pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2005Q3]: pkgsrc/chat/centericq Pullup ticket 956 - requested b...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/c09fc6ba294c
branches:  pkgsrc-2005Q3
changeset: 499747:c09fc6ba294c
user:      seb <seb%pkgsrc.org@localhost>
date:      Thu Dec 15 08:54:51 2005 +0000

description:
Pullup ticket 956 - requested by Lubomir Sedlacik
security fix via patch for chat/centericq

   Module Name: pkgsrc
   Committed By:        adrianp
   Date:                Sat Dec  3 17:04:23 UTC 2005

   Modified Files:
        pkgsrc/chat/centericq: Makefile distinfo
   Added Files:
        pkgsrc/chat/centericq/patches: patch-at

   Log Message:
   Patch via Debian for:
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3694

diffstat:

 chat/centericq/Makefile         |   4 ++--
 chat/centericq/distinfo         |   3 ++-
 chat/centericq/patches/patch-at |  14 ++++++++++++++
 3 files changed, 18 insertions(+), 3 deletions(-)

diffs (46 lines):

diff -r b151c9e19598 -r c09fc6ba294c chat/centericq/Makefile
--- a/chat/centericq/Makefile   Thu Dec 15 01:01:34 2005 +0000
+++ b/chat/centericq/Makefile   Thu Dec 15 08:54:51 2005 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.53 2005/09/19 19:42:11 adrianp Exp $
+# $NetBSD: Makefile,v 1.53.2.1 2005/12/15 08:54:51 seb Exp $
 #
 
 DISTNAME=      centericq-4.20.0
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    chat
 MASTER_SITES=  http://konst.org.ua/download/ \
                http://centericq.de/archive/source/releases/
diff -r b151c9e19598 -r c09fc6ba294c chat/centericq/distinfo
--- a/chat/centericq/distinfo   Thu Dec 15 01:01:34 2005 +0000
+++ b/chat/centericq/distinfo   Thu Dec 15 08:54:51 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.18 2005/09/19 19:42:11 adrianp Exp $
+$NetBSD: distinfo,v 1.18.2.1 2005/12/15 08:54:51 seb Exp $
 
 SHA1 (centericq-4.20.0.tar.bz2) = 14b37c5257039853f0a1b948c7eaa49581a5913c
 RMD160 (centericq-4.20.0.tar.bz2) = 7f17cd87aa4b98269fa65173b3e6317143c7c8ca
@@ -14,3 +14,4 @@
 SHA1 (patch-ai) = 2ac32940347733dbb63e12bdd54212435795b30d
 SHA1 (patch-aj) = 1e4ea16dfc5c8eeae9b70b4bda01a2b367ea2879
 SHA1 (patch-ak) = 155067c43db79d398465bac2d70878e8b714fa8b
+SHA1 (patch-at) = b46777e3ba12c8ce3c423d1b0487e7a09c969671
diff -r b151c9e19598 -r c09fc6ba294c chat/centericq/patches/patch-at
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/chat/centericq/patches/patch-at   Thu Dec 15 08:54:51 2005 +0000
@@ -0,0 +1,14 @@
+$NetBSD: patch-at,v 1.1.2.2 2005/12/15 08:54:51 seb Exp $
+
+Security fix for CVE-2005-3694, from Debian.
+
+--- libicq2000-0.1/src/DirectClient.cpp.orig   2004-02-11 00:51:14.000000000 +0100
++++ libicq2000-0.1/src/DirectClient.cpp        2005-12-11 16:40:06.000000000 +0100
+@@ -162,6 +162,7 @@
+ 
+       m_recv.setLittleEndian();
+       m_recv >> length;
++      if (length == 0) return; // short read, toss it back (nothing to do)
+       if (length > Incoming_Packet_Limit) throw ParseException("Received too long incoming packet");
+       if (m_recv.remains() < length) return; // waiting for more of the packet
+ 



Home | Main Index | Thread Index | Old Index