pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/net-snmp add a patch by Jan Safranek <jsafranek@us...
details: https://anonhg.NetBSD.org/pkgsrc/rev/1ccb66a83da4
branches: trunk
changeset: 603944:1ccb66a83da4
user: spz <spz%pkgsrc.org@localhost>
date: Thu May 17 12:56:17 2012 +0000
description:
add a patch by Jan Safranek <jsafranek%users.sourceforge.net@localhost> for CVE-2012-2141
from https://bugzilla.redhat.com/attachment.cgi?id=580443 :
Check out-of-index conditions in ExtendOutput2Table.
diffstat:
net/net-snmp/Makefile | 4 +-
net/net-snmp/distinfo | 3 +-
net/net-snmp/patches/patch-agent_mibgroup_agent_extend.c | 20 ++++++++++++++++
3 files changed, 24 insertions(+), 3 deletions(-)
diffs (54 lines):
diff -r 7bea00c7c791 -r 1ccb66a83da4 net/net-snmp/Makefile
--- a/net/net-snmp/Makefile Thu May 17 10:53:01 2012 +0000
+++ b/net/net-snmp/Makefile Thu May 17 12:56:17 2012 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.88 2011/10/22 07:33:34 shattered Exp $
+# $NetBSD: Makefile,v 1.89 2012/05/17 12:56:17 spz Exp $
DISTNAME= net-snmp-5.6.1.1
-PKGREVISION= 2
+PKGREVISION= 3
CATEGORIES= net
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=net-snmp/}
diff -r 7bea00c7c791 -r 1ccb66a83da4 net/net-snmp/distinfo
--- a/net/net-snmp/distinfo Thu May 17 10:53:01 2012 +0000
+++ b/net/net-snmp/distinfo Thu May 17 12:56:17 2012 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.64 2011/10/17 19:40:26 shattered Exp $
+$NetBSD: distinfo,v 1.65 2012/05/17 12:56:17 spz Exp $
SHA1 (net-snmp-5.6.1.1.tar.gz) = ec88ba3e0dff4d1b3d342ccebb48ea84c9fa6fa9
RMD160 (net-snmp-5.6.1.1.tar.gz) = 9a4a83f7fe9431a0694b5fee33866ccea80fcab4
@@ -9,6 +9,7 @@
SHA1 (patch-ae) = 54541bffecdbf4c526280bc82ffd370a59963d88
SHA1 (patch-af) = d7641e502fd0a2969fa838fc67244cdfc6995369
SHA1 (patch-ag) = 8f9dedcf741c4b0ea2c0150c8b0a22747ca8a313
+SHA1 (patch-agent_mibgroup_agent_extend.c) = b3b04c51e7059426963fdb4712a711e2da053a28
SHA1 (patch-ah) = 7cea4194c858d7a8a9093eaf4426404e9202c3f1
SHA1 (patch-ai) = 1eb3b72dcfff90c8e973590265bdb1c07b717eaa
SHA1 (patch-aj) = e3337d01e96cc0739dbf3b1c7bde44d1126c32ae
diff -r 7bea00c7c791 -r 1ccb66a83da4 net/net-snmp/patches/patch-agent_mibgroup_agent_extend.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/net-snmp/patches/patch-agent_mibgroup_agent_extend.c Thu May 17 12:56:17 2012 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-agent_mibgroup_agent_extend.c,v 1.1 2012/05/17 12:56:17 spz Exp $
+
+patch by Jan Safranek <jsafranek%users.sourceforge.net@localhost> for CVE-2012-2141
+from https://bugzilla.redhat.com/attachment.cgi?id=580443 :
+
+Check out-of-index conditions in ExtendOutput2Table.
+
+--- agent/mibgroup/agent/extend.c.orig 2010-07-08 11:19:15.000000000 +0000
++++ agent/mibgroup/agent/extend.c
+@@ -1309,6 +1309,10 @@ handle_nsExtendOutput2Table(netsnmp_mib_
+ * Determine which line we've been asked for....
+ */
+ line_idx = *table_info->indexes->next_variable->val.integer;
++ if (line_idx < 1 || line_idx > extension->numlines) {
++ netsnmp_set_request_error(reqinfo, request, SNMP_NOSUCHINSTANCE);
++ continue;
++ }
+ cp = extension->lines[line_idx-1];
+
+ /*
Home |
Main Index |
Thread Index |
Old Index