[pkgsrc/trunk]: pkgsrc/net/kphone fix a possible information disclosure (CVE-...

[drochner <drochner%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/295f32f74f4c
branches:  trunk
changeset: 513215:295f32f74f4c
user:      drochner <drochner%pkgsrc.org@localhost>
date:      Mon May 22 16:39:00 2006 +0000

description:
fix a possible information disclosure (CVE-2006-2442), from Debian
bump PKGREVISION

diffstat:

 net/kphone/Makefile         |   4 ++--
 net/kphone/distinfo         |   3 ++-
 net/kphone/patches/patch-am |  22 ++++++++++++++++++++++
 3 files changed, 26 insertions(+), 3 deletions(-)

diffs (53 lines):

diff -r f00f1e72a8e6 -r 295f32f74f4c net/kphone/Makefile
--- a/net/kphone/Makefile       Mon May 22 16:33:49 2006 +0000
+++ b/net/kphone/Makefile       Mon May 22 16:39:00 2006 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.20 2006/05/22 14:39:44 dsainty Exp $
+# $NetBSD: Makefile,v 1.21 2006/05/22 16:39:00 drochner Exp $
 
 DISTNAME=              kphone-4.2
-PKGREVISION=           3
+PKGREVISION=           4
 CATEGORIES=            net comms
 MASTER_SITES=          http://www.wirlab.net/kphone/
 
diff -r f00f1e72a8e6 -r 295f32f74f4c net/kphone/distinfo
--- a/net/kphone/distinfo       Mon May 22 16:33:49 2006 +0000
+++ b/net/kphone/distinfo       Mon May 22 16:39:00 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.12 2006/03/08 10:05:52 martin Exp $
+$NetBSD: distinfo,v 1.13 2006/05/22 16:39:00 drochner Exp $
 
 SHA1 (kphone-4.2.tar.gz) = 10c7559b79fb13f42714008cd89a3981f66df2cf
 RMD160 (kphone-4.2.tar.gz) = 6176a97d19fe05741503f5b81dfd21e6130193e1
@@ -15,3 +15,4 @@
 SHA1 (patch-aj) = 600f96693fcf6f00f0b23a76923cdf0046116936
 SHA1 (patch-ak) = 4c3f498fe64df8dfbb5a93210d3eda8ac08c1f84
 SHA1 (patch-al) = 6c7a4017f8872769271b8660eb5c947620e76fb9
+SHA1 (patch-am) = 8012521be35d3e28a4632e70f0f19d5ff05b1a62
diff -r f00f1e72a8e6 -r 295f32f74f4c net/kphone/patches/patch-am
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/kphone/patches/patch-am       Mon May 22 16:39:00 2006 +0000
@@ -0,0 +1,22 @@
+$NetBSD: patch-am,v 1.1 2006/05/22 16:39:00 drochner Exp $
+
+--- kphone/kphone.cpp.orig     2006-05-21 20:05:49.000000000 +0200
++++ kphone/kphone.cpp
+@@ -1,5 +1,8 @@
+ #include <stdio.h>
+ #include <stdlib.h>
++#include <sys/types.h>
++#include <sys/stat.h>
++
+ #include <qtimer.h>
+ #include <qsettings.h>
+ #include <qmenubar.h>
+@@ -32,6 +35,8 @@ KPhone::KPhone( unsigned int listenport,
+               userPrefix = "_" + prefix + "_";
+       }
+       QSettings settings;
++
++      umask(077);
+       Sip::setLocalAddress( settings.readEntry(
+               "/kphone/dissipate_addr", Sip::getLocalAddress() ) );
+       QString socketStr = settings.readEntry( "/kphone/General/SocketMode", "UDP" );