[Frugalware-git] frugalware-current: net-snmp-5.4.2-1-i686

voroskoi voroskoi at frugalware.org
Sat Oct 4 19:39:52 CEST 2008


Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=53cde2ef19dbb3580a292ec2722428edbd513cdc

commit 53cde2ef19dbb3580a292ec2722428edbd513cdc
Author: voroskoi <voroskoi at frugalware.org>
Date:   Sat Oct 4 19:28:50 2008 +0200

net-snmp-5.4.2-1-i686
version bump
CVE-2008-0960.patch and CVE-2008-2292.patch in upstream

diff --git a/source/network-extra/net-snmp/CVE-2008-0960.patch b/source/network-extra/net-snmp/CVE-2008-0960.patch
deleted file mode 100644
index a3534f5..0000000
--- a/source/network-extra/net-snmp/CVE-2008-0960.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-CVE-2008-0960 net-snmp SNMPv3 authentication bypass (VU#877044)
-
-Source: upstream, https://sourceforge.net/tracker/index.php?func=detail&aid=1989089&group_id=12694&atid=456380
-
-diff -up net-snmp-5.0.9/snmplib/scapi.c.orig net-snmp-5.0.9/snmplib/scapi.c
---- net-snmp-5.0.9/snmplib/scapi.c.orig	2008-06-04 10:19:26.000000000 +0200
-+++ net-snmp-5.0.9/snmplib/scapi.c	2008-06-04 10:20:45.000000000 +0200
-@@ -460,6 +460,9 @@ sc_check_keyed_hash(const oid * authtype
-         QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit);
-     }
-
-+    if (maclen != USM_MD5_AND_SHA_AUTH_LEN) {
-+        QUITFUN(SNMPERR_GENERR, sc_check_keyed_hash_quit);
-+    }
-
-     /*
-      * Generate a full hash of the message, then compare
diff --git a/source/network-extra/net-snmp/CVE-2008-2292.patch b/source/network-extra/net-snmp/CVE-2008-2292.patch
deleted file mode 100644
index 2295f11..0000000
--- a/source/network-extra/net-snmp/CVE-2008-2292.patch
+++ /dev/null
@@ -1,101 +0,0 @@
---- net-snmp/perl/SNMP/SNMP.xs	2007/12/20 16:26:01	16765
-+++ net-snmp/perl/SNMP/SNMP.xs	2007/12/22 19:22:44	16770
-@@ -470,14 +470,16 @@
-            if (flag == USE_ENUMS) {
-               for(ep = tp->enums; ep; ep = ep->next) {
-                  if (ep->value == *var->val.integer) {
--                    strcpy(buf, ep->label);
-+                    strncpy(buf, ep->label, buf_len);
-+                    buf[buf_len-1] = '\0';
-                     len = strlen(buf);
-                     break;
-                  }
-               }
-            }
-            if (!len) {
--              sprintf(buf,"%ld", *var->val.integer);
-+              snprintf(buf, buf_len, "%ld", *var->val.integer);
-+              buf[buf_len-1] = '\0';
-               len = strlen(buf);
-            }
-            break;
-@@ -486,21 +488,25 @@
-         case ASN_COUNTER:
-         case ASN_TIMETICKS:
-         case ASN_UINTEGER:
--           sprintf(buf,"%lu", (unsigned long) *var->val.integer);
-+           snprintf(buf, buf_len, "%lu", (unsigned long) *var->val.integer);
-+           buf[buf_len-1] = '\0';
-            len = strlen(buf);
-            break;
-
-         case ASN_OCTET_STR:
-         case ASN_OPAQUE:
--           memcpy(buf, (char*)var->val.string, var->val_len);
-            len = var->val_len;
-+           if ( len > buf_len )
-+               len = buf_len;
-+           memcpy(buf, (char*)var->val.string, len);
-            break;
-
-         case ASN_IPADDRESS:
--          ip = (u_char*)var->val.string;
--          sprintf(buf, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]);
--          len = strlen(buf);
--          break;
-+           ip = (u_char*)var->val.string;
-+           snprintf(buf, buf_len, "%d.%d.%d.%d", ip[0], ip[1], ip[2], ip[3]);
-+           buf[buf_len-1] = '\0';
-+           len = strlen(buf);
-+           break;
-
-         case ASN_NULL:
-            break;
-@@ -512,14 +518,14 @@
-           break;
-
- 	case SNMP_ENDOFMIBVIEW:
--          sprintf(buf,"%s", "ENDOFMIBVIEW");
--	  break;
-+           snprintf(buf, buf_len, "%s", "ENDOFMIBVIEW");
-+	   break;
- 	case SNMP_NOSUCHOBJECT:
--	  sprintf(buf,"%s", "NOSUCHOBJECT");
--	  break;
-+	   snprintf(buf, buf_len, "%s", "NOSUCHOBJECT");
-+	   break;
- 	case SNMP_NOSUCHINSTANCE:
--	  sprintf(buf,"%s", "NOSUCHINSTANCE");
--	  break;
-+	   snprintf(buf, buf_len, "%s", "NOSUCHINSTANCE");
-+	   break;
-
-         case ASN_COUNTER64:
- #ifdef NETSNMP_WITH_OPAQUE_SPECIAL_TYPES
-@@ -538,19 +544,19 @@
- #endif
-
-         case ASN_BIT_STR:
--            snprint_bitstring(buf, sizeof(buf), var, NULL, NULL, NULL);
-+            snprint_bitstring(buf, buf_len, var, NULL, NULL, NULL);
-             len = strlen(buf);
-             break;
- #ifdef NETSNMP_WITH_OPAQUE_SPECIAL_TYPES
-         case ASN_OPAQUE_FLOAT:
--	  if (var->val.floatVal)
--	    sprintf(buf,"%f", *var->val.floatVal);
--         break;
-+           if (var->val.floatVal)
-+              snprintf(buf, buf_len, "%f", *var->val.floatVal);
-+           break;
-
-         case ASN_OPAQUE_DOUBLE:
--	  if (var->val.doubleVal)
--	    sprintf(buf,"%f", *var->val.doubleVal);
--         break;
-+           if (var->val.doubleVal)
-+              snprintf(buf, buf_len, "%f", *var->val.doubleVal);
-+           break;
- #endif
-
-         case ASN_NSAP:
diff --git a/source/network-extra/net-snmp/FrugalBuild b/source/network-extra/net-snmp/FrugalBuild
index 80f4730..5f269b9 100644
--- a/source/network-extra/net-snmp/FrugalBuild
+++ b/source/network-extra/net-snmp/FrugalBuild
@@ -3,7 +3,7 @@
# Maintainer: voroskoi <voroskoi at frugalware.org>

pkgname=net-snmp
-pkgver=5.4.1.2
+pkgver=5.4.2
pkgrel=1
pkgdesc="A suite of applications used to implement SNMP v1, SNMP v2c and SNMP v3 using both IPv4 and IPv6"
depends=('openssl' 'perl>=5.10.0')
@@ -12,10 +12,8 @@ archs=('i686' 'x86_64')
Finclude sourceforge
url="http://www.net-snmp.org/"
up2date="lynx -dump http://www.net-snmp.org/download.html |grep Supported -A 2 |sed -ne 's/.* \([0-9.]\+\) .*/\1/;$ p'"
-source=(${source[@]} CVE-2008-2292.patch CVE-2008-0960.patch rc.snmpd)
-sha1sums=('aebe7d881f26403abd6b9ef3e69565beb041138d' \
-          '7f7f770fcebdeb8bb19515937895c9c545cc0609' \
-          'bfb79ccb4db8b524655a78739bbf0e5255c1f14a' \
+source=(${source[@]} rc.snmpd)
+sha1sums=('5b69da7d60bbc1092b61992f2d9ccb1051377ec6' \
'df7a817499d12c53e9d2809f68c24fea9d3307b0')

build() {


More information about the Frugalware-git mailing list