pkgsrc-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: pkg/31570: additional: fix for security issue with bacula =< 1.37.39
The following reply was made to PR pkg/31570; it has been noted by GNATS.
From: Geert Hendrickx <ghen%telenet.be@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: wiz%netbsd.org@localhost
Subject: Re: pkg/31570: additional: fix for security issue with bacula =<
1.37.39
Date: Thu, 13 Oct 2005 10:59:45 +0200
This security vulnerability: http://www.zataz.net/adviso/bacula-09192005.txt
has been fixed in the latest 1.37.x release of bacula. Since this is their
-beta branch, and we decided to stay on the stable (1.36.x) branch (amongst
other changes, 1.37.x seems to use an incompatible database format), I have
taken the security-relevant part of the diffs on the trunk and applied them
to 1.36.3. The resulting patch is to be included as patches/patch-ah:
===>
$NetBSD$
--- autoconf/randpass.orig 2002-11-09 16:55:22.000000000 +0100
+++ autoconf/randpass
@@ -8,7 +8,14 @@ if test "x$1" = "x" ; then
else
PWL=$1
fi
-tmp=/tmp/p.tmp.$$
+tmp=`mktemp randpass.XXXXXXXXXX`
+if test x$tmp = x; then
+ tmp=/tmp/p.tmp.$$
+ if test -f $tmp; then
+ echo "Temp file security problem on: $tmp"
+ exit 1
+ fi
+fi
cp autoconf/randpass.bc $tmp
ps | sum | tr -d ':[:alpha:] ' | sed 's/^/k=/' >>$tmp
date | tr -d ':[:alpha:] ' | sed 's/^/k=k*/' >>$tmp
<===
--- distinfo.orig 2005-10-13 10:53:40.000000000 +0200
+++ distinfo 2005-10-13 10:53:41.000000000 +0200
@@ -8,3 +8,4 @@
SHA1 (patch-ae) = ad4b7d5cb83f021235c11504a034def897fffcac
SHA1 (patch-af) = 926e74b83a09f4620672ffb8419d9ea22983d231
SHA1 (patch-ag) = d955ad9fb3772471580518c6528c898263333521
+SHA1 (patch-ah) = 40ef8d3719e8ad2ba5c24de8d5661b3bfbbb5806
(this diff is to be applied after my earlier update to 1.36.3 with the
latest patches/patch-ag)
For unambigious versioning (with and without the vulnerability), I propose
we immediatly bump the PKGREVISION to 1 and do:
--- pkg-vulnerabilities.orig 2005-10-13 10:56:50.000000000 +0200
+++ pkg-vulnerabilities 2005-10-13 10:57:09.000000000 +0200
@@ -1458,7 +1458,7 @@
nss_ldap<240 information-disclosure
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2069
opera<8.50 cross-site-scripting
http://secunia.com/advisories/16645/
opera<8.50 file-spoofing
http://secunia.com/advisories/16645/
-bacula<1.37.39 insecure-temp-files
http://secunia.com/advisories/16866/
+bacula<1.36.3nb1 insecure-temp-files
http://secunia.com/advisories/16866/
firefox{,-bin,-gtk1,-gtk2,-gtk2-bin}<1.0.7 remote-command-execution
http://www.frsirt.com/english/advisories/2005/1794
ruby16-base<1.6.8nb2 access-validation-bypass
http://jvn.jp/jp/JVN%2362914675/index.html
ruby18-base<1.8.2nb4 access-validation-bypass
http://jvn.jp/jp/JVN%2362914675/index.html
Geert
Home |
Main Index |
Thread Index |
Old Index