Revision bump for sec bug 90007; stable on x86.

(Portage version: 2.0.51.20-r4)
author: Aaron Walker <ka0ttic@gentoo.org> 2005-04-25 17:22:32 +0000
committer: Aaron Walker <ka0ttic@gentoo.org> 2005-04-25 17:22:32 +0000
commit: 8d46d1b2c1baeb0a899e3257a529e47011b8e4ea (patch)
tree: 4391672fe4e717354c226467a1ad7fb328963b3a /app-forensics
parent: cleaning (diff)
download: gentoo-2-8d46d1b2c1baeb0a899e3257a529e47011b8e4ea.tar.gz
gentoo-2-8d46d1b2c1baeb0a899e3257a529e47011b8e4ea.tar.bz2
gentoo-2-8d46d1b2c1baeb0a899e3257a529e47011b8e4ea.zip
5 files changed, 157 insertions, 9 deletions
diff --git a/app-forensics/rkhunter/ChangeLog b/app-forensics/rkhunter/ChangeLog
index d77fc658f0f6..a3188d57b8d4 100644
--- a/app-forensics/rkhunter/ChangeLog
+++ b/app-forensics/rkhunter/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for app-forensics/rkhunter
 # Copyright 2000-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-forensics/rkhunter/ChangeLog,v 1.32 2005/04/21 18:49:17 blubb Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/rkhunter/ChangeLog,v 1.33 2005/04/25 17:22:32 ka0ttic Exp $
+
+*rkhunter-1.2.3-r1 (25 Apr 2005)
+
+  25 Apr 2005; Aaron Walker <ka0ttic@gentoo.org>
+  +files/rkhunter-1.2.3-fix-insecure-tmp-creation.diff,
+  +rkhunter-1.2.3-r1.ebuild:
+  Revision bump for sec bug 90007; stable on x86.
 
   21 Apr 2005; Simon Stelling <blubb@gentoo.org> rkhunter-1.2.3.ebuild:
   stable on amd64
diff --git a/app-forensics/rkhunter/Manifest b/app-forensics/rkhunter/Manifest
index 529215cec098..c4d3d7124262 100644
--- a/app-forensics/rkhunter/Manifest
+++ b/app-forensics/rkhunter/Manifest
@@ -1,14 +1,17 @@
-MD5 2e6a777c46dbfcb3a856fc19edf24d40 ChangeLog 7197
-MD5 f1608c19ea0727ee36b2a692b1f3470b metadata.xml 264
+MD5 ae76c95d3c50fbfa26ff883345c0e1ed rkhunter-1.2.3.ebuild 1745
 MD5 023a96c68f424d636a21e1b2cba1f17f rkhunter-1.1.9.ebuild 1697
+MD5 c2a7840dec91418a93b46b3308e0d7fe ChangeLog 7416
+MD5 f1608c19ea0727ee36b2a692b1f3470b metadata.xml 264
 MD5 6eec7981570045ac62b848a28f444b28 rkhunter-1.2.1.ebuild 1743
-MD5 ae76c95d3c50fbfa26ff883345c0e1ed rkhunter-1.2.3.ebuild 1745
+MD5 0b6779ac946f58eb4951c6b4e5b541ea rkhunter-1.2.3-r1.ebuild 1801
+MD5 9b82f88f42c67bf2a8b855a851d3cdd7 files/rkhunter-1.2.0-specify-logfile.patch 2439
+MD5 f620bf00896d60c4a4a47ace8956f8ac files/rkhunter-1.2.3-specify-logfile.patch 2481
+MD5 4aace52e301a67ef5b8b23d8d2c5ba46 files/rkhunter.cron 3855
+MD5 2473ff095ea8aa159a379872571b5d43 files/rkhunter.bash-completion 2628
+MD5 a67c10cf68af091e9f17ad100b38ee7c files/rkhunter-1.1.9-specify-logfile.patch 2379
 MD5 a8206bcb42fdb2f63d50390afe76a7be files/digest-rkhunter-1.1.9 66
 MD5 c8d3c0a3f16a749c915f20be1047f683 files/digest-rkhunter-1.2.1 66
 MD5 ee665b743b036686877333dd0af7fda7 files/digest-rkhunter-1.2.3 66
-MD5 a67c10cf68af091e9f17ad100b38ee7c files/rkhunter-1.1.9-specify-logfile.patch 2379
-MD5 9b82f88f42c67bf2a8b855a851d3cdd7 files/rkhunter-1.2.0-specify-logfile.patch 2439
+MD5 ee665b743b036686877333dd0af7fda7 files/digest-rkhunter-1.2.3-r1 66
 MD5 d07a47cbe2364dc010d37ead80ff8f4b files/rkhunter-1.2.1-create-tmpdir.diff 551
-MD5 f620bf00896d60c4a4a47ace8956f8ac files/rkhunter-1.2.3-specify-logfile.patch 2481
-MD5 2473ff095ea8aa159a379872571b5d43 files/rkhunter.bash-completion 2628
-MD5 4aace52e301a67ef5b8b23d8d2c5ba46 files/rkhunter.cron 3855
+MD5 20350356b04e1a9a2a4ec768692c925b files/rkhunter-1.2.3-fix-insecure-tmp-creation.diff 3114
diff --git a/app-forensics/rkhunter/files/digest-rkhunter-1.2.3-r1 b/app-forensics/rkhunter/files/digest-rkhunter-1.2.3-r1
new file mode 100644
index 000000000000..8b5bf2898959
--- /dev/null
+++ b/app-forensics/rkhunter/files/digest-rkhunter-1.2.3-r1
@@ -0,0 +1 @@
+MD5 404ae3f5cde3ede8e3be1ee1f04f52d5 rkhunter-1.2.3.tar.gz 169545
diff --git a/app-forensics/rkhunter/files/rkhunter-1.2.3-fix-insecure-tmp-creation.diff b/app-forensics/rkhunter/files/rkhunter-1.2.3-fix-insecure-tmp-creation.diff
new file mode 100644
index 000000000000..3db14e21b3eb
--- /dev/null
+++ b/app-forensics/rkhunter/files/rkhunter-1.2.3-fix-insecure-tmp-creation.diff
@@ -0,0 +1,72 @@
+diff -ruN rkhunter.orig/files/check_update.sh rkhunter/files/check_update.sh
+--- rkhunter.orig/files/check_update.sh	2004-08-20 16:05:43.000000000 +0100
++++ rkhunter/files/check_update.sh	2005-04-25 17:51:23.000000000 +0100
+@@ -52,15 +52,11 @@
+   {
+     echo -n "${FILEDESC}: "  
+     UPDATEDBURL="${FIRSTMIRROR}/${VERSIONUPDATEURL}"
+-    ${WGETBINARY} -q -O /tmp/rkhunter.upd ${UPDATEDBURL}
+-    
+-    if [ -f /tmp/rkhunter.upd ]; then
+-        LATESTVERSION=`cat /tmp/rkhunter.upd`
+-        rm -f /tmp/rkhunter.upd
+-      else
++
++	if ! LATESTVERSION=`${WGETBINARY} -q -O - ${UPDATEDBURL}`; then
+         echo "ERROR"
+         echo "Fatal error: Problem while fetching file"
+-	exit 1
++		exit 1
+     fi
+       
+     CURRENTVERSION=`cat ${DBDIR}/${FILENAME} | grep '000:version' | cut -d ':' -f3`
+@@ -89,12 +85,9 @@
+ 
+ 	    # Fetch file
+ 	    GETFILE="${FIRSTMIRROR}/${FILENAME}.gz"
+-	    ${WGETBINARY} -q -O /tmp/rkhunter.upd.gz ${GETFILE}
+-	    if [ $? -eq 0 ]
+-	      then
+-	        # Gunzip it and place it on the right location
+-	        gunzip /tmp/rkhunter.upd.gz
+-	        mv /tmp/rkhunter.upd ${DBDIR}/${FILENAME}
++		TMPFILE="`mktemp /tmp/rkhunter.upd.gz.XXXXXX`" || exit 1
++	    if ${WGETBINARY} -q -O - ${GETFILE} | gunzip -c > ${TMPFILE}; then
++	        mv ${TMPFILE} ${DBDIR}/${FILENAME}
+ 		echo "  Action: Database updated (current version: ${CURRENTVERSION}, new version ${LATESTVERSION})"
+ 	      else
+ 	        echo "Fatal error: Can't retrieve file: ${GETFILE}"
+@@ -126,10 +119,6 @@
+         rm -f ${MIRRORFILE}.new
+     fi
+ 
+-    if [ -f /tmp/rkhunter.upd ]; then
+-      rm -f /tmp/rkhunter.upd
+-    fi
+-
+     touch ${MIRRORFILE}.new
+     echo "${MIRRORSVERSION}" > ${MIRRORFILE}.new
+     for I in ${OTHERMIRRORS}; do
+diff -ruN rkhunter.orig/files/rkhunter rkhunter/files/rkhunter
+--- rkhunter.orig/files/rkhunter	2005-02-21 18:32:08.000000000 +0000
++++ rkhunter/files/rkhunter	2005-04-25 17:47:48.000000000 +0100
+@@ -4421,16 +4421,16 @@
+                 VERSION=`${I}/php -v | head -n 1 | awk '{ print $2 }'`
+                 ;;
+           procmail)
+-                VERSION=`${I}/procmail -v 2> /tmp/procmail.txt && cat /tmp/procmail.txt | grep 'procmail v' | awk '{ print $2 }' | tr -d 'v' && rm -f /tmp/procmail.txt`
++                VERSION=`${I}/procmail -v 2>&1 | grep 'procmail v' | awk '{ print $2 }' | tr -d 'v'`
+                 ;;
+           proftpd)
+-                VERSION=`${I}/proftpd -v 2> /tmp/proftpd.txt && cat /tmp/proftpd.txt | awk '{ print $4 }' && rm -f /tmp/proftpd.txt`
++                VERSION=`${I}/proftpd -v 2>&1 | awk '{ print $4 }'`
+                 ;;
+           squid)
+                 VERSION=`${I}/squid -v | grep 'Squid Cache' | awk '{ print $4 }'`
+                 ;;
+           sshd)
+-                VERSION=`${I}/sshd -t -d 2> /tmp/openssh.txt && cat /tmp/openssh.txt | head -n 1 | awk '{ print $4 }' | cut -d '_' -f2 && rm -f /tmp/openssh.txt`
++                VERSION=`${I}/sshd -t -d 2>&1 | head -n 1 | awk '{ print $4 }' | cut -d '_' -f2`
+ 		if [ ! "`echo "${VERSION}" | grep "+"`" = "" ]; then
+ 		  VERSION=`echo "${VERSION}" | cut -d'+' -f1`
+ 		fi
diff --git a/app-forensics/rkhunter/rkhunter-1.2.3-r1.ebuild b/app-forensics/rkhunter/rkhunter-1.2.3-r1.ebuild
new file mode 100644
index 000000000000..c654ab51e47b
--- /dev/null
+++ b/app-forensics/rkhunter/rkhunter-1.2.3-r1.ebuild
@@ -0,0 +1,65 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/rkhunter/rkhunter-1.2.3-r1.ebuild,v 1.1 2005/04/25 17:22:32 ka0ttic Exp $
+
+inherit eutils bash-completion
+
+DESCRIPTION="Rootkit Hunter scans for known and unknown rootkits, backdoors, and sniffers."
+HOMEPAGE="http://www.rootkit.org/"
+SRC_URI="http://downloads.rootkit.nl/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="x86 ~ppc ~alpha ~amd64 ~sparc"
+IUSE=""
+
+DEPEND="app-arch/tar
+	app-arch/gzip
+	virtual/mta"
+RDEPEND="app-shells/bash
+	dev-lang/perl"
+
+S="${WORKDIR}/${PN}/files"
+
+src_unpack() {
+	unpack ${A}
+	cd ${S}
+	epatch ${FILESDIR}/${P}-fix-insecure-tmp-creation.diff
+	epatch ${FILESDIR}/${P}-specify-logfile.patch
+	epatch ${FILESDIR}/${PN}-1.2.1-create-tmpdir.diff
+}
+
+src_install() {
+	insinto /usr/lib/rkhunter/db
+	doins *.dat || die "failed to install dat files"
+
+	exeinto /usr/lib/rkhunter/scripts
+	doexe *.pl check_update.sh || die "failed to install scripts"
+
+	dobin rkhunter || die "failed to install rkhunter script"
+
+	insinto /etc
+	doins rkhunter.conf || die "failed to install rkhunter.conf"
+	dosed 's:^#\(DBDIR=.*\)local\(.*\)$:\1lib\2\nINSTALLDIR=/usr:' \
+		/etc/rkhunter.conf || die "sed rkhunter.conf failed"
+
+	doman development/rkhunter.8
+	dodoc CHANGELOG LICENSE README WISHLIST || die "dodoc failed"
+
+	exeinto /etc/cron.daily
+	newexe ${FILESDIR}/rkhunter.cron rkhunter || \
+		die "failed to install cron script"
+	dobashcompletion ${FILESDIR}/${PN}.bash-completion
+}
+
+pkg_postinst() {
+	echo
+	einfo "A cron script has been installed to /etc/cron.daily/rkhunter."
+	einfo "To enable it, edit /etc/cron.daily/rkhunter and follow the"
+	einfo "directions."
+	bash-completion_pkg_postinst
+}
+
+pkg_prerm() {
+	rm -rf /usr/lib/rkhunter/tmp
+}
author	Aaron Walker <ka0ttic@gentoo.org>	2005-04-25 17:22:32 +0000
committer	Aaron Walker <ka0ttic@gentoo.org>	2005-04-25 17:22:32 +0000
commit	8d46d1b2c1baeb0a899e3257a529e47011b8e4ea (patch)
tree	4391672fe4e717354c226467a1ad7fb328963b3a /app-forensics
parent	cleaning (diff)
download	gentoo-2-8d46d1b2c1baeb0a899e3257a529e47011b8e4ea.tar.gz gentoo-2-8d46d1b2c1baeb0a899e3257a529e47011b8e4ea.tar.bz2 gentoo-2-8d46d1b2c1baeb0a899e3257a529e47011b8e4ea.zip