[pkgsrc/pkgsrc-2008Q4]: pkgsrc/www/privoxy pullup ticket #2711 - requested by...

[rtr <rtr%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/d3c323472021
branches:  pkgsrc-2008Q4
changeset: 552353:d3c323472021
user:      rtr <rtr%pkgsrc.org@localhost>
date:      Sat Feb 28 12:47:22 2009 +0000

description:
pullup ticket #2711 - requested by drochner
privoxy: update for security fix

revisions pulled up:
pkgsrc/www/privoxy/Makefile             1.35,1.36
pkgsrc/www/privoxy/files/privoxy.sh     1.4,1.5
pkgsrc/www/privoxy/distinfo             1.9
pkgsrc/www/privoxy/patches/patch-af     1.1

   Module Name:    pkgsrc
   Committed By:   jnemeth
   Date:           Mon Feb  2 20:00:41 UTC 2009

   Modified Files:
           pkgsrc/www/privoxy: Makefile
           pkgsrc/www/privoxy/files: privoxy.sh

   Log Message:
   PR/40532 - Cem Kayali -- group permissions too broad
   Just fixing security issue, will leave pkg update for MAINTAINER for now.

------------------------------------------------------------------------
   Module Name:   pkgsrc
   Committed By:  drochner
   Date:          Wed Feb  4 21:20:39 UTC 2009


   Modified Files:
          pkgsrc/www/privoxy: Makefile distinfo
          pkgsrc/www/privoxy/files: privoxy.sh
   Added Files:
          pkgsrc/www/privoxy/patches: patch-af


   Log Message:
   give up supplementary group memberships on uid/gid switch, fixes
   unexpected privileges reported in PR pkg/40532 by Cem Kayali,
   the issue is being discussed with upstream,
   thanks to Cem for detailed reports,
   also back out explicit passing of PRIVOXY_GROUP to the program --
   while it does not hurt it is redundant because PRIVOXY_GROUP is already
   the primary group of PRIVOXY_USER

diffstat:

 www/privoxy/Makefile         |   3 ++-
 www/privoxy/distinfo         |   3 ++-
 www/privoxy/patches/patch-af |  15 +++++++++++++++
 3 files changed, 19 insertions(+), 2 deletions(-)

diffs (47 lines):

diff -r dbcc95846437 -r d3c323472021 www/privoxy/Makefile
--- a/www/privoxy/Makefile      Sat Feb 28 12:41:51 2009 +0000
+++ b/www/privoxy/Makefile      Sat Feb 28 12:47:22 2009 +0000
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.34 2008/03/12 21:35:03 drochner Exp $
+# $NetBSD: Makefile,v 1.34.12.1 2009/02/28 12:47:22 rtr Exp $
 #
 
 DISTNAME=      ${PKGNAME_NOREV}-stable-src
 PKGNAME=       privoxy-3.0.8
+PKGREVISION=   2
 CATEGORIES=    www
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=ijbswa/}
 
diff -r dbcc95846437 -r d3c323472021 www/privoxy/distinfo
--- a/www/privoxy/distinfo      Sat Feb 28 12:41:51 2009 +0000
+++ b/www/privoxy/distinfo      Sat Feb 28 12:47:22 2009 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.8 2008/06/13 13:45:46 drochner Exp $
+$NetBSD: distinfo,v 1.8.10.1 2009/02/28 12:47:22 rtr Exp $
 
 SHA1 (privoxy-3.0.8-stable-src.tar.gz) = 7fe2b7afde4066ef1f170f5f11850cf9da428a42
 RMD160 (privoxy-3.0.8-stable-src.tar.gz) = 604dd61a22dc74d06d4adaa4b3c87e4d5da5149b
@@ -7,3 +7,4 @@
 SHA1 (patch-ac) = e39ffe694462b952c5ad66ac577a0acbee0a1d9f
 SHA1 (patch-ad) = d5d6fe935ff98a45ebbd209a5c7126cb5e42ae1a
 SHA1 (patch-ae) = 5cd064cd6b35196d32272bbbdc181a1e48d9be8f
+SHA1 (patch-af) = 8d572ece2f2d5cedcc7694ddda0b79e4453671ff
diff -r dbcc95846437 -r d3c323472021 www/privoxy/patches/patch-af
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/www/privoxy/patches/patch-af      Sat Feb 28 12:47:22 2009 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-af,v 1.2.2.2 2009/02/28 12:47:22 rtr Exp $
+
+--- ./jcc.c.orig       2007-12-16 19:32:46.000000000 +0100
++++ ./jcc.c
+@@ -3299,6 +3299,10 @@ int main(int argc, const char *argv[])
+       {
+          log_error(LOG_LEVEL_FATAL, "Cannot setgid(): Insufficient permissions.");
+       }
++      if (grp)
++      setgroups(1, &grp->gr_gid);
++      else
++              initgroups(pw->pw_name, pw->pw_gid);
+       if (do_chroot)
+       {
+          if (!pw->pw_dir)