summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Volkov <pva@gentoo.org>2008-09-15 17:28:02 +0000
committerPeter Volkov <pva@gentoo.org>2008-09-15 17:28:02 +0000
commit9be55db65842227c4c7c5ddbd01a47cee817dc09 (patch)
tree59fa947cdad701c5c94401ea4e72581b063467e0 /net-analyzer/honeyd
parentVersion bump. Fixes bug #234414 and bug #237222. Can possibly break code buil... (diff)
downloadhistorical-9be55db65842227c4c7c5ddbd01a47cee817dc09.tar.gz
historical-9be55db65842227c4c7c5ddbd01a47cee817dc09.tar.bz2
historical-9be55db65842227c4c7c5ddbd01a47cee817dc09.zip
Fix insecure temporary file creation: CVE-2008-3928, bug #237481, thank Robert Buchholz for report.
Package-Manager: portage-2.2_rc8/cvs/Linux 2.6.26-gentoo i686
Diffstat (limited to 'net-analyzer/honeyd')
-rw-r--r--net-analyzer/honeyd/ChangeLog11
-rw-r--r--net-analyzer/honeyd/Manifest4
-rw-r--r--net-analyzer/honeyd/files/honeyd-1.5c-CVE-2008-3928.patch20
-rw-r--r--net-analyzer/honeyd/honeyd-1.5c-r1.ebuild70
4 files changed, 102 insertions, 3 deletions
diff --git a/net-analyzer/honeyd/ChangeLog b/net-analyzer/honeyd/ChangeLog
index a670472d5749..79a2f321c5fb 100644
--- a/net-analyzer/honeyd/ChangeLog
+++ b/net-analyzer/honeyd/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for net-analyzer/honeyd
-# Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/honeyd/ChangeLog,v 1.34 2007/12/13 11:00:46 pva Exp $
+# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/honeyd/ChangeLog,v 1.35 2008/09/15 17:28:01 pva Exp $
+
+*honeyd-1.5c-r1 (15 Sep 2008)
+
+ 15 Sep 2008; Peter Volkov <pva@gentoo.org>
+ +files/honeyd-1.5c-CVE-2008-3928.patch, +honeyd-1.5c-r1.ebuild:
+ Fix insecure temporary file creation: CVE-2008-3928, bug #237481, thank
+ Robert Buchholz for report.
13 Dec 2007; <pva@gentoo.org> -honeyd-1.5b.ebuild, honeyd-1.5c.ebuild:
Updated dependency: >=libevent-1.2, bug #199905, reported by Luc Stepniewski
diff --git a/net-analyzer/honeyd/Manifest b/net-analyzer/honeyd/Manifest
index 8159b8ef7452..727a1d79aa89 100644
--- a/net-analyzer/honeyd/Manifest
+++ b/net-analyzer/honeyd/Manifest
@@ -1,7 +1,9 @@
+AUX honeyd-1.5c-CVE-2008-3928.patch 508 RMD160 e539bd8121a2a871fddb4d14c61001ef49470863 SHA1 15c9aea1ba3b08c71e50919963f1496c12719a05 SHA256 3da54ec0f8cfaf988e4b5f42d2746f1dba412a13fce689f9a3f710d382332b57
AUX honeyd.confd 429 RMD160 6d419ce741687e60a61ecd265455b25d3eaba56a SHA1 b79f1df9c58de60afa41b723a2feeb9a385d65dd SHA256 e7b75f49f37fd4f2d8ad86d81b1924bb179ad220099549f8ecf9d395d4caa890
AUX honeyd.initd 1526 RMD160 c29612d39d26b86e2648158dbe16a2f79ff4253e SHA1 8a7eb9fcc3be3a5a9ff6ebaf9a1d88811527543a SHA256 f64a0b99452688fa3fdc8a4ad6fe4af3d9654fd2620d176701b0980b73f081b5
DIST honeyd-0.7a-beta2.tgz 2027537 RMD160 a1229402ede63753b1256b0ae6dc1db12c0f0993 SHA1 563d0bf89215e53718267fc5c7aca3f0a054651a SHA256 0977ab78d3efb6d8f5d6d8250d362337f7fc0fbb3c5e3632e6c3d2db38fe6fe9
DIST honeyd-1.5c.tar.gz 915465 RMD160 2316c4fb6b74b0ece4429d392c478fcd7516b6a7 SHA1 342cc53e8d23c84ecb91c7b66c6e93e7ed2a992a SHA256 3186d542085b7b4b67d168ee0eb872c2c46dd3e98846a775c9f196e94c80916d
+EBUILD honeyd-1.5c-r1.ebuild 2059 RMD160 bd8c7891a22705949abc5d0e002d40f5e8590b74 SHA1 2dddcf2157306851a5aa6e43a461a58e019a2230 SHA256 785e4f624851f1e4a9b1522b9d76b568fe549f48df0b322cdb9a255e28d7589b
EBUILD honeyd-1.5c.ebuild 1923 RMD160 a1691ddad5d14c98bbc580d48eeb6341a5faeaf8 SHA1 499a43edce49c040114463e2fdeefca523e92352 SHA256 e03951ddb4141716b2e1dcf01e1614c26489a7fcd1616e96495344b866d7ee0d
-MISC ChangeLog 5049 RMD160 c448af6dc1ee03bb4a89d393726ec5defa805a21 SHA1 0baa7fd278fc638fe5da79442b27c940fc6b1062 SHA256 954d64a96c555f8dce898a381380f15f9d21afc41b71c326738d6f8c568769f7
+MISC ChangeLog 5296 RMD160 069f7b0b9513faf505c9e32e113a8a0eedc18cf4 SHA1 d9b21cb317977a049f444c0295c3b8181f8bb415 SHA256 eb0c2ad452a787d20e59adaa2625ed4037b481a78aa26c9e267ef02848353d6d
MISC metadata.xml 730 RMD160 591e1fb359c34c84b3f5189bd5cbcddb9c207988 SHA1 b7e97e39702baabeb53d941c5a3d7c33df11778d SHA256 fa5d67ec739119ef24cfb9b33f05c69982087e76bc0724e9704f19edb8dbad26
diff --git a/net-analyzer/honeyd/files/honeyd-1.5c-CVE-2008-3928.patch b/net-analyzer/honeyd/files/honeyd-1.5c-CVE-2008-3928.patch
new file mode 100644
index 000000000000..2813fdad1537
--- /dev/null
+++ b/net-analyzer/honeyd/files/honeyd-1.5c-CVE-2008-3928.patch
@@ -0,0 +1,20 @@
+=== modified file 'scripts/test.sh'
+--- scripts/test.sh 2008-09-15 14:25:25 +0000
++++ scripts/test.sh 2008-09-15 14:26:26 +0000
+@@ -1,8 +1,13 @@
++#!/bin/sh
++# Test script for Honeyd
+ DATE=`date`
+-echo "$DATE: Started From $1 Port $2" >> /tmp/log
++LOGDIR=/var/log/honeypot/
++[ ! -e "$LOGDIR" ] && LOGDIR=/tmp
++LOGFILE=$LOGDIR/log_test
++echo "$DATE: Started From $1 Port $2" >> $LOGFILE
+ echo SSH-1.5-2.40
+ while read name
+ do
+- echo "$name" >> /tmp/log
++ echo "$name" >> $LOGFILE
+ echo "$name"
+ done
+
diff --git a/net-analyzer/honeyd/honeyd-1.5c-r1.ebuild b/net-analyzer/honeyd/honeyd-1.5c-r1.ebuild
new file mode 100644
index 000000000000..e82c44317731
--- /dev/null
+++ b/net-analyzer/honeyd/honeyd-1.5c-r1.ebuild
@@ -0,0 +1,70 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/honeyd/honeyd-1.5c-r1.ebuild,v 1.1 2008/09/15 17:28:01 pva Exp $
+
+inherit eutils
+
+DESCRIPTION="Honeyd is a small daemon that creates virtual hosts on a network"
+HOMEPAGE="http://www.honeyd.org/"
+SRC_URI="http://www.citi.umich.edu/u/provos/honeyd/${P}.tar.gz
+ http://www.tracking-hackers.com/solutions/honeyd/honeyd-0.7a-beta2.tgz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~sparc ~x86"
+IUSE="doc"
+
+DEPEND="net-libs/libpcap
+ dev-libs/libdnet
+ >=dev-libs/libevent-1.2
+ dev-libs/libdnsres
+ dev-libs/libpcre
+ sys-libs/zlib"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+ sed -i "s:^CFLAGS = -O2:CFLAGS = ${CFLAGS}:g" Makefile.in || die "sed failed"
+ epatch "${FILESDIR}"/${P}-CVE-2008-3928.patch
+}
+
+src_compile() {
+ econf --with-libdnet=/usr
+ emake || die "emake failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "make install failed"
+
+ dodoc README && rm "${D}"/usr/share/honeyd/README || die "README"
+
+ insinto /etc
+ newins config.sample honeyd.conf || die "failed to install honeyd.conf"
+
+ newinitd "${FILESDIR}"/${PN}.initd ${PN} || die
+ newconfd "${FILESDIR}"/${PN}.confd ${PN} || die
+
+ rm "${D}"/usr/bin/honeyd
+ dosbin honeyd || die "dosbin failed"
+
+ # This adds all the services and example configurations collected
+ # by Lance Spitzer
+
+ # Install the white-papers if 'doc' USE flags are specified
+ use doc && dodoc "${WORKDIR}"/honeyd-0.7a-beta2/contrib/*
+
+ cp -R scripts "${D}"/usr/share/honeyd/
+
+ # Install the example configurations
+ cd "${WORKDIR}"/honeyd-0.7a-beta2
+ dodoc honeyd.conf nmap.prints nmap.assoc pf.os xprobe2.conf
+ dodoc honeyd.conf.simple honeyd.conf.bloat nmap.prints.new
+ dodoc xprobe2.conf.new honeyd.conf.networks
+
+ # Install all the example scripts
+ cp -R scripts "${D}"/usr/share/honeyd/
+ find "${D}"/usr/share/honeyd/scripts \
+ -type f -name '*.sh' -o -name '*.pl' -exec chmod +x {} \;
+
+ keepdir /var/log/honeypot/ # if removed security #237481 comes back
+}