From ffeb4f65c752806bbbe736b66946cf87695d542d Mon Sep 17 00:00:00 2001 From: Matsuu Takuto Date: Mon, 30 Apr 2007 10:32:09 +0000 Subject: [PATCH] Fixed bug #162644 and #176130. Package-Manager: portage-2.1.2.2 --- net-dns/mydns/ChangeLog | 10 ++- net-dns/mydns/Manifest | 37 ++++---- .../mydns/files/04-update-smash-fix.dpatch | 43 +++++++++ net-dns/mydns/files/digest-mydns-1.1.0-r1 | 3 + net-dns/mydns/files/mydns.rc6 | 6 +- net-dns/mydns/mydns-1.1.0-r1.ebuild | 89 +++++++++++++++++++ 6 files changed, 166 insertions(+), 22 deletions(-) create mode 100644 net-dns/mydns/files/04-update-smash-fix.dpatch create mode 100644 net-dns/mydns/files/digest-mydns-1.1.0-r1 create mode 100644 net-dns/mydns/mydns-1.1.0-r1.ebuild diff --git a/net-dns/mydns/ChangeLog b/net-dns/mydns/ChangeLog index 3ad80d6efd20..f298b593bf92 100644 --- a/net-dns/mydns/ChangeLog +++ b/net-dns/mydns/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for net-dns/mydns # Copyright 2000-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-dns/mydns/ChangeLog,v 1.23 2007/04/29 18:15:14 tove Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-dns/mydns/ChangeLog,v 1.24 2007/04/30 10:32:09 matsuu Exp $ + +*mydns-1.1.0-r1 (30 Apr 2007) + + 30 Apr 2007; MATSUU Takuto + +files/04-update-smash-fix.dpatch, files/mydns.rc6, + +mydns-1.1.0-r1.ebuild: + Fixed security bug #176130. + Fixed bug #162644. 29 Apr 2007; Torsten Veller mydns-1.1.0.ebuild: Fix *initd, *confd and *envd calls (#173884, #174266) diff --git a/net-dns/mydns/Manifest b/net-dns/mydns/Manifest index 915471673447..09067816b249 100644 --- a/net-dns/mydns/Manifest +++ b/net-dns/mydns/Manifest @@ -1,6 +1,7 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - +AUX 04-update-smash-fix.dpatch 1175 RMD160 344a2360a1b746da4d612a7fc070aca5a552930a SHA1 8ecd7ab4365e9b4f42d8cd74c5daa2e86137cfbc SHA256 2f4054a5c65e59e2f41e6633b07078bbc736b8196db22c11aaae3bae2cb9f11e +MD5 016782f1db32e59e627fe0a48999d253 files/04-update-smash-fix.dpatch 1175 +RMD160 344a2360a1b746da4d612a7fc070aca5a552930a files/04-update-smash-fix.dpatch 1175 +SHA256 2f4054a5c65e59e2f41e6633b07078bbc736b8196db22c11aaae3bae2cb9f11e files/04-update-smash-fix.dpatch 1175 AUX mydns-1.1.0-gcc41.patch 9447 RMD160 d04c549f711f8afc405dc05e97582a7e8c994e06 SHA1 29826d1cd87935ec72e8289bad852d6334a8648a SHA256 2f1431b9c08735203351d12d3043c469bd5ec65d77c0f44bcc6ca4c3801b0a1b MD5 b9aff8f3edcf3bc2020271b617d3c071 files/mydns-1.1.0-gcc41.patch 9447 RMD160 d04c549f711f8afc405dc05e97582a7e8c994e06 files/mydns-1.1.0-gcc41.patch 9447 @@ -9,19 +10,23 @@ AUX mydns-1.1.0-m4.patch 3055 RMD160 2a0c9843f05b713efd6d21671d960ab079766780 SH MD5 c6cef0bb5a9e48f0afcc4496a4c799bf files/mydns-1.1.0-m4.patch 3055 RMD160 2a0c9843f05b713efd6d21671d960ab079766780 files/mydns-1.1.0-m4.patch 3055 SHA256 9cf87e1dd03cd83655099eb850285f2b67893fe490cd20f053c33e9bec8046c2 files/mydns-1.1.0-m4.patch 3055 -AUX mydns.rc6 903 RMD160 19cf3b0a533b96aa3ea06b2ac5e9fe3e323c90e4 SHA1 7054235b7ab1e150c0d6201ec56c5c755ea80019 SHA256 b831ca3503a52872e5eb7f2cc2a8522394f77a520521a887f70728c619927846 -MD5 38219cb6d2a256e9fbe8fbac5a0a01d6 files/mydns.rc6 903 -RMD160 19cf3b0a533b96aa3ea06b2ac5e9fe3e323c90e4 files/mydns.rc6 903 -SHA256 b831ca3503a52872e5eb7f2cc2a8522394f77a520521a887f70728c619927846 files/mydns.rc6 903 +AUX mydns.rc6 903 RMD160 bb97a7ce94249f9de78e4a5e9164f17339f873c9 SHA1 fb1477b08584cbc2e9027fe1351c3a5e34e802f6 SHA256 36dadbe2c880928a43d33049c02026df47478f79ff97768a6143db6cddc3aba4 +MD5 51f69a0eb772257a05682d4f101fee3b files/mydns.rc6 903 +RMD160 bb97a7ce94249f9de78e4a5e9164f17339f873c9 files/mydns.rc6 903 +SHA256 36dadbe2c880928a43d33049c02026df47478f79ff97768a6143db6cddc3aba4 files/mydns.rc6 903 DIST mydns-1.1.0.tar.bz2 573261 RMD160 ffd7c5d42d5e004e06562d4fb497cc515f31fed9 SHA1 71979409bf46e38b443ee940a6ecb0e42464bc0b SHA256 ecfcc8bb8fd9f707d2e7af808317cdcc3a4d701375265840944c4e0ff0d66bf6 +EBUILD mydns-1.1.0-r1.ebuild 2209 RMD160 c71fbb129536a041daa46ecbd20f15c7ca572047 SHA1 532fb8efbf11c6fd029788236aae982f16fdefea SHA256 ff5cf5b8e67cfb70ef0aabd46250ef4aaaa19a77ccd012c1eed709f5874b180e +MD5 084d0be871a17286337cc83c7fb13612 mydns-1.1.0-r1.ebuild 2209 +RMD160 c71fbb129536a041daa46ecbd20f15c7ca572047 mydns-1.1.0-r1.ebuild 2209 +SHA256 ff5cf5b8e67cfb70ef0aabd46250ef4aaaa19a77ccd012c1eed709f5874b180e mydns-1.1.0-r1.ebuild 2209 EBUILD mydns-1.1.0.ebuild 2191 RMD160 91985b09c63f08df5dc7695ff227707eb927d738 SHA1 23cfcc9ec089c0bd845f8de041f30d9396e379fc SHA256 f6bc92907fd4996fb586506f672a583151c0ae264b1964b8ed0f73056c4dd35d MD5 34a1fff30ee0cd6a846108f4246367f8 mydns-1.1.0.ebuild 2191 RMD160 91985b09c63f08df5dc7695ff227707eb927d738 mydns-1.1.0.ebuild 2191 SHA256 f6bc92907fd4996fb586506f672a583151c0ae264b1964b8ed0f73056c4dd35d mydns-1.1.0.ebuild 2191 -MISC ChangeLog 3174 RMD160 6ec2dec9087915355824a7663c1c883f03878e0d SHA1 7e171eadb8b64f444782fac1617e9e736954aca0 SHA256 9ef1f9210e8f705425a6d76b5caabf4ef198930ffccc28ed24b9f69deb017dfb -MD5 283e1df16119c62ef4e4674b12ad2624 ChangeLog 3174 -RMD160 6ec2dec9087915355824a7663c1c883f03878e0d ChangeLog 3174 -SHA256 9ef1f9210e8f705425a6d76b5caabf4ef198930ffccc28ed24b9f69deb017dfb ChangeLog 3174 +MISC ChangeLog 3388 RMD160 db39ac171c14c8594cf49f7e6d40f9a2de19b727 SHA1 ed432459cb0c0cbc9ef23b0cf3ac7fdcead11345 SHA256 aa9ed74ecfe787833b1f05df84f8e09da65bdb2aa918f8e4a4b90c6acd132a7b +MD5 fbae18be0bca4ac38a098e7965c816a6 ChangeLog 3388 +RMD160 db39ac171c14c8594cf49f7e6d40f9a2de19b727 ChangeLog 3388 +SHA256 aa9ed74ecfe787833b1f05df84f8e09da65bdb2aa918f8e4a4b90c6acd132a7b ChangeLog 3388 MISC metadata.xml 230 RMD160 c2c6b9cfdee059b4a9f43888bc22075076faaeea SHA1 d2d0d62de04e0e1dcbcea147d244e3d66d027dcc SHA256 3b6b6385f1f2269ace197fd7cda312c69c88d2f68bf4b5132ed58878c4005b53 MD5 c50346bf0fb8b39c521dca42b145f6ee metadata.xml 230 RMD160 c2c6b9cfdee059b4a9f43888bc22075076faaeea metadata.xml 230 @@ -29,10 +34,6 @@ SHA256 3b6b6385f1f2269ace197fd7cda312c69c88d2f68bf4b5132ed58878c4005b53 metadata MD5 c0bb54cd5dd6eb0fda888c69bae747f7 files/digest-mydns-1.1.0 238 RMD160 c7c54247abc0a2305310d0b647dbaca207c648da files/digest-mydns-1.1.0 238 SHA256 1c1ad79de76f36e8711026e88e1e0eb3d237f45f513e158c7dee0765d73a6038 files/digest-mydns-1.1.0 238 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.3 (GNU/Linux) - -iD8DBQFGNOC6V3J2n04EauwRAhE+AJ4nO9JrizXAeilJ6czQ8EM/s5VGfQCeNYOb -UXJ3r4JDk3EmVmC12aoCib4= -=9zdm ------END PGP SIGNATURE----- +MD5 c0bb54cd5dd6eb0fda888c69bae747f7 files/digest-mydns-1.1.0-r1 238 +RMD160 c7c54247abc0a2305310d0b647dbaca207c648da files/digest-mydns-1.1.0-r1 238 +SHA256 1c1ad79de76f36e8711026e88e1e0eb3d237f45f513e158c7dee0765d73a6038 files/digest-mydns-1.1.0-r1 238 diff --git a/net-dns/mydns/files/04-update-smash-fix.dpatch b/net-dns/mydns/files/04-update-smash-fix.dpatch new file mode 100644 index 000000000000..3db6b566f9b7 --- /dev/null +++ b/net-dns/mydns/files/04-update-smash-fix.dpatch @@ -0,0 +1,43 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 04-update-smash-fix.dpatch by Philipp Kern +## +## DP: Prevent attackers to smash the heap on DNS updates and fix a +## DP: stack-based off-by-one overflow. + +@DPATCH@ +diff -urNad mydns-1.1.0~/src/mydns/update.c mydns-1.1.0/src/mydns/update.c +--- mydns-1.1.0~/src/mydns/update.c 2005-12-18 20:16:41.000000000 +0100 ++++ mydns-1.1.0/src/mydns/update.c 2007-04-28 11:14:15.000000000 +0200 +@@ -228,6 +228,9 @@ + DNS_GET16(rr->class, src); + DNS_GET32(rr->ttl, src); + DNS_GET16(rr->rdlength, src); ++ if(rr->rdlength > sizeof rr->rdata) ++ rr->rdlength = sizeof rr->rdata; ++ + memcpy(rr->rdata, src, rr->rdlength); + src += rr->rdlength; + +@@ -328,19 +331,16 @@ + { + int n, x; /* Offset in 'data' */ + +- for (n = 0; src < end && n < datalen; ) ++ for (n = 0; src < end && n < datalen - 1; ) + { + int len = *src++; + + if (n) + data[n++] = ' '; +- for (x = 0; x < len && src < end && n < datalen; x++) ++ for (x = 0; x < len && src < end && n < datalen - 1; x++) + data[n++] = *src++; + if (one_word_only) +- { +- data[n] = '\0'; +- return (src); +- } ++ break; + } + data[n] = '\0'; + return (src); diff --git a/net-dns/mydns/files/digest-mydns-1.1.0-r1 b/net-dns/mydns/files/digest-mydns-1.1.0-r1 new file mode 100644 index 000000000000..e39ccc64c7dd --- /dev/null +++ b/net-dns/mydns/files/digest-mydns-1.1.0-r1 @@ -0,0 +1,3 @@ +MD5 c613a14686f08486d444cee2d68f9c87 mydns-1.1.0.tar.bz2 573261 +RMD160 ffd7c5d42d5e004e06562d4fb497cc515f31fed9 mydns-1.1.0.tar.bz2 573261 +SHA256 ecfcc8bb8fd9f707d2e7af808317cdcc3a4d701375265840944c4e0ff0d66bf6 mydns-1.1.0.tar.bz2 573261 diff --git a/net-dns/mydns/files/mydns.rc6 b/net-dns/mydns/files/mydns.rc6 index f52849b258f4..e79248da31b2 100644 --- a/net-dns/mydns/files/mydns.rc6 +++ b/net-dns/mydns/files/mydns.rc6 @@ -1,11 +1,11 @@ #!/sbin/runscript # Copyright 1999-2004 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-dns/mydns/files/mydns.rc6,v 1.5 2005/01/15 03:31:00 matsuu Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-dns/mydns/files/mydns.rc6,v 1.6 2007/04/30 10:32:09 matsuu Exp $ depend() { - need net __db__ - use logger + need net + use logger __db__ } checkconfig() { diff --git a/net-dns/mydns/mydns-1.1.0-r1.ebuild b/net-dns/mydns/mydns-1.1.0-r1.ebuild new file mode 100644 index 000000000000..2f70d2821f0f --- /dev/null +++ b/net-dns/mydns/mydns-1.1.0-r1.ebuild @@ -0,0 +1,89 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dns/mydns/mydns-1.1.0-r1.ebuild,v 1.1 2007/04/30 10:32:09 matsuu Exp $ + +inherit eutils + +DESCRIPTION="A DNS-Server which gets its data from mysql-databases" +HOMEPAGE="http://mydns.bboy.net/" +SRC_URI="http://mydns.bboy.net/download/${P}.tar.bz2" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~sparc ~x86" +IUSE="debug nls postgres ssl static zlib" + +RDEPEND="virtual/libc + ssl? ( dev-libs/openssl ) + zlib? ( sys-libs/zlib ) + postgres? ( dev-db/postgresql ) + !postgres? ( virtual/mysql )" +DEPEND="${RDEPEND} + sys-devel/bison" + +src_unpack() { + unpack ${A} + + cd "${S}" + epatch "${FILESDIR}"/${P}-m4.patch + epatch "${FILESDIR}"/04-update-smash-fix.dpatch + autoconf || die +} + +src_compile() { + local myconf + + if ! use postgres; then + myconf="${myconf} --with-mysql" + else + myconf="${myconf} --without-mysql --with-pgsql" + fi + + econf --enable-alias \ + `use_enable nls` \ + `use_enable debug` \ + `use_enable static static-build` \ + `use_with ssl openssl` \ + `use_with zlib` \ + ${myconf} || die + + emake || die +} + +src_install() { + make DESTDIR="${D}" install || die + + dodoc AUTHORS BUGS ChangeLog NEWS README TODO + + newinitd "${FILESDIR}"/mydns.rc6 mydns || die + + if ! use postgres; then + sed -i -e 's/__db__/mysql/g' "${D}"/etc/init.d/mydns || die + dodoc QUICKSTART.mysql README.mysql + else + sed -i -e 's/__db__/postgresql/g' "${D}"/etc/init.d/mydns || die + dodoc QUICKSTART.postgres + fi +} + +pkg_postinst() { + einfo + einfo "You should now run these commands:" + einfo + einfo "# /usr/sbin/mydns --dump-config > /etc/mydns.conf" + einfo "# chmod 0600 /etc/mydns.conf" + if ! use postgres; then + einfo "# mysqladmin -u -p create mydns" + einfo "# /usr/sbin/mydns --create-tables | mysql -u -p mydns" + einfo + einfo "to create the tables in the MySQL-Database." + einfo "For more info see QUICKSTART.mysql." + else + einfo "# createdb mydns" + einfo "# /usr/sbin/mydns --create-tables | psql mydns" + einfo + einfo "to create the tables in the PostgreSQL-Database." + einfo "For more info see QUICKSTART.postgres." + fi + einfo +} -- 2.26.2