pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/chat/bitchx Fix for a security issue, CVE-2007-3360. A...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/d7c3ae141dc8
branches:  trunk
changeset: 530334:d7c3ae141dc8
user:      lkundrak <lkundrak%pkgsrc.org@localhost>
date:      Mon Jun 25 14:15:21 2007 +0000

description:
Fix for a security issue, CVE-2007-3360. A malicious server could direct
the client into executing arbitrary code.

diffstat:

 chat/bitchx/Makefile         |   3 ++-
 chat/bitchx/distinfo         |   3 ++-
 chat/bitchx/patches/patch-ar |  21 +++++++++++++++++++++
 3 files changed, 25 insertions(+), 2 deletions(-)

diffs (52 lines):

diff -r 894a15f16293 -r d7c3ae141dc8 chat/bitchx/Makefile
--- a/chat/bitchx/Makefile      Mon Jun 25 13:05:56 2007 +0000
+++ b/chat/bitchx/Makefile      Mon Jun 25 14:15:21 2007 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.41 2007/05/20 17:19:05 wiz Exp $
+# $NetBSD: Makefile,v 1.42 2007/06/25 14:15:21 lkundrak Exp $
 
 DISTNAME=      ircii-pana-1.1-final
 PKGNAME=       bitchx-1.1
+PKGREVISION=   1
 CATEGORIES=    chat
 MASTER_SITES=  http://www.bitchx.org/files/source/ \
                ftp://ftp.bitchx.org/pub/BitchX/source/ \
diff -r 894a15f16293 -r d7c3ae141dc8 chat/bitchx/distinfo
--- a/chat/bitchx/distinfo      Mon Jun 25 13:05:56 2007 +0000
+++ b/chat/bitchx/distinfo      Mon Jun 25 14:15:21 2007 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.15 2007/03/17 13:25:46 rillig Exp $
+$NetBSD: distinfo,v 1.16 2007/06/25 14:15:21 lkundrak Exp $
 
 SHA1 (ircii-pana-1.1-final.tar.gz) = b25635b62c7ff905b6492a4aaa88c43b5aa164f8
 RMD160 (ircii-pana-1.1-final.tar.gz) = 4105de2587964146e2391a26a8a16e3d0059a93f
@@ -13,3 +13,4 @@
 SHA1 (patch-ao) = ce6d8d68f39c54e5f174d294b0a72432b95fe89b
 SHA1 (patch-ap) = 7cc6162de323bf07e52cbad7d4b4b54ac01d105e
 SHA1 (patch-aq) = 97387bc2f7059f1a864f47ecd611ce62e13cb969
+SHA1 (patch-ar) = 09286c5e21c6b8f6d35ab53146297c2e4f44ad55
diff -r 894a15f16293 -r d7c3ae141dc8 chat/bitchx/patches/patch-ar
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/chat/bitchx/patches/patch-ar      Mon Jun 25 14:15:21 2007 +0000
@@ -0,0 +1,21 @@
+$NetBSD: patch-ar,v 1.1 2007/06/25 14:15:21 lkundrak Exp $
+
+This patch fixes CVE-2007-3360 flaw, where a malicious server could
+inject a hook possibly executiong malicious code and direct client
+into executing it by using bogus hook index.
+
+--- source/hook.c.orig 2007-06-25 15:41:37.000000000 +0200
++++ source/hook.c      2007-06-25 15:41:39.000000000 +0200
+@@ -837,6 +837,12 @@ int       BX_do_hook (int which, char *format
+ #ifdef WANT_TCL
+       int             tcl_ret = 0;
+ #endif        
++
++      /* CVE-2007-3360 boundary check */
++      if (which >= sizeof(hook_functions)/sizeof(hook_functions[0])) {
++              return NO_ACTION_TAKEN;
++      }
++
+       /*
+        * Figure out where the hooks are for the event type were asserting
+        */



Home | Main Index | Thread Index | Old Index