Applying security patch from bug #135112

Package-Manager: portage-2.1_rc1-r3
author: Markus Ullmann <jokey@gentoo.org> 2006-06-01 20:04:03 +0000
committer: Markus Ullmann <jokey@gentoo.org> 2006-06-01 20:04:03 +0000
commit: ae37d647c56d97c70826d2638cc728388457dbc5 (patch)
tree: 0ebb1939f58c3135e309156b08f1b51ca959263b /net-analyzer/snort
parent: Stable on sparc wrt security #134168 (diff)
download: historical-ae37d647c56d97c70826d2638cc728388457dbc5.tar.gz
historical-ae37d647c56d97c70826d2638cc728388457dbc5.tar.bz2
historical-ae37d647c56d97c70826d2638cc728388457dbc5.zip
8 files changed, 229 insertions, 6 deletions
diff --git a/net-analyzer/snort/files/digest-snort-2.3.3 b/net-analyzer/snort/files/digest-snort-2.3.3
index cccac06e5bf5..c467f6d9427c 100644
--- a/net-analyzer/snort/files/digest-snort-2.3.3
+++ b/net-analyzer/snort/files/digest-snort-2.3.3
@@ -1,4 +1,6 @@
+MD5 681fa7e99aa674c0e2be4788ef503d69 sguil-sensor-0.5.3.tar.gz 89816
 MD5 06bf140893e7cb120aaa9372d10a0100 snort-2.3.3.tar.gz 2631270
-MD5 2eeef1a7a040d67c3afaf9d749905e47 snortsam-20050110.tar.gz 29395
+RMD160 6bb635df1c62d293d8dd4b2fec55cfa486916908 snort-2.3.3.tar.gz 2631270
+SHA256 25b25b4c4028288945b968173d692ae2b72d811aaeea3715ae6a77945d9af2e9 snort-2.3.3.tar.gz 2631270
 MD5 323ab2956a59de113aa13099917f0d3a snort-prelude-reporting-patch-0.3.6.tar.gz 21964
-MD5 681fa7e99aa674c0e2be4788ef503d69 sguil-sensor-0.5.3.tar.gz 89816
+MD5 2eeef1a7a040d67c3afaf9d749905e47 snortsam-20050110.tar.gz 29395
diff --git a/net-analyzer/snort/files/digest-snort-2.3.3-r1 b/net-analyzer/snort/files/digest-snort-2.3.3-r1
index a7fbb2e623e4..dadadad25eea 100644
--- a/net-analyzer/snort/files/digest-snort-2.3.3-r1
+++ b/net-analyzer/snort/files/digest-snort-2.3.3-r1
@@ -1,4 +1,6 @@
+MD5 681fa7e99aa674c0e2be4788ef503d69 sguil-sensor-0.5.3.tar.gz 89816
+MD5 ad562cd6fdfab3049608144d9ba2d480 snort-2.3.3-prelude-0.9.0_rc1.diff.bz2 331076
 MD5 06bf140893e7cb120aaa9372d10a0100 snort-2.3.3.tar.gz 2631270
+RMD160 6bb635df1c62d293d8dd4b2fec55cfa486916908 snort-2.3.3.tar.gz 2631270
+SHA256 25b25b4c4028288945b968173d692ae2b72d811aaeea3715ae6a77945d9af2e9 snort-2.3.3.tar.gz 2631270
 MD5 2eeef1a7a040d67c3afaf9d749905e47 snortsam-20050110.tar.gz 29395
-MD5 ad562cd6fdfab3049608144d9ba2d480 snort-2.3.3-prelude-0.9.0_rc1.diff.bz2 331076
-MD5 681fa7e99aa674c0e2be4788ef503d69 sguil-sensor-0.5.3.tar.gz 89816
diff --git a/net-analyzer/snort/files/digest-snort-2.4.3 b/net-analyzer/snort/files/digest-snort-2.4.3
index 4f2e79d845e9..eee1d975629b 100644
--- a/net-analyzer/snort/files/digest-snort-2.4.3
+++ b/net-analyzer/snort/files/digest-snort-2.4.3
@@ -1,4 +1,10 @@
-MD5 5c3c8c69f2459bbe0c1f2057966c88a7 snort-2.4.3.tar.gz 2733590
-MD5 316f28cf52efeddfd899552f3b26cd8d snort-2.4.0-genpatches.tar.bz2 6475
 MD5 39d8250f47a33aaec4712e29c0dcd1d0 Community-Rules.tar.gz 11678
+RMD160 a65b656e4dbf29f1c807622e865e945f509fe0c5 Community-Rules.tar.gz 11678
+SHA256 fd37a897455dcb4bace1f7f0af11747b5360e0e3896cd0b9649e5d19281bb2cf Community-Rules.tar.gz 11678
+MD5 316f28cf52efeddfd899552f3b26cd8d snort-2.4.0-genpatches.tar.bz2 6475
+RMD160 9ea99c71892a2cbf409ead3514ae792210bdf3d0 snort-2.4.0-genpatches.tar.bz2 6475
+SHA256 8bf51a47b2a0db9ccad83a27105994befd9be381b41aeb02561882308f4c6dff snort-2.4.0-genpatches.tar.bz2 6475
+MD5 5c3c8c69f2459bbe0c1f2057966c88a7 snort-2.4.3.tar.gz 2733590
+RMD160 1cba0a9d843da1cfa8c8dbaae5b18a16574cb7d2 snort-2.4.3.tar.gz 2733590
+SHA256 4f3aa911234a9fc4beb5ba9b0fe88f1e3af0fcbfe84d4448415f049b9791bc65 snort-2.4.3.tar.gz 2733590
 MD5 2eeef1a7a040d67c3afaf9d749905e47 snortsam-20050110.tar.gz 29395
diff --git a/net-analyzer/snort/files/digest-snort-2.4.3-r1 b/net-analyzer/snort/files/digest-snort-2.4.3-r1
index 64958381beae..fc157c14bd87 100644
--- a/net-analyzer/snort/files/digest-snort-2.4.3-r1
+++ b/net-analyzer/snort/files/digest-snort-2.4.3-r1
@@ -1,5 +1,13 @@
 MD5 39d8250f47a33aaec4712e29c0dcd1d0 Community-Rules.tar.gz 11678
+RMD160 a65b656e4dbf29f1c807622e865e945f509fe0c5 Community-Rules.tar.gz 11678
+SHA256 fd37a897455dcb4bace1f7f0af11747b5360e0e3896cd0b9649e5d19281bb2cf Community-Rules.tar.gz 11678
 MD5 316f28cf52efeddfd899552f3b26cd8d snort-2.4.0-genpatches.tar.bz2 6475
+RMD160 9ea99c71892a2cbf409ead3514ae792210bdf3d0 snort-2.4.0-genpatches.tar.bz2 6475
+SHA256 8bf51a47b2a0db9ccad83a27105994befd9be381b41aeb02561882308f4c6dff snort-2.4.0-genpatches.tar.bz2 6475
 MD5 5c3c8c69f2459bbe0c1f2057966c88a7 snort-2.4.3.tar.gz 2733590
+RMD160 1cba0a9d843da1cfa8c8dbaae5b18a16574cb7d2 snort-2.4.3.tar.gz 2733590
+SHA256 4f3aa911234a9fc4beb5ba9b0fe88f1e3af0fcbfe84d4448415f049b9791bc65 snort-2.4.3.tar.gz 2733590
 MD5 35d9a2486f8c0280bb493aa03c011927 snortrules-pr-2.4.tar.gz 789097
+RMD160 dd2179b3ce8a55699d2e1b857426e5489191a121 snortrules-pr-2.4.tar.gz 789097
+SHA256 19d2545a2a150dff8b4dbcbd0def389b6865c4c70f5084172d08a7b151e1a504 snortrules-pr-2.4.tar.gz 789097
 MD5 2eeef1a7a040d67c3afaf9d749905e47 snortsam-20050110.tar.gz 29395
diff --git a/net-analyzer/snort/files/digest-snort-2.4.3-r2 b/net-analyzer/snort/files/digest-snort-2.4.3-r2
index 64958381beae..fc157c14bd87 100644
--- a/net-analyzer/snort/files/digest-snort-2.4.3-r2
+++ b/net-analyzer/snort/files/digest-snort-2.4.3-r2
@@ -1,5 +1,13 @@
 MD5 39d8250f47a33aaec4712e29c0dcd1d0 Community-Rules.tar.gz 11678
+RMD160 a65b656e4dbf29f1c807622e865e945f509fe0c5 Community-Rules.tar.gz 11678
+SHA256 fd37a897455dcb4bace1f7f0af11747b5360e0e3896cd0b9649e5d19281bb2cf Community-Rules.tar.gz 11678
 MD5 316f28cf52efeddfd899552f3b26cd8d snort-2.4.0-genpatches.tar.bz2 6475
+RMD160 9ea99c71892a2cbf409ead3514ae792210bdf3d0 snort-2.4.0-genpatches.tar.bz2 6475
+SHA256 8bf51a47b2a0db9ccad83a27105994befd9be381b41aeb02561882308f4c6dff snort-2.4.0-genpatches.tar.bz2 6475
 MD5 5c3c8c69f2459bbe0c1f2057966c88a7 snort-2.4.3.tar.gz 2733590
+RMD160 1cba0a9d843da1cfa8c8dbaae5b18a16574cb7d2 snort-2.4.3.tar.gz 2733590
+SHA256 4f3aa911234a9fc4beb5ba9b0fe88f1e3af0fcbfe84d4448415f049b9791bc65 snort-2.4.3.tar.gz 2733590
 MD5 35d9a2486f8c0280bb493aa03c011927 snortrules-pr-2.4.tar.gz 789097
+RMD160 dd2179b3ce8a55699d2e1b857426e5489191a121 snortrules-pr-2.4.tar.gz 789097
+SHA256 19d2545a2a150dff8b4dbcbd0def389b6865c4c70f5084172d08a7b151e1a504 snortrules-pr-2.4.tar.gz 789097
 MD5 2eeef1a7a040d67c3afaf9d749905e47 snortsam-20050110.tar.gz 29395
diff --git a/net-analyzer/snort/files/digest-snort-2.4.4 b/net-analyzer/snort/files/digest-snort-2.4.4
index 95e7f46cff7c..e44f0aa9aec6 100644
--- a/net-analyzer/snort/files/digest-snort-2.4.4
+++ b/net-analyzer/snort/files/digest-snort-2.4.4
@@ -1,5 +1,13 @@
 MD5 39d8250f47a33aaec4712e29c0dcd1d0 Community-Rules.tar.gz 11678
+RMD160 a65b656e4dbf29f1c807622e865e945f509fe0c5 Community-Rules.tar.gz 11678
+SHA256 fd37a897455dcb4bace1f7f0af11747b5360e0e3896cd0b9649e5d19281bb2cf Community-Rules.tar.gz 11678
 MD5 316f28cf52efeddfd899552f3b26cd8d snort-2.4.0-genpatches.tar.bz2 6475
+RMD160 9ea99c71892a2cbf409ead3514ae792210bdf3d0 snort-2.4.0-genpatches.tar.bz2 6475
+SHA256 8bf51a47b2a0db9ccad83a27105994befd9be381b41aeb02561882308f4c6dff snort-2.4.0-genpatches.tar.bz2 6475
 MD5 9dc9060d1f2e248663eceffadfc45e7e snort-2.4.4.tar.gz 2825187
+RMD160 5c0ff9aafdb083438cb10e82bdcdba43f806f86e snort-2.4.4.tar.gz 2825187
+SHA256 b9f3e21467a5f6dd827ddb80dc9ac29ea272e4a5633a6a8a583f523a219e00e9 snort-2.4.4.tar.gz 2825187
 MD5 35d9a2486f8c0280bb493aa03c011927 snortrules-pr-2.4.tar.gz 789097
+RMD160 dd2179b3ce8a55699d2e1b857426e5489191a121 snortrules-pr-2.4.tar.gz 789097
+SHA256 19d2545a2a150dff8b4dbcbd0def389b6865c4c70f5084172d08a7b151e1a504 snortrules-pr-2.4.tar.gz 789097
 MD5 2eeef1a7a040d67c3afaf9d749905e47 snortsam-20050110.tar.gz 29395
diff --git a/net-analyzer/snort/files/digest-snort-2.4.4-r1 b/net-analyzer/snort/files/digest-snort-2.4.4-r1
new file mode 100644
index 000000000000..e44f0aa9aec6
--- /dev/null
+++ b/net-analyzer/snort/files/digest-snort-2.4.4-r1
@@ -0,0 +1,13 @@
+MD5 39d8250f47a33aaec4712e29c0dcd1d0 Community-Rules.tar.gz 11678
+RMD160 a65b656e4dbf29f1c807622e865e945f509fe0c5 Community-Rules.tar.gz 11678
+SHA256 fd37a897455dcb4bace1f7f0af11747b5360e0e3896cd0b9649e5d19281bb2cf Community-Rules.tar.gz 11678
+MD5 316f28cf52efeddfd899552f3b26cd8d snort-2.4.0-genpatches.tar.bz2 6475
+RMD160 9ea99c71892a2cbf409ead3514ae792210bdf3d0 snort-2.4.0-genpatches.tar.bz2 6475
+SHA256 8bf51a47b2a0db9ccad83a27105994befd9be381b41aeb02561882308f4c6dff snort-2.4.0-genpatches.tar.bz2 6475
+MD5 9dc9060d1f2e248663eceffadfc45e7e snort-2.4.4.tar.gz 2825187
+RMD160 5c0ff9aafdb083438cb10e82bdcdba43f806f86e snort-2.4.4.tar.gz 2825187
+SHA256 b9f3e21467a5f6dd827ddb80dc9ac29ea272e4a5633a6a8a583f523a219e00e9 snort-2.4.4.tar.gz 2825187
+MD5 35d9a2486f8c0280bb493aa03c011927 snortrules-pr-2.4.tar.gz 789097
+RMD160 dd2179b3ce8a55699d2e1b857426e5489191a121 snortrules-pr-2.4.tar.gz 789097
+SHA256 19d2545a2a150dff8b4dbcbd0def389b6865c4c70f5084172d08a7b151e1a504 snortrules-pr-2.4.tar.gz 789097
+MD5 2eeef1a7a040d67c3afaf9d749905e47 snortsam-20050110.tar.gz 29395
diff --git a/net-analyzer/snort/files/snort-2.4.4-demarc-patch.diff b/net-analyzer/snort/files/snort-2.4.4-demarc-patch.diff
new file mode 100644
index 000000000000..bca2f038e011
--- /dev/null
+++ b/net-analyzer/snort/files/snort-2.4.4-demarc-patch.diff
@@ -0,0 +1,176 @@
+diff -Nuar snort-2.4.4/src/preprocessors/HttpInspect/client/hi_client.c snort-2.4.4-demarc/src/preprocessors/HttpInspect/client/hi_client.c
+--- snort-2.4.4/src/preprocessors/HttpInspect/client/hi_client.c	2005-03-16 13:52:18.000000000 -0800
++++ snort-2.4.4-demarc/src/preprocessors/HttpInspect/client/hi_client.c	2006-05-30 22:54:44.000000000 -0700
+@@ -40,6 +40,7 @@
+ 
+ #define URI_END  1
+ #define NO_URI  -1
++#define CR_IN_URI 18 
+ #define INVALID_HEX_VAL -1
+ 
+ /**
+@@ -455,6 +456,11 @@
+         return URI_END;
+     }
+ 
++	if(isspace(**ptr) )
++	{
++		return CR_IN_URI;
++	}
++
+     return NO_URI;
+ }
+ 
+@@ -1345,8 +1351,21 @@
+                     */
+                     break;
+                 }
++		else if(iRet == CR_IN_URI)
++		{
++        		if(hi_eo_generate_event(Session,ServerConf->non_std_cr.alert))
++        		{
++            			hi_eo_client_event_log(Session,ServerConf->non_std_cr.alert,
++                                   NULL, NULL);
++			}
++			break;
++		}
++
++
++
+                 else /* NO_URI */
+                 {
++
+                     /*
+                     **  Check for chunk encoding, because the delimiter can
+                     **  also be a space, which would look like a pipeline request
+diff -Nuar snort-2.4.4/src/preprocessors/HttpInspect/event_output/hi_eo_log.c snort-2.4.4-demarc/src/preprocessors/HttpInspect/event_output/hi_eo_log.c
+--- snort-2.4.4/src/preprocessors/HttpInspect/event_output/hi_eo_log.c	2004-03-11 14:25:53.000000000 -0800
++++ snort-2.4.4-demarc/src/preprocessors/HttpInspect/event_output/hi_eo_log.c	2006-05-30 10:27:49.000000000 -0700
+@@ -64,7 +64,9 @@
+     {HI_EO_CLIENT_PROXY_USE, HI_EO_LOW_PRIORITY,
+         HI_EO_CLIENT_PROXY_USE_STR },
+     {HI_EO_CLIENT_WEBROOT_DIR, HI_EO_HIGH_PRIORITY,
+-        HI_EO_CLIENT_WEBROOT_DIR_STR }
++        HI_EO_CLIENT_WEBROOT_DIR_STR },
++    { HI_EO_CLIENT_CR_IN_URI, HI_EO_MED_PRIORITY,
++        HI_EO_CLIENT_CR_IN_URI_STR },
+ };
+ 
+ static HI_EVENT_INFO anom_server_event_info[HI_EO_ANOM_SERVER_EVENT_NUM] = {
+diff -Nuar snort-2.4.4/src/preprocessors/HttpInspect/include/hi_eo_events.h snort-2.4.4-demarc/src/preprocessors/HttpInspect/include/hi_eo_events.h
+--- snort-2.4.4/src/preprocessors/HttpInspect/include/hi_eo_events.h	2004-03-11 14:25:53.000000000 -0800
++++ snort-2.4.4-demarc/src/preprocessors/HttpInspect/include/hi_eo_events.h	2006-05-25 13:01:08.000000000 -0700
+@@ -24,13 +24,14 @@
+ #define HI_EO_CLIENT_LARGE_CHUNK    15  /* done */
+ #define HI_EO_CLIENT_PROXY_USE      16  /* done */
+ #define HI_EO_CLIENT_WEBROOT_DIR    17  /* done */
++#define HI_EO_CLIENT_CR_IN_URI      18  /* done */
+ 
+ /*
+ **  IMPORTANT:
+ **  Every time you add a client event, this number must be
+ **  incremented.
+ */
+-#define HI_EO_CLIENT_EVENT_NUM      18
++#define HI_EO_CLIENT_EVENT_NUM      19
+ 
+ /*
+ **  These defines are the alert names for each event
+@@ -71,6 +72,8 @@
+     "(http_inspect) UNAUTHORIZED PROXY USE DETECTED"
+ #define HI_EO_CLIENT_WEBROOT_DIR_STR                    \
+     "(http_inspect) WEBROOT DIRECTORY TRAVERSAL"
++#define HI_EO_CLIENT_CR_IN_URI_STR                       \
++    "(http_inspect) NON-STD CARRIAGE RETURN IN URI"
+ 
+ /*
+ **  Anomalous Server Events
+diff -Nuar snort-2.4.4/src/preprocessors/HttpInspect/include/hi_ui_config.h snort-2.4.4-demarc/src/preprocessors/HttpInspect/include/hi_ui_config.h
+--- snort-2.4.4/src/preprocessors/HttpInspect/include/hi_ui_config.h	2005-03-16 13:52:18.000000000 -0800
++++ snort-2.4.4-demarc/src/preprocessors/HttpInspect/include/hi_ui_config.h	2006-05-30 09:44:18.000000000 -0700
+@@ -113,6 +113,7 @@
+     HTTPINSPECT_CONF_OPT webroot;
+     HTTPINSPECT_CONF_OPT apache_whitespace;
+     HTTPINSPECT_CONF_OPT iis_delimiter;
++    HTTPINSPECT_CONF_OPT non_std_cr;
+     
+ }  HTTPINSPECT_CONF;
+ 
+diff -Nuar snort-2.4.4/src/preprocessors/HttpInspect/user_interface/hi_ui_config.c snort-2.4.4-demarc/src/preprocessors/HttpInspect/user_interface/hi_ui_config.c
+--- snort-2.4.4/src/preprocessors/HttpInspect/user_interface/hi_ui_config.c	2005-03-16 13:52:19.000000000 -0800
++++ snort-2.4.4-demarc/src/preprocessors/HttpInspect/user_interface/hi_ui_config.c	2006-05-30 23:00:25.000000000 -0700
+@@ -117,6 +117,9 @@
+ 
+     GlobalConf->global_server.non_strict = 1;
+ 
++    GlobalConf->global_server.non_std_cr.on = 1;
++    GlobalConf->global_server.non_std_cr.alert = 1;
++
+     return HI_SUCCESS;
+ }
+ 
+@@ -209,6 +212,9 @@
+ 
+     ServerConf->tab_uri_delimiter = 1;
+ 
++    ServerConf->non_std_cr.on = 1;
++    ServerConf->non_std_cr.alert = 1;
++
+     return HI_SUCCESS;
+ }
+     
+@@ -279,6 +285,9 @@
+ 
+     ServerConf->non_strict = 1;
+ 
++    ServerConf->non_std_cr.on = 1;
++    ServerConf->non_std_cr.alert = 1;
++
+     return HI_SUCCESS;
+ }
+ 
+@@ -349,6 +358,9 @@
+ 
+     ServerConf->tab_uri_delimiter = 1;
+ 
++    ServerConf->non_std_cr.on = 1;
++    ServerConf->non_std_cr.alert = 1;
++
+     return HI_SUCCESS;
+ }
+ 
+diff -Nuar snort-2.4.4/src/preprocessors/snort_httpinspect.c snort-2.4.4-demarc/src/preprocessors/snort_httpinspect.c
+--- snort-2.4.4/src/preprocessors/snort_httpinspect.c	2005-08-23 08:52:19.000000000 -0700
++++ snort-2.4.4-demarc/src/preprocessors/snort_httpinspect.c	2006-05-30 10:33:54.000000000 -0700
+@@ -134,6 +134,7 @@
+ #define GLOBAL_ALERT      "no_alerts"
+ #define WEBROOT           "webroot"
+ #define TAB_URI_DELIMITER "tab_uri_delimiter"
++#define NON_STD_CR		  "non_std_cr"
+ 
+ /*
+ **  Alert subkeywords
+@@ -1449,6 +1450,15 @@
+                 return iRet;
+             }
+         }
++        else if(!strcmp(NON_STD_CR, pcToken))
++        {
++            ConfOpt = &ServerConf->non_std_cr;
++            if((iRet = ProcessConfOpt(ConfOpt, NON_STD_CR,
++                                      ErrorString, ErrStrLen)))
++            {
++                return iRet;
++            }
++        }
+         else if(!strcmp(IIS_BACKSLASH, pcToken))
+         {
+             ConfOpt = &ServerConf->iis_backslash;
+@@ -1583,6 +1593,7 @@
+     PrintConfOpt(&ServerConf->webroot, "Web Root Traversal");
+     PrintConfOpt(&ServerConf->apache_whitespace, "Apache WhiteSpace");
+     PrintConfOpt(&ServerConf->iis_delimiter, "IIS Delimiter");
++    PrintConfOpt(&ServerConf->non_std_cr, "Non-Std Carriage Return");
+ 
+     if(ServerConf->iis_unicode_map_filename)
+     {
author	Markus Ullmann <jokey@gentoo.org>	2006-06-01 20:04:03 +0000
committer	Markus Ullmann <jokey@gentoo.org>	2006-06-01 20:04:03 +0000
commit	ae37d647c56d97c70826d2638cc728388457dbc5 (patch)
tree	0ebb1939f58c3135e309156b08f1b51ca959263b /net-analyzer/snort
parent	Stable on sparc wrt security #134168 (diff)
download	historical-ae37d647c56d97c70826d2638cc728388457dbc5.tar.gz historical-ae37d647c56d97c70826d2638cc728388457dbc5.tar.bz2 historical-ae37d647c56d97c70826d2638cc728388457dbc5.zip