[pkgsrc/trunk]: pkgsrc/net/ethereal Add patch for security issue published at...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/net/ethereal Add patch for security issue published at...
From: frueauf <frueauf%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 02:31:01 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/2593790ef339
branches:  trunk
changeset: 502044:2593790ef339
user:      frueauf <frueauf%pkgsrc.org@localhost>
date:      Tue Nov 01 20:09:50 2005 +0000

description:
Add patch for security issue published at http://secunia.com/product/1228/
taken from http://www.gentoo.org/cgi-bin/viewcvs.cgi/*checkout*/net-analyzer/ethereal/files/ethereal-0.10.13-fix-irc-loop-DoS-CVE-2005-3313.diff?hideattic=1

Also bump version to 0.10.13nb1.

diffstat:

 net/ethereal/Makefile         |   3 ++-
 net/ethereal/patches/patch-ab |  25 +++++++++++++++++++++++++
 2 files changed, 27 insertions(+), 1 deletions(-)

diffs (41 lines):

diff -r c0152911709f -r 2593790ef339 net/ethereal/Makefile
--- a/net/ethereal/Makefile     Tue Nov 01 20:01:48 2005 +0000
+++ b/net/ethereal/Makefile     Tue Nov 01 20:09:50 2005 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.117 2005/10/25 11:32:04 salo Exp $
+# $NetBSD: Makefile,v 1.118 2005/11/01 20:09:50 frueauf Exp $
 
 DISTNAME=              ethereal-0.10.13
+PKGREVISION=           1
 CATEGORIES=            net
 MASTER_SITES=          http://www.ethereal.com/distribution/ \
                        http://ethereal.planetmirror.com/distribution/ \
diff -r c0152911709f -r 2593790ef339 net/ethereal/patches/patch-ab
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/net/ethereal/patches/patch-ab     Tue Nov 01 20:09:50 2005 +0000
@@ -0,0 +1,25 @@
+$NetBSD: patch-ab,v 1.7 2005/11/01 20:09:50 frueauf Exp $
+
+Fixes security issue published at http://secunia.com/advisories/17370/.
+Diff taken from http://www.gentoo.org/cgi-bin/viewcvs.cgi/*checkout*/net-analyzer/ethereal/files/ethereal-0.10.13-fix-irc-loop-DoS-CVE-2005-3313.diff?hideattic=1
+
+--- epan/dissectors/packet-irc.c       2005/09/23 21:33:02     15985
++++ epan/dissectors/packet-irc.c       2005/10/24 02:35:43     16290
+@@ -86,6 +86,17 @@
+                        * Find the end of the line.
+                        */
+                       linelen = tvb_find_line_end(tvb, offset, -1, &next_offset, FALSE);
++                      if (next_offset == offset) {
++                              /*
++                               * XXX - we really want the "show data a
++                               * line at a time" loops in various
++                               * dissectors to do reassembly and to
++                               * throw an exception if there's no
++                               * line ending in the current packet
++                               * and we're not doing reassembly.
++                               */
++                              break;
++                      }
+ 
+                       if (linelen != 0)
+                       {

Prev by Date: [pkgsrc/trunk]: pkgsrc/cad/wcalc-docs import wcalc-docs-0.9
Next by Date: [pkgsrc/trunk]: pkgsrc/doc Note fetchmailconf nb bump
Previous by Thread: [pkgsrc/trunk]: pkgsrc/cad/wcalc-docs import wcalc-docs-0.9
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc Note fetchmailconf nb bump
Indexes:

Home | Main Index | Thread Index | Old Index