diff options
| -rw-r--r-- | net-libs/libsmi/ChangeLog | 10 | ||||
| -rw-r--r-- | net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch | 21 | ||||
| -rw-r--r-- | net-libs/libsmi/libsmi-0.4.8-r1.ebuild | 38 |
3 files changed, 67 insertions, 2 deletions
diff --git a/net-libs/libsmi/ChangeLog b/net-libs/libsmi/ChangeLog index 00c654fb9746..21eaffaf87dd 100644 --- a/net-libs/libsmi/ChangeLog +++ b/net-libs/libsmi/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-libs/libsmi -# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-libs/libsmi/ChangeLog,v 1.29 2009/02/20 18:55:13 armin76 Exp $ +# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/net-libs/libsmi/ChangeLog,v 1.30 2010/10/22 16:45:20 jer Exp $ + +*libsmi-0.4.8-r1 (22 Oct 2010) + + 22 Oct 2010; Jeroen Roovers <jer@gentoo.org> +libsmi-0.4.8-r1.ebuild, + +files/libsmi-0.4.8-CVE-2010-2891.patch: + Patch for bug #342127. 20 Feb 2009; Raúl Porcel <armin76@gentoo.org> libsmi-0.4.8.ebuild: Add ~arm/~s390/~sh wrt #247076 diff --git a/net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch b/net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch new file mode 100644 index 000000000000..114431d00e31 --- /dev/null +++ b/net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch @@ -0,0 +1,21 @@ +Index: lib/smi.c +=================================================================== +--- lib/smi.c (revision 29144) ++++ lib/smi.c (working copy) +@@ -1793,10 +1793,15 @@ + } + + if (isdigit((int)node2[0])) { +- for (oidlen = 0, p = strtok(node2, ". "); p; ++ for (oidlen = 0, p = strtok(node2, ". "); ++ p && oidlen < sizeof(oid)/sizeof(oid[0]); + oidlen++, p = strtok(NULL, ". ")) { + oid[oidlen] = strtoul(p, NULL, 0); + } ++ if (p) { ++ /* the numeric OID is too long */ ++ return NULL; ++ } + nodePtr = getNode(oidlen, oid); + if (nodePtr) { + if (modulePtr) { diff --git a/net-libs/libsmi/libsmi-0.4.8-r1.ebuild b/net-libs/libsmi/libsmi-0.4.8-r1.ebuild new file mode 100644 index 000000000000..330c43daaaee --- /dev/null +++ b/net-libs/libsmi/libsmi-0.4.8-r1.ebuild @@ -0,0 +1,38 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-libs/libsmi/libsmi-0.4.8-r1.ebuild,v 1.1 2010/10/22 16:45:20 jer Exp $ + +EAPI="2" + +inherit eutils flag-o-matic + +DESCRIPTION="A Library to Access SMI MIB Information" +SRC_URI="ftp://ftp.ibr.cs.tu-bs.de/pub/local/${PN}/${P}.tar.gz" +HOMEPAGE="http://www.ibr.cs.tu-bs.de/projects/libsmi" + +LICENSE="BSD" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd" +IUSE="" + +src_prepare() { + epatch "${FILESDIR}"/${P}-CVE-2010-2891.patch +} + +src_configure() { + replace-flags -O? -O2 + econf +} + +src_test() { + # sming test is known to fail and some other fail if LC_ALL!=C: + # http://mail.ibr.cs.tu-bs.de/pipermail/libsmi/2008-March/001014.html + sed -i '/^[[:space:]]*smidump-sming.test \\$/d' test/Makefile + LC_ALL=C emake -j1 check || die "Make check failed. See above for details." +} + +src_install () { + emake DESTDIR="${D}" install || die + dodoc smi.conf-example ANNOUNCE ChangeLog README THANKS TODO \ + doc/{*.txt,smi.dia,smi.dtd,smi.xsd} +} |