pkg/48217: Update net/libnids to 1.24

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/48217: Update net/libnids to 1.24
From: Leonardo Taccari <iamleot%gmail.com@localhost>
Date: Mon, 16 Sep 2013 22:05:00 +0000 (UTC)
>Number:         48217
>Category:       pkg
>Synopsis:       Update net/libnids to 1.24
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    pkg-manager
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Mon Sep 16 22:05:00 +0000 2013
>Originator:     Leonardo Taccari
>Release:        NetBSD 6.1.1
>Organization:
>Environment:
System: NetBSD :) 6.1.1 NetBSD 6.1.1 (EEEPC900) #2: Sat Sep 7 18:18:00 CEST 
2013 leot@:):/usr/src/sys/arch/i386/compile/EEEPC900 i386
Architecture: i386
Machine: i386
>Description:
        net/libnids in pkgsrc (1.23) is not the latest stable version and the
        version present in pkgsrc has a vulnerability described by 
CVE-2010-0751.

        In NVD[0] and CVE[1] sites it seems that libnet 1.24 is affected but
        SecurityFocus[2], xorl.wordpress.com[3] and libnids release notes[4] say
        the contrary.

        [0]: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0751
        [1]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0751
        [2]: http://www.securityfocus.com/bid/39142
        [3]: 
http://xorl.wordpress.com/2010/04/04/libnids-ip-fragmentation-remote-null-pointer-dereference/
        [4]: 
http://freefr.dl.sourceforge.net/project/libnids/libnids/1.24/libnids-1.24.releasenotes.txt
>How-To-Repeat:
        $ cd pkgsrc/net/libnids
        $ make show-var VARNAME=PKGNAME_NOREV
>Fix:
        Please apply the following patches.

        The previous (1.23) patches/* are no more needed.
        patches/patch-configure.in and patches/patch-src_libnids.c are just
        portability fixes for systems that does not have <alloca.h> (like 
NetBSD).

        I will also attach a possible commit log.


--------------8<--------------8<--------------8<--------------8<--------------
Update net/libnids to 1.24.

Changes:
v1.24 Mar 14 2010
- fixed another remotely triggerable NULL dereference in ip_fragment.c
- unofficial patch that enables tracking of already established TCP connections
- missing reset of some tcp_* variables upon nids_exit
- correct calculation of radiotap header
- compilation warning fixes with newer gcc
- use pcap_get_selectable_fd() instead of pcap_fileno()
--------------8<--------------8<--------------8<--------------8<--------------


--------------8<--------------8<--------------8<--------------8<--------------
Index: Makefile
===================================================================
RCS file: /cvsroot/pkgsrc/net/libnids/Makefile,v
retrieving revision 1.33
diff -u -r1.33 Makefile
--- Makefile    6 Feb 2013 19:30:58 -0000       1.33
+++ Makefile    16 Sep 2013 21:56:04 -0000
@@ -1,8 +1,7 @@
 # $NetBSD: Makefile,v 1.33 2013/02/06 19:30:58 jperkin Exp $
 #
 
-DISTNAME=      libnids-1.23
-PKGREVISION=   6
+DISTNAME=      libnids-1.24
 CATEGORIES=    net security
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=libnids/}
 
Index: buildlink3.mk
===================================================================
RCS file: /cvsroot/pkgsrc/net/libnids/buildlink3.mk,v
retrieving revision 1.12
diff -u -r1.12 buildlink3.mk
--- buildlink3.mk       15 Sep 2012 10:06:04 -0000      1.12
+++ buildlink3.mk       16 Sep 2013 21:56:04 -0000
@@ -7,7 +7,7 @@
 
 
 BUILDLINK_API_DEPENDS.libnids+=        libnids>=1.18
-BUILDLINK_ABI_DEPENDS.libnids+=        libnids>=1.23nb5
+BUILDLINK_ABI_DEPENDS.libnids+=        libnids>=1.24
 BUILDLINK_PKGSRCDIR.libnids?=  ../../net/libnids
 BUILDLINK_DEPMETHOD.libnids?=  build
 
Index: distinfo
===================================================================
RCS file: /cvsroot/pkgsrc/net/libnids/distinfo,v
retrieving revision 1.11
diff -u -r1.11 distinfo
--- distinfo    17 Apr 2012 17:45:35 -0000      1.11
+++ distinfo    16 Sep 2013 21:56:04 -0000
@@ -1,8 +1,7 @@
 $NetBSD: distinfo,v 1.11 2012/04/17 17:45:35 joerg Exp $
 
-SHA1 (libnids-1.23.tar.gz) = 105bff0d0d35ab95ec90cce98cfb409f64ed44b4
-RMD160 (libnids-1.23.tar.gz) = 38994ad04f688291315bfcde38d8795e7a4c4226
-Size (libnids-1.23.tar.gz) = 140975 bytes
-SHA1 (patch-src_killtcp.c) = 77977d660cb55405b3501375185200bc37b702b1
-SHA1 (patch-src_util.c) = 1308beb64054caadb69ac7ba4e82b4bd15d07a4b
-SHA1 (patch-src_util.h) = 808a0b9e926ac3aab753123b621933c85797e643
+SHA1 (libnids-1.24.tar.gz) = 9a421df05cefdc4f5f7db95efc001b3c2b5249ce
+RMD160 (libnids-1.24.tar.gz) = 66a1a332a70b316fd83905887dc731b5bf28d715
+Size (libnids-1.24.tar.gz) = 151021 bytes
+SHA1 (patch-configure.in) = b6568c12569f7438187eab14999e34958bc3ce0f
+SHA1 (patch-src_libnids.c) = 859ac5ce8eb9ced29724ac235f6d1cc0aa3d10b1
Index: patches/patch-configure.in
===================================================================
RCS file: patches/patch-configure.in
diff -N patches/patch-configure.in
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-configure.in  16 Sep 2013 21:56:04 -0000
@@ -0,0 +1,18 @@
+$NetBSD$
+
+<alloca.h> header is not present in all OSes. The AC_FUNC_ALLOCA macro
+automatically checks if there is such header and then defines HAVE_ALLOCA_H
+accordingly.
+
+--- configure.in.orig  2006-05-01 17:14:51.000000000 +0000
++++ configure.in
+@@ -55,6 +55,9 @@ if test $ac_cv_lbl_unaligned_fail = yes 
+             AC_DEFINE(LBL_ALIGN,1,[if unaligned access fails])
+ fi
+ 
++dnl Check for alloca
++AC_FUNC_ALLOCA
++
+ dnl Checks for libpcap
+ AC_MSG_CHECKING(for libpcap)
+ AC_ARG_WITH(libpcap,
Index: patches/patch-src_killtcp.c
===================================================================
RCS file: patches/patch-src_killtcp.c
diff -N patches/patch-src_killtcp.c
--- patches/patch-src_killtcp.c 26 Nov 2011 17:17:53 -0000      1.1
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,12 +0,0 @@
-$NetBSD: patch-src_killtcp.c,v 1.1 2011/11/26 17:17:53 joerg Exp $
-
---- src/killtcp.c.orig 2011-11-26 02:33:07.000000000 +0000
-+++ src/killtcp.c
-@@ -118,6 +118,6 @@ void nids_killtcp(struct tcp_stream *a_t
-     if (initialized)
-       abort();
- }
--#elif
-+#else
- #error Something wrong with LIBNET_VER
- #endif
Index: patches/patch-src_libnids.c
===================================================================
RCS file: patches/patch-src_libnids.c
diff -N patches/patch-src_libnids.c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_libnids.c 16 Sep 2013 21:56:04 -0000
@@ -0,0 +1,18 @@
+$NetBSD$
+
+<alloca.h> header is not present in all OSes. Include it only if it is
+present. Please note that some systems defines alloca() in <stdlib.h>
+(i.e. NetBSD).
+
+--- src/libnids.c.orig 2010-03-01 21:13:25.000000000 +0000
++++ src/libnids.c
+@@ -14,7 +14,9 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <syslog.h>
++#if (HAVE_ALLOCA_H)
+ #include <alloca.h>
++#endif
+ #include <pcap.h>
+ #include <errno.h>
+ #include <config.h>
Index: patches/patch-src_util.c
===================================================================
RCS file: patches/patch-src_util.c
diff -N patches/patch-src_util.c
--- patches/patch-src_util.c    17 Apr 2012 17:45:36 -0000      1.1
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,23 +0,0 @@
-$NetBSD: patch-src_util.c,v 1.1 2012/04/17 17:45:36 joerg Exp $
-
---- src/util.c.orig    2012-04-16 22:20:17.000000000 +0000
-+++ src/util.c
-@@ -29,18 +29,6 @@ test_malloc(int x)
-   return ret;
- }
- 
--inline int
--before(u_int seq1, u_int seq2)
--{
--  return ((int)(seq1 - seq2) < 0);
--}
--
--inline int
--after(u_int seq1, u_int seq2)
--{
--  return ((int)(seq2 - seq1) < 0);
--}
--
- void
- register_callback(struct proc_node **procs, void (*x))
- {
Index: patches/patch-src_util.h
===================================================================
RCS file: patches/patch-src_util.h
diff -N patches/patch-src_util.h
--- patches/patch-src_util.h    17 Apr 2012 17:45:36 -0000      1.1
+++ /dev/null   1 Jan 1970 00:00:00 -0000
@@ -1,26 +0,0 @@
-$NetBSD: patch-src_util.h,v 1.1 2012/04/17 17:45:36 joerg Exp $
-
---- src/util.h.orig    2012-04-16 22:20:32.000000000 +0000
-+++ src/util.h
-@@ -23,9 +23,19 @@ struct lurker_node {
- 
- void nids_no_mem(char *);
- char *test_malloc(int);
--inline int before(u_int seq1, u_int seq2);
--inline int after(u_int seq1, u_int seq2);
- void register_callback(struct proc_node **procs, void (*x));
- void unregister_callback(struct proc_node **procs, void (*x));
- 
-+static inline int
-+before(u_int seq1, u_int seq2)
-+{
-+  return ((int)(seq1 - seq2) < 0);
-+}
-+
-+static inline int
-+after(u_int seq1, u_int seq2)
-+{
-+  return ((int)(seq2 - seq1) < 0);
-+}
-+
- #endif /* _NIDS_UTIL_H */
Prev by Date: Re: PR/48194 CVS commit: pkgsrc/pkgtools/pkg_install/files/lib
Next by Date: pkg/48218: tmux fails on timersub requirement
Previous by Thread: pkg/48216: pkgsrc is broken on Darwin 9.8.0 (Leopard)
Next by Thread: pkg/48218: tmux fails on timersub requirement
Indexes:
Home | Main Index | Thread Index | Old Index