pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/devel/pwlib Fix overlong string DoS in pwlib's PString...
details: https://anonhg.NetBSD.org/pkgsrc/rev/3aa77e09d2c6
branches: trunk
changeset: 544143:3aa77e09d2c6
user: tonnerre <tonnerre%pkgsrc.org@localhost>
date: Sun Jul 13 14:38:41 2008 +0000
description:
Fix overlong string DoS in pwlib's PString::vsprintf code (CVE-2007-4897).
diffstat:
devel/pwlib/Makefile | 4 ++--
devel/pwlib/distinfo | 3 ++-
devel/pwlib/patches/patch-ax | 13 +++++++++++++
3 files changed, 17 insertions(+), 3 deletions(-)
diffs (48 lines):
diff -r a58bf50a492c -r 3aa77e09d2c6 devel/pwlib/Makefile
--- a/devel/pwlib/Makefile Sun Jul 13 14:30:21 2008 +0000
+++ b/devel/pwlib/Makefile Sun Jul 13 14:38:41 2008 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.58 2008/01/18 05:14:38 tnn Exp $
+# $NetBSD: Makefile,v 1.59 2008/07/13 14:38:41 tonnerre Exp $
DISTNAME= pwlib-v1_8_3-src
PKGNAME= pwlib-1.8.3
-PKGREVISION= 7
+PKGREVISION= 8
CATEGORIES= devel
MASTER_SITES+= http://www.voxgratia.org/releases/
EXTRACT_SUFX= -tar.gz
diff -r a58bf50a492c -r 3aa77e09d2c6 devel/pwlib/distinfo
--- a/devel/pwlib/distinfo Sun Jul 13 14:30:21 2008 +0000
+++ b/devel/pwlib/distinfo Sun Jul 13 14:38:41 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.24 2007/10/10 15:16:12 rillig Exp $
+$NetBSD: distinfo,v 1.25 2008/07/13 14:38:41 tonnerre Exp $
SHA1 (pwlib-v1_8_3-src-tar.gz) = d3a6eff571ebfd37889e75cbaef75983e6119d2e
RMD160 (pwlib-v1_8_3-src-tar.gz) = 1ce2544ef631c8344543e62988f97022c998bb05
@@ -26,6 +26,7 @@
SHA1 (patch-au) = 4947ee29e91c84f39a370ebc128c1e67737234d1
SHA1 (patch-av) = 2bb533f6a29f10d357aed1b12c0bfc43af8a4f3b
SHA1 (patch-aw) = 236cb19fc7f0b78055b0634b3821c099318abb9f
+SHA1 (patch-ax) = ef77c8c1f767490eba3400e1d784419e7cbfd335
SHA1 (patch-ay) = 4a7978e13956172e9190444cb773c950c2e95ace
SHA1 (patch-az) = b82405bea8da7d93d965457f1090e64149e5f561
SHA1 (patch-ba) = 5695be7e37677e7d4db84bb997404030e8a8523f
diff -r a58bf50a492c -r 3aa77e09d2c6 devel/pwlib/patches/patch-ax
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/pwlib/patches/patch-ax Sun Jul 13 14:38:41 2008 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-ax,v 1.1 2008/07/13 14:38:41 tonnerre Exp $
+
+--- ptlib/common/contain.cxx.orig 2004-10-21 15:04:21.000000000 +0200
++++ ptlib/common/contain.cxx
+@@ -2454,7 +2454,7 @@ PString & PString::vsprintf(const char *
+ PAssert(SetSize(2000), POutOfMemory);
+ ::vsprintf(theArray+len, fmt, arg);
+ #else
+- PINDEX size = 0;
++ PINDEX size = len;
+ do {
+ size += 1000;
+ PAssert(SetSize(size), POutOfMemory);
Home |
Main Index |
Thread Index |
Old Index