pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2003Q4]: pkgsrc/chat/gaim Update gaim to version 0.75 to fix s...
details: https://anonhg.NetBSD.org/pkgsrc/rev/e3fddd19f3ea
branches: pkgsrc-2003Q4
changeset: 463735:e3fddd19f3ea
user: agc <agc%pkgsrc.org@localhost>
date: Thu Jan 29 18:38:50 2004 +0000
description:
Update gaim to version 0.75 to fix security problem on the
pkgsrc-2003Q4 branch, requested by Marc Recht. The files here were
hand-edited, since much has changed between the version of this
package on the pkgsrc-2003Q4 branch and the head.
Original commit message follows:
Module Name: pkgsrc
Committed By: recht
Date: Tue Jan 27 01:24:52 UTC 2004
Modified Files:
pkgsrc/chat/gaim: Makefile distinfo
pkgsrc/chat/gaim/patches: patch-aa
Added Files:
pkgsrc/chat/gaim/patches: patch-ab patch-ac patch-ad
Log Message:
12 vulnerabilities were found in the instant messenger GAIM that allow
remote compromise. The 12 identified problems range from simple standard
stack overflows, over heap overflows to an integer overflow that can be
abused to cause a heap overflow. Due to the nature of instant messaging
some of these bugs require man-in-the-middle attacks between client and
server. But the underlying protocols are easy to implement and MIM attacks
on ordinary TCP sessions is afairly simple task.
Please see http://security.e-matters.de/advisories/012004.html
for more details.
Apply the fix posted in that advisory (originally by the FreeBSD security
team) and bump PKGREVISION to 1.
diffstat:
chat/gaim/Makefile | 6 +-
chat/gaim/PLIST | 10 ++-
chat/gaim/distinfo | 10 +-
chat/gaim/patches/patch-aa | 12 +++
chat/gaim/patches/patch-ab | 176 +++++++++++++++++++++++++++++++++++++++++++++
chat/gaim/patches/patch-ac | 13 +++
chat/gaim/patches/patch-ad | 136 ++++++++++++++++++++++++++++++++++
7 files changed, 356 insertions(+), 7 deletions(-)
diffs (truncated from 442 to 300 lines):
diff -r 9652b5185de0 -r e3fddd19f3ea chat/gaim/Makefile
--- a/chat/gaim/Makefile Mon Jan 12 17:36:50 2004 +0000
+++ b/chat/gaim/Makefile Thu Jan 29 18:38:50 2004 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.42 2003/10/18 08:18:46 jmmv Exp $
+# $NetBSD: Makefile,v 1.42.2.1 2004/01/29 18:38:50 agc Exp $
#
-DISTNAME= gaim-0.71
+DISTNAME= gaim-0.75
+PKGREVISION= 1
CATEGORIES= chat x11
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=gaim/}
EXTRACT_SUFX= .tar.bz2
@@ -27,6 +28,7 @@
CONFIGURE_ARGS+= --disable-nas
CONFIGURE_ARGS+= --disable-perl
CONFIGURE_ARGS+= --disable-nss
+CONFIGURE_ARGS+= --disable-tcl
.include "../../mk/bsd.prefs.mk"
diff -r 9652b5185de0 -r e3fddd19f3ea chat/gaim/PLIST
--- a/chat/gaim/PLIST Mon Jan 12 17:36:50 2004 +0000
+++ b/chat/gaim/PLIST Thu Jan 29 18:38:50 2004 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.20 2003/10/18 08:18:46 jmmv Exp $
+@comment $NetBSD: PLIST,v 1.20.2.1 2004/01/29 18:38:50 agc Exp $
bin/gaim
bin/gaim-remote
include/gaim-remote/remote-socket.h
@@ -54,6 +54,9 @@
lib/gaim/notify.a
lib/gaim/notify.la
lib/gaim/notify.so
+lib/gaim/relnot.a
+lib/gaim/relnot.la
+lib/gaim/relnot.so
lib/gaim/spellchk.a
lib/gaim/spellchk.la
lib/gaim/spellchk.so
@@ -89,6 +92,7 @@
${PKGLOCALEDIR}/locale/cs/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/da/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/de/LC_MESSAGES/gaim.mo
+${PKGLOCALEDIR}/locale/en_GB/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/es/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/fi/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/fr/LC_MESSAGES/gaim.mo
@@ -101,14 +105,15 @@
${PKGLOCALEDIR}/locale/nl/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/no/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/pl/LC_MESSAGES/gaim.mo
+${PKGLOCALEDIR}/locale/pt/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/pt_BR/LC_MESSAGES/gaim.mo
-${PKGLOCALEDIR}/locale/pt_PT/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/ro/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/ru/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/sk/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/sr/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/sr@Latn/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/sv/LC_MESSAGES/gaim.mo
+${PKGLOCALEDIR}/locale/vi/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/zh_CN/LC_MESSAGES/gaim.mo
${PKGLOCALEDIR}/locale/zh_TW/LC_MESSAGES/gaim.mo
share/pixmaps/gaim.png
@@ -329,6 +334,7 @@
share/pixmaps/gaim/status/default/notauthorized.png
share/pixmaps/gaim/status/default/occupied.png
share/pixmaps/gaim/status/default/offline.png
+share/pixmaps/gaim/status/default/secure.png
share/pixmaps/gaim/status/default/trepia.png
share/pixmaps/gaim/status/default/wireless.png
share/pixmaps/gaim/status/default/yahoo.png
diff -r 9652b5185de0 -r e3fddd19f3ea chat/gaim/distinfo
--- a/chat/gaim/distinfo Mon Jan 12 17:36:50 2004 +0000
+++ b/chat/gaim/distinfo Thu Jan 29 18:38:50 2004 +0000
@@ -1,4 +1,8 @@
-$NetBSD: distinfo,v 1.33 2003/10/18 08:18:46 jmmv Exp $
+$NetBSD: distinfo,v 1.33.2.1 2004/01/29 18:38:50 agc Exp $
-SHA1 (gaim-0.71.tar.bz2) = 3615ca1973704de57ab48a098ec6ece147bba578
-Size (gaim-0.71.tar.bz2) = 3109536 bytes
+SHA1 (gaim-0.75.tar.bz2) = 20a7ccadf276d9db6b74ae3d07d90601d805a4a9
+Size (gaim-0.75.tar.bz2) = 3370977 bytes
+SHA1 (patch-aa) = 90d7bbc5c9ab5c6ffeba30a6c782e66cb1e3d861
+SHA1 (patch-ab) = aff902959e96d00c0712ac88b235aa918ba082d6
+SHA1 (patch-ac) = 803423543063b5838139dfad4c80172d6bfb4d70
+SHA1 (patch-ad) = 02f5d4d7b6cf2bc49043eba09b079ce2530552dc
diff -r 9652b5185de0 -r e3fddd19f3ea chat/gaim/patches/patch-aa
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/chat/gaim/patches/patch-aa Thu Jan 29 18:38:50 2004 +0000
@@ -0,0 +1,12 @@
+$NetBSD: patch-aa,v 1.15.2.1 2004/01/29 18:38:50 agc Exp $
+
+--- src/protocols/oscar/ft.c.orig 2004-01-05 02:34:04.000000000 +0100
++++ src/protocols/oscar/ft.c
+@@ -44,6 +44,7 @@
+ #include <config.h>
+ #endif
+
++#include <limits.h>
+ #include <aim.h>
+
+ #ifndef _WIN32
diff -r 9652b5185de0 -r e3fddd19f3ea chat/gaim/patches/patch-ab
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/chat/gaim/patches/patch-ab Thu Jan 29 18:38:50 2004 +0000
@@ -0,0 +1,176 @@
+$NetBSD: patch-ab,v 1.5.2.1 2004/01/29 18:38:50 agc Exp $
+
+--- src/protocols/yahoo/yahoo.c.orig 2004-01-10 06:04:09.000000000 +0100
++++ src/protocols/yahoo/yahoo.c
+@@ -20,6 +20,7 @@
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ *
+ */
++#include <limits.h>
+ #include "internal.h"
+
+ #include "account.h"
+@@ -131,8 +132,15 @@ static void yahoo_packet_read(struct yah
+ while (pos + 1 < len) {
+ if (data[pos] == 0xc0 && data[pos + 1] == 0x80)
+ break;
++ if (x >= sizeof(key)-1) {
++ x++;
++ continue;
++
++ }
+ key[x++] = data[pos++];
+ }
++ if (x >= sizeof(key)-1)
++ x = 0;
+ key[x] = 0;
+ pos += 2;
+ pair->key = strtol(key, NULL, 10);
+@@ -868,32 +876,66 @@ static void yahoo_process_contact(GaimCo
+ }
+ }
+
++
++static void octal(const char **p, const char *end, unsigned char *n)
++{
++ int i, c;
++
++ for (i = 0, c = 0; i < 3 && *p < end; ++i, ++*p) {
++ c <<= 3;
++ switch (**p) {
++ case '0': break;
++ case '1': c += 1; break;
++ case '2': c += 2; break;
++ case '3': c += 3; break;
++ case '4': c += 4; break;
++ case '5': c += 5; break;
++ case '6': c += 6; break;
++ case '7': c += 7; break;
++ default:
++ if (i == 0) {
++ *n = **p;
++ ++*p;
++ return;
++ }
++ c >>= 3;
++ goto done;
++ }
++ }
++done:
++ *n = (c > UCHAR_MAX) ? '?' : c;
++ return;
++}
++
+ #define OUT_CHARSET "utf-8"
+
+ static char *yahoo_decode(const char *text)
+ {
+ char *converted;
+- char *p, *n, *new;
+-
+- n = new = g_malloc(strlen (text) + 1);
+-
+- for (p = (char *)text; *p; p++, n++) {
++ unsigned char *n, *new;
++ size_t len;
++ const char *p, *end;
++
++ len = strlen (text);
++ p = text;
++ end = &text[len];
++ n = new = g_malloc(len + 1);
++ while (p < end) {
+ if (*p == '\\') {
+- sscanf(p + 1, "%3o\n", (int *)n);
+- p += 3;
+- }
+- else
+- *n = *p;
++ ++p;
++ octal(&p, end, n);
++ } else
++ *n = *p++;
++ ++n;
+ }
+-
+ *n = '\0';
+-
+ converted = g_convert(new, n - new, OUT_CHARSET, "iso-8859-1", NULL, NULL, NULL);
+ g_free(new);
+
+ return converted;
+ }
+
++
+ static void yahoo_process_mail(GaimConnection *gc, struct yahoo_packet *pkt)
+ {
+ GaimAccount *account = gaim_connection_get_account(gc);
+@@ -1903,32 +1945,30 @@ static void yahoo_got_web_connected(gpoi
+
+ static void yahoo_web_pending(gpointer data, gint source, GaimInputCondition cond)
+ {
++ static const char http302[] = "HTTP/1.0 302";
++ static const char setcookie[] = "Set-Cookie: ";
+ GaimConnection *gc = data;
+ GaimAccount *account = gaim_connection_get_account(gc);
+ struct yahoo_data *yd = gc->proto_data;
+- char buf[1024], buf2[256], *i = buf, *r = buf2;
+- int len, o = 0;
++ char buf[1024], *i = buf;
++ int len;
++ GString *s;
+
+ len = read(source, buf, sizeof(buf));
+- if (len <= 0 || strncmp(buf, "HTTP/1.0 302", strlen("HTTP/1.0 302"))) {
++ if (len <= 0 || (len >= sizeof(http302)-1 &&
++ memcmp(http302, buf, sizeof(http302)-1) != 0)) {
+ gaim_connection_error(gc, _("Unable to read"));
+ return;
+ }
+-
+- while ((i = strstr(i, "Set-Cookie: ")) && 0 < 2) {
+- i += strlen("Set-Cookie: ");
+- for (;*i != ';'; r++, i++) {
+- *r = *i;
+- }
+- *r=';';
+- r++;
+- *r=' ';
+- r++;
+- o++;
+- }
+- /* Get rid of that "; " */
+- *(r-2) = '\0';
+- yd->auth = g_strdup(buf2);
++ s = g_string_sized_new(len);
++ buf[len] = '\0';
++ while ((i = strstr(i, setcookie)) != NULL) {
++ i += sizeof(setcookie)-1;
++ for (;*i != ';'; i++)
++ g_string_append_c(s, *i);
++ g_string_append(s, "; ");
++ }
++ yd->auth = g_string_free(s, FALSE);
+ gaim_input_remove(gc->inpa);
+ close(source);
+ /* Now we have our cookies to login with. I'll go get the milk. */
+@@ -1974,15 +2014,17 @@ static GHashTable *yahoo_login_page_hash
+ const char *c = buf;
+ char *d;
+ char name[64], value[64];
++ int count = sizeof(name)-1;
+ while ((c < (buf + len)) && (c = strstr(c, "<input "))) {
+ c = strstr(c, "name=\"") + strlen("name=\"");
+- for (d = name; *c!='"'; c++, d++)
++ for (d = name; *c!='"' && count; c++, d++, count--)
+ *d = *c;
+ *d = '\0';
++ count = sizeof(value)-1;
+ d = strstr(c, "value=\"") + strlen("value=\"");
+ if (strchr(c, '>') < d)
+ break;
+- for (c = d, d = value; *c!='"'; c++, d++)
++ for (c = d, d = value; *c!='"' && count; c++, d++, count--)
+ *d = *c;
+ *d = '\0';
+ g_hash_table_insert(hash, g_strdup(name), g_strdup(value));
diff -r 9652b5185de0 -r e3fddd19f3ea chat/gaim/patches/patch-ac
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/chat/gaim/patches/patch-ac Thu Jan 29 18:38:50 2004 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ac,v 1.4.2.1 2004/01/29 18:38:50 agc Exp $
+
+--- src/proxy.c.orig 2004-01-10 05:04:56.000000000 +0100
++++ src/proxy.c
+@@ -974,7 +974,7 @@ http_canread(gpointer data, gint source,
+
+ gaim_input_remove(phb->inpa);
+
+- while ((nlc != 2) && (read(source, &inputline[pos++], 1) == 1)) {
++ while ((pos < sizeof(inputline)-1) && (nlc != 2) && (read(source, &inputline[pos++], 1) == 1)) {
+ if (inputline[pos - 1] == '\n')
Home |
Main Index |
Thread Index |
Old Index