From: Alex Alexander Date: Sun, 8 Jan 2012 18:20:08 +0000 (+0000) Subject: security: bouncedcc dos fix - bug #398159 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=27bae23d4bcb778fc81c3d08ee61f35c6a994146;p=gentoo.git security: bouncedcc dos fix - bug #398159 Package-Manager: portage-2.2.0_alpha84/cvs/Linux x86_64 --- diff --git a/net-irc/znc/ChangeLog b/net-irc/znc/ChangeLog index 34addfecce5e..97727ea9fbf0 100644 --- a/net-irc/znc/ChangeLog +++ b/net-irc/znc/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-irc/znc -# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-irc/znc/ChangeLog,v 1.53 2011/10/30 22:35:45 wired Exp $ +# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/net-irc/znc/ChangeLog,v 1.54 2012/01/08 18:20:08 wired Exp $ + +*znc-0.202-r1 (08 Jan 2012) + + 08 Jan 2012; Alex Alexander -znc-0.202.ebuild, + +znc-0.202-r1.ebuild, +files/znc-0.202-bouncedcc-dos-fix.patch: + security: bouncedcc dos fix - bug #398159 30 Oct 2011; Alex Alexander -znc-0.096.ebuild, -znc-0.096-r1.ebuild, -znc-0.098.ebuild, -znc-0.200.ebuild, znc-0.202.ebuild, diff --git a/net-irc/znc/Manifest b/net-irc/znc/Manifest index 9352a0c5bf3b..fe3a9d368baf 100644 --- a/net-irc/znc/Manifest +++ b/net-irc/znc/Manifest @@ -4,27 +4,28 @@ Hash: SHA512 AUX znc-0.096-clearbuffersonmsg-fix.patch 1567 RMD160 549840d80e143428737b304725c0e5e992ea9e53 SHA1 d7ecd45bff47e480b4f17628df90b902509dda59 SHA256 1d9a4a7d60e3ad0333544feb2933097e8faa2336c66c4fa231d5febbc53c0cb9 AUX znc-0.098-modpython-as-needed.patch 820 RMD160 b944281272a61d4948d4a807bf3cc3899bf4834d SHA1 29274c3f2b77704b010d410316d716ea40e2a480 SHA256 a4d1d2ef2e32a673e6e019ed6a874ce020dfa9170675613e867e79e335edae45 AUX znc-0.200-segfault-fix.patch 829 RMD160 480c2b629319116e1b5dccbec09acf18b7ba88f3 SHA1 e31bcf7c9d437a9e86f9d28be10d1bd1b998760e SHA256 230afba64b775a15e543222e92302b36e98c28e57351bba21bbf66106ddf95ea +AUX znc-0.202-bouncedcc-dos-fix.patch 1509 RMD160 377b469e915aadcdaf25eb54a33aaa59ed6fc7be SHA1 2d80a28e99cd496ab416ce33365d3c0428bda322 SHA256 0c975d930571d5edc48bec2f85e0415ea43f85c65c7290c8ab517bd36c40808a DIST znc-0.094.tar.gz 603191 RMD160 f1dfd184e23beb58d441e0313d2ac2ec50e1bd16 SHA1 825f52905722ac3f0ff3055420aa8119940819e9 SHA256 a673ebec938c1285509da5cacb480c30b2b348941f3bac7907aa4b3dc094f94a DIST znc-0.202.tar.gz 654083 RMD160 168f889f6e97024377671112fb61edb487e74d9a SHA1 b97a1e942c3ad8c7a162fba6898c061c07ad7594 SHA256 48d95e7fc57cbcaee192bc1988fa7dcd35544286775d3b02ee4eb822ea57cc1a EBUILD znc-0.094.ebuild 1253 RMD160 8a4137952eec6cec05da62da48e348ce964cb7e3 SHA1 50778127c600e8d83714068e60194133d3654711 SHA256 43a451cbe0eabe1772df7ccce6e274e4a3807340ff16985c8bb9a79797044ccd -EBUILD znc-0.202.ebuild 1555 RMD160 9907163f39a925ec15c2558e33fd995987e27b8b SHA1 61f5e50b662d379523291d6418165e0b18fe028c SHA256 4280620856074929d164bc5d29133526f72a44794bbead7c3df79f2e709a2c09 +EBUILD znc-0.202-r1.ebuild 1659 RMD160 e501e82dcb837865b705ca732b020216ef6ca187 SHA1 24bd537e1263292f2ec59461b85b070724d8783a SHA256 57a5a0fd95fd00bf30bea5788918c70650aa9ef124771bd2843cb061fad0479a EBUILD znc-9999.ebuild 1599 RMD160 2f7c573ad503fd688e0f09f15eb5affc6ea8c964 SHA1 04b9c2f9a1cd13b6859109899ada951c0c0b52e5 SHA256 31f650737f90db1600332b9188cff9517b985a43601e64bd85320e500fca2f4d -MISC ChangeLog 7210 RMD160 884b92db60be6f78fe1f1ceca521c88e0e365809 SHA1 3ca97421d459b7315d33082b40aeb31b786610cc SHA256 3087a7c4c9c4a4afec0e61ba50fd78af48d53de57696c5dc06cb678c31ee02ca +MISC ChangeLog 7418 RMD160 c8bfbecb76be30e66f63076b17401db648cd48ca SHA1 54851a67d418fbad73f61e7afd5e293f54732149 SHA256 80c77c7577f0d94c9e3eef2ab4634ed98a81315e328a9d3f136ee258dfdd1bcc MISC metadata.xml 409 RMD160 f6476a5c2d494c26a600e104d723b4be74185bfe SHA1 3677f5f84105a59c3c0056b7718990ccd3eacbfc SHA256 9f5b022b9a72f00cb0b91ce0d8bf502bfe5bbd619c962dd8d5891096e5e3b84b -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) -iQIcBAEBCgAGBQJOrdFMAAoJEDZF8K7rm0r6vPAP/i8gVlZGym+mn3q0z6pNms2T -mItt29JSGt00mGFw06Pfdhe8gdL42e905r1sldVTjIHl4LW8FkK3x+aiITCDZNEl -3Gacwknt4Twv7DDv7VfUHpoF1IFaT9FkEWJy7u/fExzrEAuIX0povdQUNMMT2jka -CFKlgAyTFy6ypVzk0TRvLOHfcw/gz7qsosvjZp1qpDWjAbGlypi+9NpiQvkKhvAT -XuslG1Ey8jDECe0WQ5mRXIQmLwlGeRhiDfkCeKlcnU2P//kKYAJFxZMPKKkTnO0l -+3rmq6pIw715Z1bY9WTNmVf8/8cVgi300k2d+Z4fVCmrLm3e3H+W82+z3ERr6IdA -zowVcIRfZNfvP/Xjn64WYtnIRe9wUL6lIR/F5rkHXiDvUH6gtc5CilB5XlTvuehv -rPHHavWEJpIHLDTzhq2Cb8alGVkTJmZHACUt9C6WENet36ajrrREUGX39+voqEfY -ATjNBiw5BiQJpN+scU8wUlufMZVY309YTqtizYSzuvtCWZX2SuwtRmPU6reLpp34 -70HE4VylrLNQGz3ShsOgNCr4K+4xGiyyzWf01iSdZ/LYLTqCqPMTHhoFQG5eNzTs -T/XeQF2v+76id8bsr74tffCCVSutxw9omb2DC9YoEDAF1LxSGlher7+b7WLbKrr9 -qcEKuCl/y/73nOHiNPqq -=YM5y +iQIcBAEBCgAGBQJPCd6zAAoJEDZF8K7rm0r6YeQQAK2kOv9byUUQo15SPk9xLZ2n +a0v94z2UI321xqagC872tF2G5KSQuo6wY3KO5hqFLGDqpMqgsXM29CWLuqPpzcmk +6z9L5373/jIofwm1WHyn4jsza4tUXqi1JK5h3sxE/KSMb/Tgr04t9ZqZFnmwAuAf +JajGDWvmFHiqlLI2cuWYXux5xAytXkTZ5PMIAGiJufEIu85D6jsQeOIT1qha09BI +gFWyUbD8V7z0UyceJ7uIxoc9UHWqZ+7G39JKdpzFXbEuTRH8D2HUnmZYBltSiV+z +lkRCyDRkWvVEoyRoszZ2GzS2XgGwyGtgrOPv9AIBWUZ+910CDkDJfsAu26sLyDAX +J+0Ujs2Y2qlPXBHd4EYwTxQPrrDPYE5MpkUy1XIbqxxIvk5YvpJeoM3IBZJ+PhtX +NsFgU/GEl5F/Z2IDhBWkK9MMMH0MuK4800j+xvNxrDCNGT2kYfDX/AGov6M2K6cZ +u0ph9k0b0r2NBxmoFYBu/1wjwor7gcQo68hSgM/plAFXRUFjfwITr81CWq56RGrl +GiYqES7NfO3WVyc646YCL/+9ugEu4rBxhe67czMc/GVtmKSQnUw/YpbuhkE5Wj2a +Rd/PYW9NkPqPEAdBZFLvuQJ/wNj6JODcUvVwwGqj3gTEH0MhuSLHuzIDQMassM1j +GweVmf5tBhHclqX7HOKK +=BU7X -----END PGP SIGNATURE----- diff --git a/net-irc/znc/files/znc-0.202-bouncedcc-dos-fix.patch b/net-irc/znc/files/znc-0.202-bouncedcc-dos-fix.patch new file mode 100644 index 000000000000..090932e927a5 --- /dev/null +++ b/net-irc/znc/files/znc-0.202-bouncedcc-dos-fix.patch @@ -0,0 +1,27 @@ +# Fix crash in bouncedcc module. +# It happens when DCC RESUME is received. +# Affected ZNC versions: 0.200, 0.202. + +https://bugs.gentoo.org/show_bug.cgi?id=398159 + +diff -Naur znc-0.202.orig/modules/bouncedcc.cpp znc-0.202/modules/bouncedcc.cpp +--- znc-0.202.orig/modules/bouncedcc.cpp 2011-09-21 22:20:19.000000000 +0200 ++++ znc-0.202/modules/bouncedcc.cpp 2012-01-07 14:47:20.436704782 +0100 +@@ -238,7 +238,7 @@ + CDCCBounce* pSock = (CDCCBounce*) *it; + + if (pSock->GetLocalPort() == uResumePort) { +- m_pUser->PutUser(":" + Nick.GetNickMask() + " PRIVMSG " + m_pClient->GetNick() + " :\001DCC " + sType + " " + sFile + " " + CString(pSock->GetUserPort()) + " " + sMessage.Token(4) + "\001"); ++ m_pUser->PutUser(":" + Nick.GetNickMask() + " PRIVMSG " + m_pUser->GetNick() + " :\001DCC " + sType + " " + sFile + " " + CString(pSock->GetUserPort()) + " " + sMessage.Token(4) + "\001"); + } + } + } else if (sType.Equals("ACCEPT")) { +@@ -248,7 +248,7 @@ + CDCCBounce* pSock = (CDCCBounce*) *it; + + if (pSock->GetUserPort() == sMessage.Token(3).ToUShort()) { +- m_pUser->PutUser(":" + Nick.GetNickMask() + " PRIVMSG " + m_pClient->GetNick() + " :\001DCC " + sType + " " + sFile + " " + CString(pSock->GetLocalPort()) + " " + sMessage.Token(4) + "\001"); ++ m_pUser->PutUser(":" + Nick.GetNickMask() + " PRIVMSG " + m_pUser->GetNick() + " :\001DCC " + sType + " " + sFile + " " + CString(pSock->GetLocalPort()) + " " + sMessage.Token(4) + "\001"); + } + } + } diff --git a/net-irc/znc/znc-0.202.ebuild b/net-irc/znc/znc-0.202-r1.ebuild similarity index 85% rename from net-irc/znc/znc-0.202.ebuild rename to net-irc/znc/znc-0.202-r1.ebuild index b51651f749e1..8f86a208d7f3 100644 --- a/net-irc/znc/znc-0.202.ebuild +++ b/net-irc/znc/znc-0.202-r1.ebuild @@ -1,6 +1,6 @@ -# Copyright 1999-2011 Gentoo Foundation +# Copyright 1999-2012 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-irc/znc/znc-0.202.ebuild,v 1.2 2011/10/30 22:35:45 wired Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-irc/znc/znc-0.202-r1.ebuild,v 1.1 2012/01/08 18:20:08 wired Exp $ EAPI=2 @@ -40,6 +40,11 @@ pkg_setup() { fi } +src_prepare() { + # security fix, bug #398159 + epatch "${FILESDIR}"/"${P}"-bouncedcc-dos-fix.patch +} + src_configure() { econf \ $(use_enable ares c-ares) \