Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-p2p
diff options
context:
space:
mode:
authorSantiago M. Mola <coldwind@gentoo.org>2008-06-29 22:52:02 +0000
committerSantiago M. Mola <coldwind@gentoo.org>2008-06-29 22:52:02 +0000
commit7f82fcfd78ff1cf0583d2563e2edce7fc5d19830 (patch)
tree834aa951597bfd7f20764fb7c1a9e775e2e986af /net-p2p
parentadd patches from bugs #229719, #229723, #216391 (diff)
downloadgentoo-2-7f82fcfd78ff1cf0583d2563e2edce7fc5d19830.tar.gz
gentoo-2-7f82fcfd78ff1cf0583d2563e2edce7fc5d19830.tar.bz2
gentoo-2-7f82fcfd78ff1cf0583d2563e2edce7fc5d19830.zip
Security fix, second round.
(Portage version: 2.2_rc1/cvs/Linux 2.6.25-gentoo-r3 x86_64)
Diffstat (limited to 'net-p2p')
-rw-r--r--net-p2p/linuxdcpp/ChangeLog9
-rw-r--r--net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch18
-rw-r--r--net-p2p/linuxdcpp/linuxdcpp-1.0.1-r2.ebuild (renamed from net-p2p/linuxdcpp/linuxdcpp-1.0.1-r1.ebuild)2
3 files changed, 27 insertions, 2 deletions
diff --git a/net-p2p/linuxdcpp/ChangeLog b/net-p2p/linuxdcpp/ChangeLog
index d9c59b09af51..2378af9c439b 100644
--- a/net-p2p/linuxdcpp/ChangeLog
+++ b/net-p2p/linuxdcpp/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for net-p2p/linuxdcpp
# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-p2p/linuxdcpp/ChangeLog,v 1.26 2008/06/29 18:46:01 coldwind Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-p2p/linuxdcpp/ChangeLog,v 1.27 2008/06/29 22:52:01 coldwind Exp $
+
+*linuxdcpp-1.0.1-r2 (29 Jun 2008)
+
+ 29 Jun 2008; Santiago M. Mola <coldwind@gentoo.org>
+ files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch,
+ -linuxdcpp-1.0.1-r1.ebuild, +linuxdcpp-1.0.1-r2.ebuild:
+ Security fix, second round.
*linuxdcpp-1.0.1-r1 (29 Jun 2008)
diff --git a/net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch b/net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch
index 91f164a37d18..ab2346678a38 100644
--- a/net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch
+++ b/net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch
@@ -13,3 +13,21 @@ Security bug, fixed upstream.
for(ShareManager::Directory::MapIter it2 = it->second->directories.begin(); it2 != it->second->directories.end(); ++it2) {
it2->second->toXml(sos, indent, tmp, recurse);
}
+--- client/NmdcHub.cpp 4 Aug 2007 21:17:21 -0000 1.14
++++ client/NmdcHub.cpp 29 Jun 2008 15:42:27 -0000 1.15
+@@ -693,10 +693,14 @@
+ if(fromNick.empty())
+ return;
+
++ if(param.size() < j + 2) {
++ return;
++ }
++ string msg = param.substr(j + 2);
++
+ OnlineUser* replyTo = findUser(rtNick);
+ OnlineUser* from = findUser(fromNick);
+
+- string msg = param.substr(j + 2);
+ if(replyTo == NULL || from == NULL) {
+ if(replyTo == 0) {
+ // Assume it's from the hub
diff --git a/net-p2p/linuxdcpp/linuxdcpp-1.0.1-r1.ebuild b/net-p2p/linuxdcpp/linuxdcpp-1.0.1-r2.ebuild
index 704601f69773..88be874a9bc5 100644
--- a/net-p2p/linuxdcpp/linuxdcpp-1.0.1-r1.ebuild
+++ b/net-p2p/linuxdcpp/linuxdcpp-1.0.1-r2.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2008 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-p2p/linuxdcpp/linuxdcpp-1.0.1-r1.ebuild,v 1.1 2008/06/29 18:46:01 coldwind Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-p2p/linuxdcpp/linuxdcpp-1.0.1-r2.ebuild,v 1.1 2008/06/29 22:52:01 coldwind Exp $
inherit eutils