diff options
author | Peter Volkov <pva@gentoo.org> | 2008-09-15 17:28:02 +0000 |
---|---|---|
committer | Peter Volkov <pva@gentoo.org> | 2008-09-15 17:28:02 +0000 |
commit | 9be55db65842227c4c7c5ddbd01a47cee817dc09 (patch) | |
tree | 59fa947cdad701c5c94401ea4e72581b063467e0 /net-analyzer/honeyd | |
parent | Version bump. Fixes bug #234414 and bug #237222. Can possibly break code buil... (diff) | |
download | historical-9be55db65842227c4c7c5ddbd01a47cee817dc09.tar.gz historical-9be55db65842227c4c7c5ddbd01a47cee817dc09.tar.bz2 historical-9be55db65842227c4c7c5ddbd01a47cee817dc09.zip |
Fix insecure temporary file creation: CVE-2008-3928, bug #237481, thank Robert Buchholz for report.
Package-Manager: portage-2.2_rc8/cvs/Linux 2.6.26-gentoo i686
Diffstat (limited to 'net-analyzer/honeyd')
-rw-r--r-- | net-analyzer/honeyd/ChangeLog | 11 | ||||
-rw-r--r-- | net-analyzer/honeyd/Manifest | 4 | ||||
-rw-r--r-- | net-analyzer/honeyd/files/honeyd-1.5c-CVE-2008-3928.patch | 20 | ||||
-rw-r--r-- | net-analyzer/honeyd/honeyd-1.5c-r1.ebuild | 70 |
4 files changed, 102 insertions, 3 deletions
diff --git a/net-analyzer/honeyd/ChangeLog b/net-analyzer/honeyd/ChangeLog index a670472d5749..79a2f321c5fb 100644 --- a/net-analyzer/honeyd/ChangeLog +++ b/net-analyzer/honeyd/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-analyzer/honeyd -# Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-analyzer/honeyd/ChangeLog,v 1.34 2007/12/13 11:00:46 pva Exp $ +# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/honeyd/ChangeLog,v 1.35 2008/09/15 17:28:01 pva Exp $ + +*honeyd-1.5c-r1 (15 Sep 2008) + + 15 Sep 2008; Peter Volkov <pva@gentoo.org> + +files/honeyd-1.5c-CVE-2008-3928.patch, +honeyd-1.5c-r1.ebuild: + Fix insecure temporary file creation: CVE-2008-3928, bug #237481, thank + Robert Buchholz for report. 13 Dec 2007; <pva@gentoo.org> -honeyd-1.5b.ebuild, honeyd-1.5c.ebuild: Updated dependency: >=libevent-1.2, bug #199905, reported by Luc Stepniewski diff --git a/net-analyzer/honeyd/Manifest b/net-analyzer/honeyd/Manifest index 8159b8ef7452..727a1d79aa89 100644 --- a/net-analyzer/honeyd/Manifest +++ b/net-analyzer/honeyd/Manifest @@ -1,7 +1,9 @@ +AUX honeyd-1.5c-CVE-2008-3928.patch 508 RMD160 e539bd8121a2a871fddb4d14c61001ef49470863 SHA1 15c9aea1ba3b08c71e50919963f1496c12719a05 SHA256 3da54ec0f8cfaf988e4b5f42d2746f1dba412a13fce689f9a3f710d382332b57 AUX honeyd.confd 429 RMD160 6d419ce741687e60a61ecd265455b25d3eaba56a SHA1 b79f1df9c58de60afa41b723a2feeb9a385d65dd SHA256 e7b75f49f37fd4f2d8ad86d81b1924bb179ad220099549f8ecf9d395d4caa890 AUX honeyd.initd 1526 RMD160 c29612d39d26b86e2648158dbe16a2f79ff4253e SHA1 8a7eb9fcc3be3a5a9ff6ebaf9a1d88811527543a SHA256 f64a0b99452688fa3fdc8a4ad6fe4af3d9654fd2620d176701b0980b73f081b5 DIST honeyd-0.7a-beta2.tgz 2027537 RMD160 a1229402ede63753b1256b0ae6dc1db12c0f0993 SHA1 563d0bf89215e53718267fc5c7aca3f0a054651a SHA256 0977ab78d3efb6d8f5d6d8250d362337f7fc0fbb3c5e3632e6c3d2db38fe6fe9 DIST honeyd-1.5c.tar.gz 915465 RMD160 2316c4fb6b74b0ece4429d392c478fcd7516b6a7 SHA1 342cc53e8d23c84ecb91c7b66c6e93e7ed2a992a SHA256 3186d542085b7b4b67d168ee0eb872c2c46dd3e98846a775c9f196e94c80916d +EBUILD honeyd-1.5c-r1.ebuild 2059 RMD160 bd8c7891a22705949abc5d0e002d40f5e8590b74 SHA1 2dddcf2157306851a5aa6e43a461a58e019a2230 SHA256 785e4f624851f1e4a9b1522b9d76b568fe549f48df0b322cdb9a255e28d7589b EBUILD honeyd-1.5c.ebuild 1923 RMD160 a1691ddad5d14c98bbc580d48eeb6341a5faeaf8 SHA1 499a43edce49c040114463e2fdeefca523e92352 SHA256 e03951ddb4141716b2e1dcf01e1614c26489a7fcd1616e96495344b866d7ee0d -MISC ChangeLog 5049 RMD160 c448af6dc1ee03bb4a89d393726ec5defa805a21 SHA1 0baa7fd278fc638fe5da79442b27c940fc6b1062 SHA256 954d64a96c555f8dce898a381380f15f9d21afc41b71c326738d6f8c568769f7 +MISC ChangeLog 5296 RMD160 069f7b0b9513faf505c9e32e113a8a0eedc18cf4 SHA1 d9b21cb317977a049f444c0295c3b8181f8bb415 SHA256 eb0c2ad452a787d20e59adaa2625ed4037b481a78aa26c9e267ef02848353d6d MISC metadata.xml 730 RMD160 591e1fb359c34c84b3f5189bd5cbcddb9c207988 SHA1 b7e97e39702baabeb53d941c5a3d7c33df11778d SHA256 fa5d67ec739119ef24cfb9b33f05c69982087e76bc0724e9704f19edb8dbad26 diff --git a/net-analyzer/honeyd/files/honeyd-1.5c-CVE-2008-3928.patch b/net-analyzer/honeyd/files/honeyd-1.5c-CVE-2008-3928.patch new file mode 100644 index 000000000000..2813fdad1537 --- /dev/null +++ b/net-analyzer/honeyd/files/honeyd-1.5c-CVE-2008-3928.patch @@ -0,0 +1,20 @@ +=== modified file 'scripts/test.sh' +--- scripts/test.sh 2008-09-15 14:25:25 +0000 ++++ scripts/test.sh 2008-09-15 14:26:26 +0000 +@@ -1,8 +1,13 @@ ++#!/bin/sh ++# Test script for Honeyd + DATE=`date` +-echo "$DATE: Started From $1 Port $2" >> /tmp/log ++LOGDIR=/var/log/honeypot/ ++[ ! -e "$LOGDIR" ] && LOGDIR=/tmp ++LOGFILE=$LOGDIR/log_test ++echo "$DATE: Started From $1 Port $2" >> $LOGFILE + echo SSH-1.5-2.40 + while read name + do +- echo "$name" >> /tmp/log ++ echo "$name" >> $LOGFILE + echo "$name" + done + diff --git a/net-analyzer/honeyd/honeyd-1.5c-r1.ebuild b/net-analyzer/honeyd/honeyd-1.5c-r1.ebuild new file mode 100644 index 000000000000..e82c44317731 --- /dev/null +++ b/net-analyzer/honeyd/honeyd-1.5c-r1.ebuild @@ -0,0 +1,70 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-analyzer/honeyd/honeyd-1.5c-r1.ebuild,v 1.1 2008/09/15 17:28:01 pva Exp $ + +inherit eutils + +DESCRIPTION="Honeyd is a small daemon that creates virtual hosts on a network" +HOMEPAGE="http://www.honeyd.org/" +SRC_URI="http://www.citi.umich.edu/u/provos/honeyd/${P}.tar.gz + http://www.tracking-hackers.com/solutions/honeyd/honeyd-0.7a-beta2.tgz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~sparc ~x86" +IUSE="doc" + +DEPEND="net-libs/libpcap + dev-libs/libdnet + >=dev-libs/libevent-1.2 + dev-libs/libdnsres + dev-libs/libpcre + sys-libs/zlib" + +src_unpack() { + unpack ${A} + cd "${S}" + sed -i "s:^CFLAGS = -O2:CFLAGS = ${CFLAGS}:g" Makefile.in || die "sed failed" + epatch "${FILESDIR}"/${P}-CVE-2008-3928.patch +} + +src_compile() { + econf --with-libdnet=/usr + emake || die "emake failed" +} + +src_install() { + emake DESTDIR="${D}" install || die "make install failed" + + dodoc README && rm "${D}"/usr/share/honeyd/README || die "README" + + insinto /etc + newins config.sample honeyd.conf || die "failed to install honeyd.conf" + + newinitd "${FILESDIR}"/${PN}.initd ${PN} || die + newconfd "${FILESDIR}"/${PN}.confd ${PN} || die + + rm "${D}"/usr/bin/honeyd + dosbin honeyd || die "dosbin failed" + + # This adds all the services and example configurations collected + # by Lance Spitzer + + # Install the white-papers if 'doc' USE flags are specified + use doc && dodoc "${WORKDIR}"/honeyd-0.7a-beta2/contrib/* + + cp -R scripts "${D}"/usr/share/honeyd/ + + # Install the example configurations + cd "${WORKDIR}"/honeyd-0.7a-beta2 + dodoc honeyd.conf nmap.prints nmap.assoc pf.os xprobe2.conf + dodoc honeyd.conf.simple honeyd.conf.bloat nmap.prints.new + dodoc xprobe2.conf.new honeyd.conf.networks + + # Install all the example scripts + cp -R scripts "${D}"/usr/share/honeyd/ + find "${D}"/usr/share/honeyd/scripts \ + -type f -name '*.sh' -o -name '*.pl' -exec chmod +x {} \; + + keepdir /var/log/honeypot/ # if removed security #237481 comes back +} |