Path to this page:
Next | Query returned 1 messages, browsing 1 to 10 | previous
CVS Commit History:
2014-09-19 13:30:10 by Matthias Scheler | Files touched by this commit (5) | |
Log message:
Pullup ticket #4494 - requested by rodent
net/socat: security update
Revisions pulled up:
- net/socat/Makefile 1.32
- net/socat/distinfo 1.20
- net/socat/patches/patch-aa deleted
- net/socat/patches/patch-configure 1.2
- net/socat/patches/patch-mytypes.h 1.2
---
Module Name: pkgsrc
Committed By: rodent
Date: Sun Sep 7 23:24:56 UTC 2014
Modified Files:
pkgsrc/net/socat: Makefile distinfo
pkgsrc/net/socat/patches: patch-configure patch-mytypes.h
Removed Files:
pkgsrc/net/socat/patches: patch-aa
Log message:
Update to latest stable, 1.7.2.4, which is supposed to resolve CVE-2014-0019.
patches/patch-aa seems to have been committed upstream. Passing readline
location to configure and fixing CCOPTS in Makefile.in seems to not be
necessary anymore. From CHANGES:
####################### V 1.7.2.4:
corrections:
LISTEN based addresses applied some address options, e.g. so-keepalive,
to the listening file descriptor instead of the connected file
descriptor
make failed after configure with non gcc compiler due to missing
include.
configure checked for --disable-rawsocket but printed
--disable-genericsocket in the help text.
In xioshutdown() a wrong branch was chosen after RECVFROM type addresses.
Probably no impact.
procan could not cleanly format ulimit values longer than 16 decimal
digits. Thanks to Frank Dana for providing a patch that increases field
width to 24 digits.
OPENSSL-CONNECT with bind option failed on some systems, eg.FreeBSD, with
"Invalid argument"
Changed some variable definitions to make gcc -O2 aliasing checker happy
On big endian platforms with type long >32bit the range option applied a
bad base address.
Red Hat issue 1022070: missing length check in xiolog_ancillary_socket()
Red Hat issue 1022063: out-of-range shifts on net mask bits
Red Hat issue 1022062: strcpy misuse in xiosetsockaddrenv_ip4()
Red Hat issue 1022048: strncpy hardening: corrected suspicious strncpy()
uses
Red Hat issue 1021958: fixed a bug with faulty buffer/data length
calculation in xio-ascii.c:_xiodump()
Red Hat issue 1021972: fixed a missing NUL termination in return string
of sysutils.c:sockaddr_info() for the AF_UNIX case
fixed some typos and minor issues, including:
Red Hat issue 1021967: formatting error in manual page
UNIX-LISTEN with fork option did not remove the socket file system entry
when exiting. Other file system based passive address types had similar
issues or failed to apply options umask, user e.a.
porting:
Red Hat issue 1020203: configure checks fail with some compilers.
Use case: clang
Performed changes for Fedora release 19
Adapted, improved test.sh script
Red Hat issue 1021429: getgroupent fails with large number of groups;
use getgrouplist() when available instead of sequence of calls to
getgrent()
Red Hat issue 1021948: snprintf API change;
Implemented xio_snprintf() function as wrapper that tries to emulate C99
behaviour on old glibc systems, and adapted all affected calls
appropriately
Mike Frysinger provided a patch that supports long long for time_t,
socklen_t and a few other libc types.
Artem Mygaiev extended Cedril Priscals Android build script with pty code
The check for fips.h required stddef.h
Check for linux/errqueue.h failed on some systems due to lack of
linux/types.h inclusion.
autoconf now prefers configure.ac over configure.in
type of struct cmsghdr.cmsg is system dependend, determine it with
configure; some more print format corrections
docu:
libwrap always logs to syslog
added actual text version of GPLv2
####################### V 1.7.2.3:
security:
CVE-2014-0019: socats PROXY-CONNECT address was vulnerable to a buffer
overflow with data from command line (see socat-secadv5.txt)
|
Next | Query returned 1 messages, browsing 1 to 10 | previous