[pkgsrc/pkgsrc-2015Q1]: pkgsrc/net/dnsmasq Pullup ticket #4706 - requested by...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/pkgsrc-2015Q1]: pkgsrc/net/dnsmasq Pullup ticket #4706 - requested by...
From: spz <spz%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 17:38:24 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/af2d22672600
branches:  pkgsrc-2015Q1
changeset: 649207:af2d22672600
user:      spz <spz%pkgsrc.org@localhost>
date:      Wed Apr 29 18:40:55 2015 +0000

description:
Pullup ticket #4706 - requested by roy
net/dnsmasq: security patch

Revisions pulled up:
- net/dnsmasq/Makefile                                          1.28,1.27
- net/dnsmasq/distinfo                                          1.26,1.25
- net/dnsmasq/files/dnsmasq.sh                                  1.3
- net/dnsmasq/patches/patch-src_bpf.c                           1.4
- net/dnsmasq/patches/patch-src_rfc1035.c                       1.1

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   roy
   Date:           Wed Apr 29 12:53:02 UTC 2015

   Modified Files:
           pkgsrc/net/dnsmasq: Makefile distinfo
   Added Files:
           pkgsrc/net/dnsmasq/patches: patch-src_rfc1035.c

   Log Message:
   Add a patch to fix CVE-2015-3294.
   Remove myself as maintainer.


   To generate a diff of this commit:
   cvs rdiff -u -r1.27 -r1.28 pkgsrc/net/dnsmasq/Makefile
   cvs rdiff -u -r1.25 -r1.26 pkgsrc/net/dnsmasq/distinfo
   cvs rdiff -u -r0 -r1.1 pkgsrc/net/dnsmasq/patches/patch-src_rfc1035.c

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   abs
   Date:           Wed Apr 22 14:57:22 UTC 2015

   Modified Files:
           pkgsrc/net/dnsmasq: Makefile distinfo
           pkgsrc/net/dnsmasq/files: dnsmasq.sh
           pkgsrc/net/dnsmasq/patches: patch-src_bpf.c

   Log Message:
   Add a 'reload' rc.d option (automatically uses the pid file), which will
   make dnsmasq reload the dhcp file. Add patch comment and mps
   Bump PKGREVISION


   To generate a diff of this commit:
   cvs rdiff -u -r1.26 -r1.27 pkgsrc/net/dnsmasq/Makefile
   cvs rdiff -u -r1.24 -r1.25 pkgsrc/net/dnsmasq/distinfo
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/dnsmasq/files/dnsmasq.sh
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/dnsmasq/patches/patch-src_bpf.c

diffstat:

 net/dnsmasq/Makefile                    |   6 ++--
 net/dnsmasq/distinfo                    |   5 ++-
 net/dnsmasq/files/dnsmasq.sh            |   3 +-
 net/dnsmasq/patches/patch-src_bpf.c     |   4 ++-
 net/dnsmasq/patches/patch-src_rfc1035.c |  44 +++++++++++++++++++++++++++++++++
 5 files changed, 55 insertions(+), 7 deletions(-)

diffs (111 lines):

diff -r 436d18d67068 -r af2d22672600 net/dnsmasq/Makefile
--- a/net/dnsmasq/Makefile      Wed Apr 29 15:41:36 2015 +0000
+++ b/net/dnsmasq/Makefile      Wed Apr 29 18:40:55 2015 +0000
@@ -1,12 +1,12 @@
-# $NetBSD: Makefile,v 1.26 2014/11/23 13:16:23 cheusov Exp $
+# $NetBSD: Makefile,v 1.26.4.1 2015/04/29 18:40:55 spz Exp $
 #
 
 DISTNAME=              dnsmasq-2.67
-PKGREVISION=           1
+PKGREVISION=           3
 CATEGORIES=            net
 MASTER_SITES=          http://www.thekelleys.org.uk/dnsmasq/
 
-MAINTAINER=            roy%NetBSD.org@localhost
+MAINTAINER=            pkgsrc-users%NetBSD.org@localhost
 HOMEPAGE=              http://www.thekelleys.org.uk/dnsmasq/doc.html
 COMMENT=               Lightweight, easy to configure DNS forwarder
 LICENSE=               gnu-gpl-v3
diff -r 436d18d67068 -r af2d22672600 net/dnsmasq/distinfo
--- a/net/dnsmasq/distinfo      Wed Apr 29 15:41:36 2015 +0000
+++ b/net/dnsmasq/distinfo      Wed Apr 29 18:40:55 2015 +0000
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.24 2015/01/17 13:52:12 bsiegert Exp $
+$NetBSD: distinfo,v 1.24.2.1 2015/04/29 18:40:55 spz Exp $
 
 SHA1 (dnsmasq-2.67.tar.gz) = 550c7ea2bef2a74a089c664d95fc52420a8cb726
 RMD160 (dnsmasq-2.67.tar.gz) = c2f3f9d7978bc9eddbcb77add54acdf3c8103fa8
 Size (dnsmasq-2.67.tar.gz) = 600838 bytes
 SHA1 (patch-dnsmasq.conf.example) = 2974c722a26400915037259c79899e8a3e95bf8f
-SHA1 (patch-src_bpf.c) = 8ba0482e8ba9441d5eb235dfb7b4aa556545636c
+SHA1 (patch-src_bpf.c) = 5a355bc116d2853b8e202ea31847a9e36cd000b0
+SHA1 (patch-src_rfc1035.c) = 3b3a2fa2c83db937f46e4ab2a7e06f0c191f62e9
diff -r 436d18d67068 -r af2d22672600 net/dnsmasq/files/dnsmasq.sh
--- a/net/dnsmasq/files/dnsmasq.sh      Wed Apr 29 15:41:36 2015 +0000
+++ b/net/dnsmasq/files/dnsmasq.sh      Wed Apr 29 18:40:55 2015 +0000
@@ -1,6 +1,6 @@
 #!@RCD_SCRIPTS_SHELL@
 #
-# $NetBSD: dnsmasq.sh,v 1.2 2011/10/07 22:37:04 shattered Exp $
+# $NetBSD: dnsmasq.sh,v 1.2.28.1 2015/04/29 18:40:55 spz Exp $
 #
 
 # PROVIDE: dnsmasq
@@ -12,6 +12,7 @@
 rcvar=$name
 command="@PREFIX@/sbin/${name}"
 pidfile="/var/run/${name}.pid"
+extra_commands="reload"
 
 load_rc_config $name
 run_rc_command "$1"
diff -r 436d18d67068 -r af2d22672600 net/dnsmasq/patches/patch-src_bpf.c
--- a/net/dnsmasq/patches/patch-src_bpf.c       Wed Apr 29 15:41:36 2015 +0000
+++ b/net/dnsmasq/patches/patch-src_bpf.c       Wed Apr 29 18:40:55 2015 +0000
@@ -1,4 +1,6 @@
-$NetBSD: patch-src_bpf.c,v 1.3 2015/01/17 13:52:13 bsiegert Exp $
+$NetBSD: patch-src_bpf.c,v 1.3.2.1 2015/04/29 18:40:55 spz Exp $
+
+Add inet6 include for OS X
 
 --- src/bpf.c.orig     2015-01-02 04:23:05.000000000 +0000
 +++ src/bpf.c
diff -r 436d18d67068 -r af2d22672600 net/dnsmasq/patches/patch-src_rfc1035.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/dnsmasq/patches/patch-src_rfc1035.c   Wed Apr 29 18:40:55 2015 +0000
@@ -0,0 +1,44 @@
+From ad4a8ff7d9097008d7623df8543df435bfddeac8 Mon Sep 17 00:00:00 2001
+From: Simon Kelley <simon%thekelleys.org.uk@localhost>
+Date: Thu, 9 Apr 2015 21:48:00 +0100
+Subject: [PATCH] Fix crash on receipt of certain malformed DNS requests.
+
+---
+ CHANGELOG     |    3 +++
+ src/rfc1035.c |    9 ++++++---
+ 2 files changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/src/rfc1035.c b/src/rfc1035.c
+index 7a07b0c..a995ab5 100644
+--- src/rfc1035.c
++++ src/rfc1035.c
+@@ -1198,7 +1198,10 @@ unsigned int extract_request(struct dns_header *header, size_t qlen, char *name,
+ size_t setup_reply(struct dns_header *header, size_t qlen,
+               struct all_addr *addrp, unsigned int flags, unsigned long ttl)
+ {
+-  unsigned char *p = skip_questions(header, qlen);
++  unsigned char *p;
++
++  if (!(p = skip_questions(header, qlen)))
++    return 0;
+   
+   /* clear authoritative and truncated flags, set QR flag */
+   header->hb3 = (header->hb3 & ~(HB3_AA | HB3_TC)) | HB3_QR;
+@@ -1214,7 +1217,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
+     SET_RCODE(header, NOERROR); /* empty domain */
+   else if (flags == F_NXDOMAIN)
+     SET_RCODE(header, NXDOMAIN);
+-  else if (p && flags == F_IPV4)
++  else if (flags == F_IPV4)
+     { /* we know the address */
+       SET_RCODE(header, NOERROR);
+       header->ancount = htons(1);
+@@ -1222,7 +1225,7 @@ size_t setup_reply(struct dns_header *header, size_t qlen,
+       add_resource_record(header, NULL, NULL, sizeof(struct dns_header), &p, ttl, NULL, T_A, C_IN, "4", addrp);
+     }
+ #ifdef HAVE_IPV6
+-  else if (p && flags == F_IPV6)
++  else if (flags == F_IPV6)
+     {
+       SET_RCODE(header, NOERROR);
+       header->ancount = htons(1);

Prev by Date: [pkgsrc/trunk]: pkgsrc/lang/yap Don't use false as pointer. Don't use default...
Next by Date: [pkgsrc/trunk]: pkgsrc/devel/p5-Module-CoreList Update to 5.20150420
Previous by Thread: [pkgsrc/trunk]: pkgsrc/lang/yap Don't use false as pointer. Don't use default...
Next by Thread: [pkgsrc/trunk]: pkgsrc/devel/p5-Module-CoreList Update to 5.20150420
Indexes:

Home | Main Index | Thread Index | Old Index