netbsd-bugs: pkg/11750: chat/bitchx security update

Subject: pkg/11750: chat/bitchx security update
To: None <gnats-bugs@gnats.netbsd.org>
From: None <jmcneill@invisible.yi.org>
List: netbsd-bugs
Date: 12/16/2000 05:32:15
>Number:         11750
>Category:       pkg
>Synopsis:       BitchX contains a DNS overflow bug
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Dec 16 05:32:00 PST 2000
>Closed-Date:
>Last-Modified:
>Originator:     Jared D. McNeill
>Release:        Appx. Dec 10, 2000
>Organization:
	Student - Computer Programming Technology
	New Brunswick Community College, Saint John
>Environment:
System: NetBSD zero.invisible.ca 1.5N NetBSD 1.5N (ZERO) #0: Sun Dec 10 23:43:25 AST 2000 jmcneill@zero.invisible.ca:/usr/src/sys/arch/i386/compile/ZERO i386
Architecture: i386
Machine: i386
>Description:
	BitchX contains a DNS overflow vulnerability.
	URL: http://www.securityfocus.com/templates/archive.pike?fromthread=0&end=2000-12-09&start=2000-12-03&mid=149471&list=1&threads=0&
	Patch to NetBSD pkgsrc tree is below.
>How-To-Repeat:
>Fix:

diff -urN bitchx.orig/Makefile bitchx/Makefile
--- bitchx.orig/Makefile        Sat Dec 16 09:07:36 2000
+++ bitchx/Makefile     Sat Dec 16 09:22:19 2000
@@ -1,7 +1,7 @@
 # $NetBSD: Makefile,v 1.1.1.1 2000/12/15 23:16:34 wiz Exp $
 
 DISTNAME=      ircii-pana-1.0c17
-PKGNAME=       bitchx-1.0.3.17
+PKGNAME=       bitchx-1.0.3.17nb1
 WRKSRC=                ${WRKDIR}/BitchX
 CATEGORIES=    chat
 MASTER_SITES=  ftp://ftp.bitchx.org/pub/BitchX/source/
@@ -18,6 +18,13 @@
 post-extract:
        -${FIND} ${WRKDIR}/BitchX/bitchx-docs -type d -name CVS \
                -exec ${RM} -r {} \; 2> /dev/null
+
+# The WANT_NOTIFY_BITCHX_COM message after configure is misleading, we
+# disable this by default.
+post-configure:
+       @${ECHO}
+       @${ECHO} "===== WANT_NOTIFY_BITCHX_COM is disabled by default ====="
+       @${ECHO}
 
 post-install:
        ${INSTALL_DATA} ${WRKSRC}/doc/BitchX.1 ${PREFIX}/man/man1
diff -urN bitchx.orig/files/patch-sum bitchx/files/patch-sum
--- bitchx.orig/files/patch-sum Sat Dec 16 09:07:35 2000
+++ bitchx/files/patch-sum      Sat Dec 16 09:18:23 2000
@@ -2,3 +2,4 @@
 
 MD5 (patch-aa) = b1e2ea9a5248dc679292107cfde46762
 MD5 (patch-ab) = 77fa5fb610b19fd851a3753c0554ed81
+MD5 (patch-ac) = 459db173e8555a063433fb8961bc876a
diff -urN bitchx.orig/patches/patch-ac bitchx/patches/patch-ac
--- bitchx.orig/patches/patch-ac        Wed Dec 31 20:00:00 1969
+++ bitchx/patches/patch-ac     Sat Dec 16 09:18:18 2000
@@ -0,0 +1,22 @@
+--- source/misc.c.orig Tue Aug 29 04:19:23 2000
++++ source/misc.c      Sat Dec 16 09:17:57 2000
+@@ -2641,6 +2641,11 @@
+               switch(type)
+               {
+               case T_A :
++                      if (dlen != sizeof(struct in_addr))
++                      {
++                              cp += dlen;
++                              break;
++                      }
+                       rptr->re_he.h_length = dlen;
+                       if (ans == 1)
+                               rptr->re_he.h_addrtype=(class == C_IN) ?
+@@ -2687,6 +2692,7 @@
+                       *alias = NULL;
+                       break;
+               default :
++                      cp += dlen;
+                       break;
+               }
+       }

>Release-Note:
>Audit-Trail:
>Unformatted: