Navigation:
Browse pkgsrc
(this page)
net socat
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2014-09-19 13:30:10 by Matthias Scheler | Files touched by this commit (5) |  |
Log message: Pullup ticket #4494 - requested by rodent net/socat: security update Revisions pulled up: - net/socat/Makefile 1.32 - net/socat/distinfo 1.20 - net/socat/patches/patch-aa deleted - net/socat/patches/patch-configure 1.2 - net/socat/patches/patch-mytypes.h 1.2 --- Module Name: pkgsrc Committed By: rodent Date: Sun Sep 7 23:24:56 UTC 2014 Modified Files: pkgsrc/net/socat: Makefile distinfo pkgsrc/net/socat/patches: patch-configure patch-mytypes.h Removed Files: pkgsrc/net/socat/patches: patch-aa Log message: Update to latest stable, 1.7.2.4, which is supposed to resolve CVE-2014-0019. patches/patch-aa seems to have been committed upstream. Passing readline location to configure and fixing CCOPTS in Makefile.in seems to not be necessary anymore. From CHANGES: ####################### V 1.7.2.4: corrections: LISTEN based addresses applied some address options, e.g. so-keepalive, to the listening file descriptor instead of the connected file descriptor make failed after configure with non gcc compiler due to missing include. configure checked for --disable-rawsocket but printed --disable-genericsocket in the help text. In xioshutdown() a wrong branch was chosen after RECVFROM type addresses. Probably no impact. procan could not cleanly format ulimit values longer than 16 decimal digits. Thanks to Frank Dana for providing a patch that increases field width to 24 digits. OPENSSL-CONNECT with bind option failed on some systems, eg.FreeBSD, with "Invalid argument" Changed some variable definitions to make gcc -O2 aliasing checker happy On big endian platforms with type long >32bit the range option applied a bad base address. Red Hat issue 1022070: missing length check in xiolog_ancillary_socket() Red Hat issue 1022063: out-of-range shifts on net mask bits Red Hat issue 1022062: strcpy misuse in xiosetsockaddrenv_ip4() Red Hat issue 1022048: strncpy hardening: corrected suspicious strncpy() uses Red Hat issue 1021958: fixed a bug with faulty buffer/data length calculation in xio-ascii.c:_xiodump() Red Hat issue 1021972: fixed a missing NUL termination in return string of sysutils.c:sockaddr_info() for the AF_UNIX case fixed some typos and minor issues, including: Red Hat issue 1021967: formatting error in manual page UNIX-LISTEN with fork option did not remove the socket file system entry when exiting. Other file system based passive address types had similar issues or failed to apply options umask, user e.a. porting: Red Hat issue 1020203: configure checks fail with some compilers. Use case: clang Performed changes for Fedora release 19 Adapted, improved test.sh script Red Hat issue 1021429: getgroupent fails with large number of groups; use getgrouplist() when available instead of sequence of calls to getgrent() Red Hat issue 1021948: snprintf API change; Implemented xio_snprintf() function as wrapper that tries to emulate C99 behaviour on old glibc systems, and adapted all affected calls appropriately Mike Frysinger provided a patch that supports long long for time_t, socklen_t and a few other libc types. Artem Mygaiev extended Cedril Priscals Android build script with pty code The check for fips.h required stddef.h Check for linux/errqueue.h failed on some systems due to lack of linux/types.h inclusion. autoconf now prefers configure.ac over configure.in type of struct cmsghdr.cmsg is system dependend, determine it with configure; some more print format corrections docu: libwrap always logs to syslog added actual text version of GPLv2 ####################### V 1.7.2.3: security: CVE-2014-0019: socats PROXY-CONNECT address was vulnerable to a buffer overflow with data from command line (see socat-secadv5.txt) |
New packages: