diff options
author | Brandon Hale <tseng@gentoo.org> | 2004-05-04 16:23:05 +0000 |
---|---|---|
committer | Brandon Hale <tseng@gentoo.org> | 2004-05-04 16:23:05 +0000 |
commit | 96c20d0de1116a9d4317c8cb9c2810cdc352421a (patch) | |
tree | 34af15614d21a9e3c61e0843730b5651ea4f7bd0 /net-ftp/proftpd | |
parent | Deprecating pre-2004.0 (diff) | |
download | historical-96c20d0de1116a9d4317c8cb9c2810cdc352421a.tar.gz historical-96c20d0de1116a9d4317c8cb9c2810cdc352421a.tar.bz2 historical-96c20d0de1116a9d4317c8cb9c2810cdc352421a.zip |
Add patch to close privelage escalation bug, see bug #49496. Removing affected versions.
Diffstat (limited to 'net-ftp/proftpd')
-rw-r--r-- | net-ftp/proftpd/ChangeLog | 9 | ||||
-rw-r--r-- | net-ftp/proftpd/Manifest | 17 | ||||
-rw-r--r-- | net-ftp/proftpd/files/digest-proftpd-1.2.9-r1 | 1 | ||||
-rw-r--r-- | net-ftp/proftpd/files/digest-proftpd-1.2.9-r2 (renamed from net-ftp/proftpd/files/digest-proftpd-1.2.9) | 0 | ||||
-rw-r--r-- | net-ftp/proftpd/files/proftpd-1.2.9-privescal-fix.patch | 20 | ||||
-rw-r--r-- | net-ftp/proftpd/proftpd-1.2.9-r2.ebuild (renamed from net-ftp/proftpd/proftpd-1.2.9-r1.ebuild) | 5 | ||||
-rw-r--r-- | net-ftp/proftpd/proftpd-1.2.9.ebuild | 127 |
7 files changed, 39 insertions, 140 deletions
diff --git a/net-ftp/proftpd/ChangeLog b/net-ftp/proftpd/ChangeLog index 2cf63a27ec97..5d79af56d487 100644 --- a/net-ftp/proftpd/ChangeLog +++ b/net-ftp/proftpd/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-ftp/proftpd # Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.55 2004/04/27 21:51:21 agriffis Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/ChangeLog,v 1.56 2004/05/04 16:23:04 tseng Exp $ + +*proftpd-1.2.9-r2 (04 May 2004) + + 04 May 2004; Brandon Hale <tseng@gentoo.org> -proftpd-1.2.9-r1.ebuild, + +proftpd-1.2.9-r2.ebuild, -proftpd-1.2.9.ebuild: + Add patch to close privelage escalation bug, see bug #49496. Removing affected + versions. 27 Apr 2004; Aron Griffis <agriffis@gentoo.org> proftpd-1.2.9-r1.ebuild: Add inherit eutils diff --git a/net-ftp/proftpd/Manifest b/net-ftp/proftpd/Manifest index 03d451393908..ba7c303c783a 100644 --- a/net-ftp/proftpd/Manifest +++ b/net-ftp/proftpd/Manifest @@ -1,16 +1,15 @@ -MD5 bc516617f8c972f86a42a2bf81e04c21 ChangeLog 8679 -MD5 4cac4135685a0c8d0b20cacafd608c28 proftpd-1.2.9-r1.ebuild 3429 +MD5 d1a58ddb3d9fed89396f672a5d772c1c ChangeLog 8927 +MD5 90dec360681d62748ca722d3eca56e1a proftpd-1.2.9-r2.ebuild 3462 MD5 9fc268673f01fb44ccbeb1ba9b03fe10 proftpd-1.2.8.ebuild 2735 -MD5 8403cc3447fabc18a92eeb5dc891ed26 proftpd-1.2.7.ebuild 3668 MD5 63bd6e87942a25d48bd5365edd8246c0 metadata.xml 268 -MD5 ac1c9c977f6f474e593755940e831dc2 proftpd-1.2.9.ebuild 3322 -MD5 cb6cd6133728449d0da092b1d6147b9d files/digest-proftpd-1.2.8 66 +MD5 8403cc3447fabc18a92eeb5dc891ed26 proftpd-1.2.7.ebuild 3668 +MD5 c1dc1d9278d5b77f53ea44ee848dafc6 files/digest-proftpd-1.2.7 211 +MD5 6c1a92fc601780a49fdfc01aaf483b69 files/digest-proftpd-1.2.9-r2 66 +MD5 50955f0d375360841d50a82b9589e435 files/proftpd-1.2.9-privescal-fix.patch 588 MD5 0cf02f8c82f22e714b8299e7b7907d8f files/mod_sql_postgres.c.patch 275 +MD5 cb6cd6133728449d0da092b1d6147b9d files/digest-proftpd-1.2.8 66 MD5 b338504ed873219e368abab7df6c276d files/proftpd.conf 1704 MD5 09c4b572a757ab1b1b852c5755ac3c67 files/proftpd.rc6 738 MD5 4d676b70c97bc6daabd8c2ba8d52d27a files/proftpd.xinetd 295 -MD5 c1dc1d9278d5b77f53ea44ee848dafc6 files/digest-proftpd-1.2.7 211 -MD5 e558f099037d359da5f855285542246e files/1.2.9_rc3-reversedns.diff 1974 -MD5 6c1a92fc601780a49fdfc01aaf483b69 files/digest-proftpd-1.2.9 66 -MD5 6c1a92fc601780a49fdfc01aaf483b69 files/digest-proftpd-1.2.9-r1 66 MD5 b00999f820f1e46a501ce4fcaeb5fe23 files/proftpd-1.2.9-makefile.patch 434 +MD5 e558f099037d359da5f855285542246e files/1.2.9_rc3-reversedns.diff 1974 diff --git a/net-ftp/proftpd/files/digest-proftpd-1.2.9-r1 b/net-ftp/proftpd/files/digest-proftpd-1.2.9-r1 deleted file mode 100644 index dc35e2c279e0..000000000000 --- a/net-ftp/proftpd/files/digest-proftpd-1.2.9-r1 +++ /dev/null @@ -1 +0,0 @@ -MD5 7c85503b160a36a96594ef75f3180a07 proftpd-1.2.9.tar.bz2 778953 diff --git a/net-ftp/proftpd/files/digest-proftpd-1.2.9 b/net-ftp/proftpd/files/digest-proftpd-1.2.9-r2 index dc35e2c279e0..dc35e2c279e0 100644 --- a/net-ftp/proftpd/files/digest-proftpd-1.2.9 +++ b/net-ftp/proftpd/files/digest-proftpd-1.2.9-r2 diff --git a/net-ftp/proftpd/files/proftpd-1.2.9-privescal-fix.patch b/net-ftp/proftpd/files/proftpd-1.2.9-privescal-fix.patch new file mode 100644 index 000000000000..76204e4ad0de --- /dev/null +++ b/net-ftp/proftpd/files/proftpd-1.2.9-privescal-fix.patch @@ -0,0 +1,20 @@ +--- proftpd/src/dirtree.c 1 Nov 2003 07:11:07 -0000 1.125 ++++ proftpd/src/dirtree.c 4 Nov 2003 21:18:25 -0000 +@@ -1556,10 +1556,14 @@ + + if (cidr_mode) { + /* NOTE: encapsulation breakage note/IPv6 change needed here. */ +-#if 0 +- if ((cli_addr->s_addr & htonl(cidr_mask)) == cidr_addr.s_addr) +-#endif ++ ++ if (pr_netaddr_get_family(cli_addr) == AF_INET) { ++ struct in_addr *cli_in_addr = pr_netaddr_get_inaddr(cli_addr); ++ if ((cli_in_addr->s_addr & htonl(cidr_mask)) == cidr_addr.s_addr) { + return 1; ++ } ++ }; ++ + + } else { + pr_netaddr_t *acl_addr = NULL; diff --git a/net-ftp/proftpd/proftpd-1.2.9-r1.ebuild b/net-ftp/proftpd/proftpd-1.2.9-r2.ebuild index be2eaa707bf5..b6e871426b46 100644 --- a/net-ftp/proftpd/proftpd-1.2.9-r1.ebuild +++ b/net-ftp/proftpd/proftpd-1.2.9-r2.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2004 Gentoo Technologies, Inc. # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.2.9-r1.ebuild,v 1.5 2004/04/27 21:51:21 agriffis Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.2.9-r2.ebuild,v 1.1 2004/05/04 16:23:04 tseng Exp $ inherit flag-o-matic eutils @@ -27,7 +27,8 @@ DEPEND="pam? ( >=sys-libs/pam-0.75 ) src_unpack() { unpack ${A} cd ${S} - epatch ${FILESDIR}/proftpd-1.2.9-makefile.patch + epatch ${FILESDIR}/${P}-makefile.patch + epatch ${FILESDIR}/${P}-privescal-fix.patch } src_compile() { diff --git a/net-ftp/proftpd/proftpd-1.2.9.ebuild b/net-ftp/proftpd/proftpd-1.2.9.ebuild deleted file mode 100644 index 437ee81b2981..000000000000 --- a/net-ftp/proftpd/proftpd-1.2.9.ebuild +++ /dev/null @@ -1,127 +0,0 @@ -# Copyright 1999-2004 Gentoo Technologies, Inc. -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-ftp/proftpd/proftpd-1.2.9.ebuild,v 1.11 2004/04/21 02:25:43 eradicator Exp $ - -inherit flag-o-matic - -IUSE="ldap pam postgres mysql ssl tcpd ipv6" - -MY_P=${P/_/} -S=${WORKDIR}/${MY_P} - -DESCRIPTION="An advanced and very configurable FTP server" -SRC_URI="ftp://ftp.proftpd.org/distrib/source/${MY_P}.tar.bz2" -HOMEPAGE="http://www.proftpd.org/" - -SLOT="0" -LICENSE="GPL-2" -KEYWORDS="x86 sparc hppa ~alpha ppc ~mips" - -DEPEND="pam? ( >=sys-libs/pam-0.75 ) - mysql? ( >=dev-db/mysql-3.23.26 ) - ldap? ( >=net-nds/openldap-1.2.11 ) - postgres? ( >=dev-db/postgresql-7.3 ) - ssl? ( >=dev-libs/openssl-0.9.6f ) - tcpd? ( >=sys-apps/tcp-wrappers-7.6-r3 )" - -src_compile() { - local modules myconf - - modules="mod_ratio:mod_readme" - use pam && modules="${modules}:mod_auth_pam" - use tcpd && modules="${modules}:mod_wrap" - - if use ldap; then - einfo ldap - modules="${modules}:mod_ldap" - append-ldflags "-lresolv" - fi - - if use ssl; then - einfo ssl - # enable mod_tls - modules="${modules}:mod_tls" - fi - - if use mysql && use postgres - then - ewarn "ProFTPD only supports either the MySQL or PostgreSQL modules." - ewarn "Presently this ebuild defaults to mysql. If you would like to" - ewarn "change the default behaviour, merge ProFTPD with;" - ewarn "USE=\"-mysql postgres\" emerge proftpd" - sleep 5 - fi - - if use mysql; then - modules="${modules}:mod_sql:mod_sql_mysql" - myconf="--with-includes=/usr/include/mysql" - elif use postgres; then - modules="${modules}:mod_sql:mod_sql_postgres" - myconf="--with-includes=/usr/include/postgresql" - fi - - # New modules for 1.2.9 - # Not sure how these should be enabled yet as no use variables - # apply currently. Uncomment if you want to use them though. - # -raker 06/16/2003 - # - # modules="${modules}:mod_ifsession" - # modules="${modules}:mod_radius" - # modules="${modules}:mod_rewrite" - - # bug #30359 - has_version sys-devel/hardened-gcc && echo > lib/libcap/cap_sys.c - has_pic && echo > lib/libcap/cap_sys.c - - econf \ - --sbindir=/usr/sbin \ - --localstatedir=/var/run \ - --sysconfdir=/etc/proftpd \ - --enable-shadow \ - --disable-sendfile \ - --enable-autoshadow \ - --with-modules=${modules} \ - ${myconf} $( use_enable ipv6 ) || die "bad ./configure" - - emake || die "compile problem" -} - -src_install() { - # Note rundir needs to be specified to avoid sandbox violation - # on initial install. See Make.rules - make DESTDIR=${D} install || die - - keepdir /home/ftp - keepdir /var/run/proftpd - - dodoc contrib/README.mod_sql ${FILESDIR}/proftpd.conf \ - COPYING CREDITS ChangeLog NEWS README* \ - doc/{license.txt,GetConf} - dohtml doc/*.html - docinto rfc - dodoc doc/rfc/*.txt - - mv ${D}/etc/proftpd/proftpd.conf ${D}/etc/proftpd/proftpd.conf.distrib - - insinto /etc/proftpd - newins ${FILESDIR}/proftpd.conf proftpd.conf.sample - - if use pam; then - insinto /etc/pam.d - newins ${S}/contrib/dist/rpm/ftp.pamd ftp - fi - - insinto /etc/xinetd.d - newins ${FILESDIR}/proftpd.xinetd proftpd - - exeinto /etc/init.d ; newexe ${FILESDIR}/proftpd.rc6 proftpd -} - -pkg_postinst() { - groupadd proftpd &>/dev/null - id proftpd &>/dev/null || \ - useradd -g proftpd -d /home/ftp -s /bin/false proftpd - einfo - einfo 'You can find the config files in /etc/proftpd' - einfo -} |