Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--net-misc/apt-cacher-ng/ChangeLog9
-rw-r--r--net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26-r1.ebuild (renamed from net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26.ebuild)6
-rw-r--r--net-misc/apt-cacher-ng/files/apt-cacher-ng-0.7.26-CVE-2014-4510.patch74
3 files changed, 87 insertions, 2 deletions
diff --git a/net-misc/apt-cacher-ng/ChangeLog b/net-misc/apt-cacher-ng/ChangeLog
index 05bcc1059799..fdcf6dee1911 100644
--- a/net-misc/apt-cacher-ng/ChangeLog
+++ b/net-misc/apt-cacher-ng/ChangeLog
@@ -1,6 +1,13 @@
# ChangeLog for net-misc/apt-cacher-ng
# Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/apt-cacher-ng/ChangeLog,v 1.40 2014/06/20 14:59:37 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/apt-cacher-ng/ChangeLog,v 1.41 2014/06/24 13:20:47 jer Exp $
+
+*apt-cacher-ng-0.7.26-r1 (24 Jun 2014)
+
+ 24 Jun 2014; Jeroen Roovers <jer@gentoo.org> -apt-cacher-ng-0.7.26.ebuild,
+ +apt-cacher-ng-0.7.26-r1.ebuild,
+ +files/apt-cacher-ng-0.7.26-CVE-2014-4510.patch:
+ Add patch for CVE-2014-4510 (bug #514184).
20 Jun 2014; Jeroen Roovers <jer@gentoo.org> -apt-cacher-ng-0.7.25.ebuild:
Old.
diff --git a/net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26.ebuild b/net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26-r1.ebuild
index e938f13a5fa9..205a5c98c875 100644
--- a/net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26.ebuild
+++ b/net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26-r1.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26.ebuild,v 1.1 2014/03/24 14:20:07 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26-r1.ebuild,v 1.1 2014/06/24 13:20:47 jer Exp $
EAPI=5
inherit cmake-utils eutils user
@@ -33,6 +33,10 @@ RDEPEND="
tcpd? ( sys-apps/tcp-wrappers )
"
+PATCHES=(
+ "${FILESDIR}"/${P}-CVE-2014-4510.patch
+)
+
pkg_setup() {
# add new user & group for daemon
enewgroup ${PN}
diff --git a/net-misc/apt-cacher-ng/files/apt-cacher-ng-0.7.26-CVE-2014-4510.patch b/net-misc/apt-cacher-ng/files/apt-cacher-ng-0.7.26-CVE-2014-4510.patch
new file mode 100644
index 000000000000..d7c9c8674b5d
--- /dev/null
+++ b/net-misc/apt-cacher-ng/files/apt-cacher-ng-0.7.26-CVE-2014-4510.patch
@@ -0,0 +1,74 @@
+From 6f08e6a3995d1bed4e837889a3945b6dc650f6ad Mon Sep 17 00:00:00 2001
+From: Eduard Bloch <blade@debian.org>
+Date: Thu, 19 Jun 2014 23:10:28 +0200
+Subject: [PATCH 1/1] Option to have a custom message body
+
+---
+ include/job.h | 2 +-
+ source/job.cc | 15 +++++++++------
+ 2 files changed, 10 insertions(+), 7 deletions(-)
+
+diff --git a/include/job.h b/include/job.h
+index 9724590..e2026ac 100644
+--- a/include/job.h
++++ b/include/job.h
+@@ -76,7 +76,7 @@ class job {
+
+ const char * BuildAndEnqueHeader(const fileitem::FiStatus &fistate, const off_t &nGooddataSize, header& respHead);
+ fileitem::FiStatus _SwitchToPtItem(const mstring &fileLoc);
+- void SetErrorResponse(const char * errorLine, const char *szLocation=NULL);
++ void SetErrorResponse(const char * errorLine, const char *szLocation=NULL, const char *bodytext=NULL);
+ void HandleLocalDownload(const mstring &visPath,
+ const mstring &fsBase, const mstring &fsSubpath);
+
+diff --git a/source/job.cc b/source/job.cc
+index 53168d2..293d34b 100644
+--- a/source/job.cc
++++ b/source/job.cc
+@@ -729,7 +729,8 @@ report_overload:
+ return ;
+
+ report_notallowed:
+- SetErrorResponse((tSS() << "403 Forbidden file type or location: " << sReqPath).c_str());
++ SetErrorResponse((tSS() << "403 Forbidden file type or location: " << sReqPath).c_str(),
++ NULL, "403 Forbidden file type or location");
+ // USRDBG( sRawUriPath + " -- ACCESS FORBIDDEN");
+ return ;
+
+@@ -1156,26 +1157,28 @@ fileitem::FiStatus job::_SwitchToPtItem(const std::string &fileLoc)
+ }
+
+
+-void job::SetErrorResponse(const char * errorLine, const char *szLocation)
++void job::SetErrorResponse(const char * errorLine, const char *szLocation, const char *bodytext)
+ {
+ LOGSTART2("job::SetErrorResponse", errorLine << " ; for " << m_sOrigUrl);
+ class erroritem: public tGeneratedFitemBase
+ {
+ public:
+- erroritem(const string &sId, const char *szError) : tGeneratedFitemBase(sId, szError)
++ erroritem(const string &sId, const char *szError, const char *bodytext)
++ : tGeneratedFitemBase(sId, szError)
+ {
+ if(BODYFREECODE(m_head.getStatus()))
+ return;
+ // otherwise do something meaningful
+ m_data << "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n"
+- "<html><head><title>" << szError << "</title>\n</head>\n<body><h1>"
+- << szError << "</h1></body></html>";
++ "<html><head><title>" << (bodytext ? bodytext : szError)
++ << "</title>\n</head>\n<body><h1>"
++ << (bodytext ? bodytext : szError) << "</h1></body></html>";
+ m_head.set(header::CONTENT_TYPE, "text/html");
+ seal();
+ }
+ };
+
+- erroritem *p = new erroritem("noid", errorLine);
++ erroritem *p = new erroritem("noid", errorLine, bodytext);
+ p->HeadRef().set(header::LOCATION, szLocation);
+ m_pItem.ReplaceWithLocal(p);
+ //aclog::err(tSS() << "fileitem is now " << uintptr_t(m_pItem.get()));
+--
+1.9.1
+