 afef97d3da04d4d00ebc9aef598f32dce959a64e94da48c54f4201dfc5a0667c SHA512 eda02d691be19de883d061031c0c7070e375da3581f4294a7c8fa30f498c4c7aaa306c291230171d0391e226b624277ae09b4337dd14aa2625a9cb6bb4884764 WHIRLPOOL 3b0ecc41a920550efe935a647de469a67b2fa8784be4842c323d3efbbb237f8f0a706343f14fc6795bf53b35b8153f02eafb99e5ccacbeff80fe99312708f067 AUX libsrtp-1.4.4-shared.patch 1670 SHA256 76bbfa40334c17327331f3532f45a6b83139dc94cc4eee9e4a48db4ece63961c SHA512 c9005c00fd81cf13243897f2803d1528812bd83849aa318c5cbabfb3fd7cd3870b94cf5d6ad6eaab5b181b2e439be6cdfe9a9a38338632bbf34647a18d120a69 WHIRLPOOL cbc5a2a44069326a64dc50080cc2f897ec706f414dd55e9c1565ded0a428693144f94bd84b992da669711a92691ea9366949e9cd0c39989ec9f28d1c1cc2b5f0 AUX libsrtp-1.4.4_p20121108-shared.patch 1821 SHA256 8fc8c716c03e56f7211b85359211abb13c97c56a7670fa5236b8ed9e6b9894c4 SHA512 594b2e5e6efc74a93162e299fe4247ae6dfbd1864c02435bab2bcc2788716bd5afc6513d3842ea87260182ffd2de0abcab4577b13a26dcd75c5008a849bec709 WHIRLPOOL b5625fdf1c29725061d4523699d34b01f2b62afa5f6131642dbedc2a1de3c78ecceeddadfff00aebcf33296ab53efcfb124fa5f5a4b9840228a1c5c5266b9a6c +AUX libsrtp-CVE-2013-2139.diff 1996 SHA256 185a89fc68bce34308b0ce0fd3f016d3a1506f092d75d0cb4ff232751dba1c01 SHA512 ea944ec993b8e923e2cb91a77336b5f898851f6948f6b5df45610f7528afdb7ad54706cee4acd49146b18c45f52fa5588f43e4fbc745b56df3c558d6bbf5b49b WHIRLPOOL a143d3e8278027b2bf97904fef1eff4ff09d52d60181495ea942527c64272bad46f71f3fbdde617cf39b4d5a3a542c66a00fd71663f69a0051d1237263e56c4f DIST srtp-1.4.4.tgz 502890 SHA256 d9c2cbb1c95172ed2dc963eff0d6ce1072326dc81cb1dd38414e9f0e430af314 SHA512 951bfec212f579daae4a5a7fc9eded163dd6790da2e3840629dbeac36d7d960f95a1f1b844505629c7815816515f0784bf9b6e1c47f2986416ec04ec9d4b7564 WHIRLPOOL 82b01ce07de0c7b82d5f99b2fda6c72653e2927c3838a15dd1bb7e36725846599f2a96675dcf5ddfd7dcab9210f554b30fcf9bcb3806a60aa732d56926a4c07f DIST srtp-1.4.4_p20121108.tar.gz 485875 SHA256 ebc0b7b27f5ab669a058c82f62b1c96298a961d54633d7041e776bca19a4f295 SHA512 a6bf2674babed512bd90fd11d63adecf4ddf357d26652f321651fcc42d932d3d9f8713ecab4bdcddb026106a2d5bfbac0a626938f70822f5b1ee05881bb823d9 WHIRLPOOL 27296c776d60688dfa3c655999b6a87828036f9a71cff7a9ea9d1f0c6c5afa787eb625fb4ec9254b0eda459769fc0ca41cf4c1eaa38053cd365243c101f444bd EBUILD libsrtp-1.4.4-r1.ebuild 2181 SHA256 df28a118d1ef97c8a006c33c70b232f4cf19adf91f0a6d56b1c9271405ff3abb SHA512 41c44ba0353249aa883b6d532b20bf25e558eb0d5ae85c323bb010fb48e55b718b13e6d2a300f0a863d5b36e94f5418e25a8695b916b0d5b559e06759d712498 WHIRLPOOL d3b5043b590f37986323a618604dd32c2333de07bea221b1fa84399f8871926662568da813495f8421173ab9b4d48907f2091641e696e47cfbdfd879a0dd0767 EBUILD libsrtp-1.4.4-r2.ebuild 2265 SHA256 2b74ebcd58029b08b386d233e055da4fde0a76c423f23af71bb9ee7ab64c7f91 SHA512 0d6d5ee0488d830e9206c14b4d6e85c16d1339778b47730c1773c5cdec87d6a119858441ac97c6ba465856ca73dccce7a26993fb0a64e3a19612c384119a8de6 WHIRLPOOL f052c50cdc653f4fff4ab3caca003c83331539da0700fcafb98318e2038ecf5f4d0999810d8b35292f7b224a2b0a75268d8b2afe6bccc4a36215eae66b16bfdb +EBUILD libsrtp-1.4.4_p20121108-r1.ebuild 2289 SHA256 e236d06328f0de2b687bef0cede357f85cd2815a432172ce255266d7dc1ee0d1 SHA512 d3be09bf1a8cf72c49c2f1bfc74766c0d45552796adf6184aeb81f8c608ce2eba7e6b2cbd18efe253ef2e96f0dea1088b84960493c34a43500edf58119300fdf WHIRLPOOL 40fab8f68cdee60cad76e17966d6722ea8c81062c2d22396a13b4bd3cd4483577dc39cbeb38a930155f07bb4ca39b4de02b79ace57a261461a1c51b3dc33c87c EBUILD libsrtp-1.4.4_p20121108.ebuild 2231 SHA256 444e2e4a535735f9b773a95b073d87e6c7d95c6a7dfe93a9aaf1c0d787e15d61 SHA512 894f750e35e9b18b8b6c44242eecd96cac94c0fef163271235f30a3725378c50452ad94f8575a7bd2866df7bebe41c4f3e6290fa697cfb098751b8f9205ab6a4 WHIRLPOOL 59332afd44d1412dc1fb8f6bd4f370a108971b2833613ee94b138592612aef32749c48bd9511ddbc157a9a068b809a3df509d0e25a4f319a4affe55bc257f3b8 -MISC ChangeLog 4091 SHA256 1dbb41651a385a3477e4afd2991933118b70c2bf2f99c903a8adc45ed05f2eb0 SHA512 7a122cb5c4ab6aa7e42e5ed7981e7d07347b2a465f85bf9f2ae2533dc84c07d4e1ea34bac491240c090915bcd6159ac100447dc04c64664f23ed7f44732a2927 WHIRLPOOL 292510307cdf6afff5a9ae14fbfafbaabbcb34ec4cdb1b2531480aee4a88cd0cd627ddd281871d801cc46775e94792d04f7c83cadaca363e87489ed6c5f369fc +MISC ChangeLog 4307 SHA256 3e9535a0f5ddf37438836a639f815a8c89aa4c6509e97136e13b7e2380bd3ca5 SHA512 925be8ae6745d94947e3e9429168a159c2b433c630ff3a0f4b5efe059c61c0fc69ec3848308f1295349f54a9bc9550a813a82df44b23165fa2debaa0bb6ec0e1 WHIRLPOOL 3d78db33e71e26f798c700c42ad831065d07487175c6b6d6f9480425cf4bc4b4fdc6401413fa4744395eccf2172b1ac462d05ed2568bb175dc03c4b7c21d19b3 MISC metadata.xml 505 SHA256 a6102bc3faaaf3124b2ef0112c2d81ffe85fa142feb08ed55ed33b4619e6d73c SHA512 431075a50a23cf16f37be607c111f0d9dc5cd0c47845f9f43e3c888d4113b0b0ffd42aa93114db52278e415d0662efb1f825e8bf0da8be7b6ff27ef94b9c5686 WHIRLPOOL 1f399f7274bf1d1a7729b81111eb21e0ccd0443bd85751f1c4cc7a25fc96f51f62979659fe096f205314bf164b501c33b8c5f45344d421230210300d0daa3cb9 +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v2.0.20 (GNU/Linux) + +iEYEAREIAAYFAlJa+2YACgkQuUQtlDBCeQJbogCfadvOpCIDK4Y4kPrmguBqu8L1 +6E4An1cXHA7VapZiOSPIINDbhzqYLhat +=gfS+ +-----END PGP SIGNATURE----- diff --git a/net-libs/libsrtp/files/libsrtp-CVE-2013-2139.diff b/net-libs/libsrtp/files/libsrtp-CVE-2013-2139.diff new file mode 100644 index 000000000000..dcafe177638b --- /dev/null +++ b/net-libs/libsrtp/files/libsrtp-CVE-2013-2139.diff @@ -0,0 +1,46 @@ +diff --git a/srtp/srtp.c b/srtp/srtp.c +index 839c1ee..7fd19e6 100644 +--- a/srtp/srtp.c ++++ b/srtp/srtp.c +@@ -2063,23 +2063,18 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length) + switch(profile) { + case srtp_profile_aes128_cm_sha1_80: + crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); +- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); + break; + case srtp_profile_aes128_cm_sha1_32: + crypto_policy_set_aes_cm_128_hmac_sha1_32(policy); +- crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); + break; + case srtp_profile_null_sha1_80: + crypto_policy_set_null_cipher_hmac_sha1_80(policy); +- crypto_policy_set_null_cipher_hmac_sha1_80(policy); + break; + case srtp_profile_aes256_cm_sha1_80: + crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); +- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); + break; + case srtp_profile_aes256_cm_sha1_32: + crypto_policy_set_aes_cm_256_hmac_sha1_32(policy); +- crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); + break; + /* the following profiles are not (yet) supported */ + case srtp_profile_null_sha1_32: +@@ -2100,6 +2095,8 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length) + crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); + break; + case srtp_profile_aes128_cm_sha1_32: ++ /* We do not honor the 32-bit auth tag request since ++ * this is not compliant with RFC 3711 */ + crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); + break; + case srtp_profile_null_sha1_80: +@@ -2109,6 +2106,8 @@ static inline int base_key_length(const cipher_type_t *cipher, int key_length) + crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); + break; + case srtp_profile_aes256_cm_sha1_32: ++ /* We do not honor the 32-bit auth tag request since ++ * this is not compliant with RFC 3711 */ + crypto_policy_set_aes_cm_256_hmac_sha1_80(policy); + break; + /* the following profiles are not (yet) supported */ diff --git a/net-libs/libsrtp/libsrtp-1.4.4_p20121108-r1.ebuild b/net-libs/libsrtp/libsrtp-1.4.4_p20121108-r1.ebuild new file mode 100644 index 000000000000..e1555c957555 --- /dev/null +++ b/net-libs/libsrtp/libsrtp-1.4.4_p20121108-r1.ebuild @@ -0,0 +1,77 @@ +# Copyright 1999-2013 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-libs/libsrtp/libsrtp-1.4.4_p20121108-r1.ebuild,v 1.1 2013/10/13 19:58:24 phajdan.jr Exp $ + +EAPI="4" + +inherit base multilib + +MY_PN="srtp" +MY_P="${MY_PN}-${PV}" + +DESCRIPTION="Open-source implementation of the Secure Real-time Transport Protocol (SRTP)" +HOMEPAGE="http://srtp.sourceforge.net/srtp.html" +SRC_URI="http://dev.gentoo.org/~phajdan.jr/${MY_P}.tar.gz" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 -sparc ~x86 ~x86-fbsd ~ppc-macos ~x64-macos ~x86-macos" +IUSE="aesicm console debug doc static-libs syslog" +PATCHES=( + "${FILESDIR}/${P}-shared.patch" + "${FILESDIR}/${PN}-CVE-2013-2139.diff" + ) + +S=${WORKDIR}/${MY_PN} + +src_configure() { + # stdout: default error output for messages in debug + # kernel-linux: breaks the build + # gdoi: disabled by upstream and breaks the build + econf \ + --enable-stdout \ + --disable-kernel-linux \ + --disable-gdoi \ + $(use_enable aesicm generic-aesicm) \ + $(use_enable console) \ + $(use_enable debug) \ + $(use_enable syslog) +} + +src_compile() { + if use static-libs; then + emake ${PN}.a || die "Failed to build static library" + fi + emake ${PN}$(get_libname) || die "Failed to build dynamic library" +} + +src_test() { + # getopt returns an int, not a char + sed -i -e "s/char q/int q/" \ + test/rdbx_driver.c test/srtp_driver.c test/dtls_srtp_driver.c \ + || die "fixing getopt errors failed" + + # test/rtpw_test.sh is assuming . is in $PATH + sed -i -e "s:\$RTPW :./\$RTPW :" test/rtpw_test.sh \ + || die "patching test/rtpw_test.sh failed" + + # test/rtpw.c is using /usr/share/dict/words assuming it exists + # using test/rtpw.c guaratees the file exists in any case + sed -i -e "s:/usr/share/dict/words:rtpw.c:" test/rtpw.c \ + || die "patching test/rtpw.c failed" + + emake test || die "building test failed" + emake -j1 runtest || die "tests failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "emake install failed" + + dodoc CHANGES README TODO || die "dodoc failed" + + if use doc; then + # libsrtp.pdf can also be generated with doxygen + # but it would be a waste of time as an up-to-date version is built + dodoc doc/*.txt doc/${PN}.pdf || die "dodoc failed" + fi +} |