[pkgsrc/trunk]: pkgsrc/doc Update jabberd2 to jabberd-2.0s4nb1, by pulling in...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/doc Update jabberd2 to jabberd-2.0s4nb1, by pulling in...
From: abs <abs%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 00:57:59 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/89b2490ff083
branches:  trunk
changeset: 484773:89b2490ff083
user:      abs <abs%pkgsrc.org@localhost>
date:      Mon Nov 29 17:55:08 2004 +0000

description:
Update jabberd2 to jabberd-2.0s4nb1, by pulling in patches from
    http://www.marquard.net/jabber/#recommended,

specifically patch 58 which fixes the remote exploit listed at:
    http://www.securityfocus.com/archive/1/382250

Patches included:

28*     patch-jedi8-sm-object_c
Remove incorrect semicolumn from os_object_free() in sm/object.c

29*     patch-jedi-mysql-storage
Fixes to mysql storage for boundary conditions

30*     patch-base64
Fix length-related issues in base64 decoding routines

31*     patch-sm-storage_db
Fixes to storage_db.c to avoid roster corruption: "sm/storage_db
inserts items in the filter hash table with keys which are located
on the stack. This creates confusion when the code later tries to
compare with these keys."

32*     patch-nad-escape
Fixes bug in _nad_escape() where escaping ]]> can cause a segfault
when handling large messages where nad_realloc is called.

38*     patch-jedi-pgsql-storage
Fixes to pgsql storage for boundary conditions and incorrect buffer
length calculation

46*     patch-memleaks
Fix minor memory leaks in digest-md5 authentication and nad_free()

47*     patch-ns-fix
Fixes omission of namespace declaration where a namespace has
already been used in the XML stanza

48*     patch-sm-nad-triplet
Fixes omission of prefix on attributes processed by nad_parse (e.g.
in queue storage)

49*     patch-mod_disco_publish
Corrects check for deleting previously published disco items from
"delete" to "remove" (as per JEP-0030).

50*     patch-sm-filter
Alters filter handling and adds mysql/pgsql escaping on filter
strings to allow brackets and apostrophes in resource names that
form part of JIDs stored as roster entries

58*     patch-c2s-buffers
Fixes buffer overflow that can lead to segfault in c2s mysql and
pgsql auth modules - see report by icbm (www.venustech.com.cn)

diffstat:

 doc/CHANGES |  4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diffs (15 lines):

diff -r e8b8b7c44cac -r 89b2490ff083 doc/CHANGES
--- a/doc/CHANGES       Mon Nov 29 17:54:03 2004 +0000
+++ b/doc/CHANGES       Mon Nov 29 17:55:08 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: CHANGES,v 1.8155 2004/11/29 17:39:44 jmmv Exp $
+$NetBSD: CHANGES,v 1.8156 2004/11/29 17:55:08 abs Exp $
 
 Changes to the packages collection and infrastructure in 2004:
 
@@ -5644,3 +5644,5 @@
        Updated AiCA to 0.81 [wiz 2004-11-29]
        Updated xchat2 to 2.4.1 [minskim 2004-11-29]
        Updated epiphany to 2.4.6 [jmmv 2004-11-29]
+       Updated jabberd2 to 2.0s4nb1 [abs 2004-11-29]
+

Prev by Date: [pkgsrc/trunk]: pkgsrc/www/epiphany Update to 1.4.6:
Next by Date: [pkgsrc/trunk]: pkgsrc/sysutils/rconfig Update rconfig to 0.41:
Previous by Thread: [pkgsrc/trunk]: pkgsrc/www/epiphany Update to 1.4.6:
Next by Thread: [pkgsrc/trunk]: pkgsrc/sysutils/rconfig Update rconfig to 0.41:
Indexes:

Home | Main Index | Thread Index | Old Index