[pkgsrc/trunk]: pkgsrc/chat/gaim Security fix for CAN-2005-2370

[salo <salo%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/41ffbadbf2fe
branches:  trunk
changeset: 497833:41ffbadbf2fe
user:      salo <salo%pkgsrc.org@localhost>
date:      Fri Aug 05 14:33:53 2005 +0000

description:
Security fix for CAN-2005-2370

"Multiple "memory alignment errors" in libgadu, as used in ekg before 1.6rc2
and other packages, allows remote attackers to cause a denial of service (bus
error) on certain architectures such as SPARC via an incoming message."

Bump PKGREVISION, patch from Gaim CVS.

diffstat:

 chat/gaim/Makefile         |   3 ++-
 chat/gaim/buildlink3.mk    |   4 ++--
 chat/gaim/distinfo         |   3 ++-
 chat/gaim/patches/patch-ae |  20 ++++++++++++++++++++
 4 files changed, 26 insertions(+), 4 deletions(-)

diffs (67 lines):

diff -r 88d58b17032e -r 41ffbadbf2fe chat/gaim/Makefile
--- a/chat/gaim/Makefile        Fri Aug 05 13:07:32 2005 +0000
+++ b/chat/gaim/Makefile        Fri Aug 05 14:33:53 2005 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.92 2005/07/21 16:29:45 wiz Exp $
+# $NetBSD: Makefile,v 1.93 2005/08/05 14:33:53 salo Exp $
 
 DISTNAME=      gaim-1.4.0
+PKGREVISION=   1
 CATEGORIES=    chat x11
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=gaim/}
 EXTRACT_SUFX=  .tar.bz2
diff -r 88d58b17032e -r 41ffbadbf2fe chat/gaim/buildlink3.mk
--- a/chat/gaim/buildlink3.mk   Fri Aug 05 13:07:32 2005 +0000
+++ b/chat/gaim/buildlink3.mk   Fri Aug 05 14:33:53 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.5 2005/05/12 10:32:18 salo Exp $
+# $NetBSD: buildlink3.mk,v 1.6 2005/08/05 14:33:53 salo Exp $
 
 BUILDLINK_DEPTH:=      ${BUILDLINK_DEPTH}+
 GAIM_BUILDLINK3_MK:=   ${GAIM_BUILDLINK3_MK}+
@@ -12,7 +12,7 @@
 
 .if !empty(GAIM_BUILDLINK3_MK:M+)
 BUILDLINK_DEPENDS.gaim+=       gaim>=1.1.2
-BUILDLINK_RECOMMENDED.gaim+=   gaim>=1.3.0
+BUILDLINK_RECOMMENDED.gaim+=   gaim>=1.4.0nb1
 BUILDLINK_PKGSRCDIR.gaim?=     ../../chat/gaim
 
 PRINT_PLIST_AWK+=      /^@dirrm lib\/gaim$$/ \
diff -r 88d58b17032e -r 41ffbadbf2fe chat/gaim/distinfo
--- a/chat/gaim/distinfo        Fri Aug 05 13:07:32 2005 +0000
+++ b/chat/gaim/distinfo        Fri Aug 05 14:33:53 2005 +0000
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.66 2005/07/08 09:39:47 grant Exp $
+$NetBSD: distinfo,v 1.67 2005/08/05 14:33:53 salo Exp $
 
 SHA1 (gaim-1.4.0.tar.bz2) = 49955722104216e6e41757657abaa94388c42249
 RMD160 (gaim-1.4.0.tar.bz2) = d12354df0828451d32124750340b759180289591
 Size (gaim-1.4.0.tar.bz2) = 5979303 bytes
 SHA1 (patch-aa) = 555c394dbb4cd9ef4fea621d30ce72baae309067
 SHA1 (patch-ad) = 21ffc478343793ce065c75a24ed0cf58b0677359
+SHA1 (patch-ae) = 6c8a5960918ea77a766cdb4f3c2d805a61235771
diff -r 88d58b17032e -r 41ffbadbf2fe chat/gaim/patches/patch-ae
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/chat/gaim/patches/patch-ae        Fri Aug 05 14:33:53 2005 +0000
@@ -0,0 +1,20 @@
+$NetBSD: patch-ae,v 1.3 2005/08/05 14:33:53 salo Exp $
+
+Fix for CAN-2005-2370, from Gaim CVS.
+
+--- src/protocols/gg/libgg.c.orig      2005-03-02 12:53:57.000000000 +0100
++++ src/protocols/gg/libgg.c   2005-08-05 15:38:42.000000000 +0200
+@@ -1098,8 +1098,11 @@
+ 
+                           e->event.status60.descr = buf;
+ 
+-                          if (len > 4 && p[h->length - 5] == 0)
+-                                  e->event.status60.time = *((int*) (p + h->length - 4));
++                          if (len > 4 && p[h->length - 5] == 0) {
++                                  uint32_t t;
++                                  memcpy(&t, p + h->length - 4, sizeof(uint32_t));
++                                  e->event.status60.time = t;
++                          }
+                   }
+ 
+                   break;