Subject: CVS commit: pkgsrc/net/socat
From: Leonardo Taccari
Date: 2016-02-02 17:08:01
Message id: 20160202160801.CE4ABFBB7@cvs.NetBSD.org

Log Message:
Update net/socat to 1.7.3.1.

Changes:
####################### V 1.7.3.1:
security:
  Socat security advisory 8
  A stack overflow in vulnerability was found that can be triggered when
  command line arguments (complete address specifications, host names,
  file names) are longer than 512 bytes.
  Successful exploitation might allow an attacker to execute arbitrary
  code with the privileges of the socat process.
  This vulnerability can only be exploited when an attacker is able to
  inject data into socat's command line.
  A vulnerable scenario would be a CGI script that reads data from clients
  and uses (parts of) this data as hostname for a Socat invocation.
  Test: NESTEDOVFL
  Credits to Takumi Akiyama for finding and reporting this issue.

  Socat security advisory 7
  MSVR-1499
  In the OpenSSL address implementation the hard coded 1024 bit DH p
  parameter was not prime. The effective cryptographic strength of a key
  exchange using these parameters was weaker than the one one could get by
  using a prime p. Moreover, since there is no indication of how these
  parameters were chosen, the existence of a trapdoor that makes possible
  for an eavesdropper to recover the shared secret from a key exchange
  that uses them cannot be ruled out.
  Futhermore, 1024bit is not considered sufficiently secure.
  Fix: generated a new 2048bit prime.
  Thanks to Santiago Zanella-Beguelin and Microsoft Vulnerability
  Research (MSVR) for finding and reporting this issue.

Files:
RevisionActionfile
1.36modifypkgsrc/net/socat/Makefile
1.23modifypkgsrc/net/socat/distinfo