Add patch for CVE-2014-4510 (bug #514184).

Package-Manager: portage-2.2.10/cvs/Linux x86_64
Manifest-Sign-Key: 0xA792A613

4 files changed, 93 insertions, 7 deletions

diff --git a/net-misc/apt-cacher-ng/ChangeLog b/net-misc/apt-cacher-ng/ChangeLog
index 05bcc1059799..fdcf6dee1911 100644
--- a/net-misc/apt-cacher-ng/ChangeLog
+++ b/net-misc/apt-cacher-ng/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-misc/apt-cacher-ng
 # Copyright 1999-2014 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/apt-cacher-ng/ChangeLog,v 1.40 2014/06/20 14:59:37 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/apt-cacher-ng/ChangeLog,v 1.41 2014/06/24 13:20:47 jer Exp $
+
+*apt-cacher-ng-0.7.26-r1 (24 Jun 2014)
+
+  24 Jun 2014; Jeroen Roovers <jer@gentoo.org> -apt-cacher-ng-0.7.26.ebuild,
+  +apt-cacher-ng-0.7.26-r1.ebuild,
+  +files/apt-cacher-ng-0.7.26-CVE-2014-4510.patch:
+  Add patch for CVE-2014-4510 (bug #514184).
 
   20 Jun 2014; Jeroen Roovers <jer@gentoo.org> -apt-cacher-ng-0.7.25.ebuild:
   Old.
diff --git a/net-misc/apt-cacher-ng/Manifest b/net-misc/apt-cacher-ng/Manifest
index 418568e2feb3..65d0e6b1cde9 100644
--- a/net-misc/apt-cacher-ng/Manifest
+++ b/net-misc/apt-cacher-ng/Manifest
@@ -1,18 +1,19 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA256
 
+AUX apt-cacher-ng-0.7.26-CVE-2014-4510.patch 2875 SHA256 c5c3cb5758c1cea80347170db3edef5cbbe93bd5234e962bd57ff82146d362b4 SHA512 4d90ce64bfbd3dbecdb87e64fe7eeb291c0d32ecfb4605e539977925d6e9158c471010e844c434913055fa5d61f207deae6841b46f0c005fbdee55a317c98eda WHIRLPOOL 3ae7d524dbe8ce163fe86804b9d9fe8922b85af3f2c2b9e9574db4f88209f9b2d44113bef2ad5ee612b175ccb52e8f8791146bdecbad4100272411657d3f8c3a
 AUX confd 90 SHA256 cabcc9da711514913e5136c82842c750bab8a9658aeeb88da5a266e0d69b29a1 SHA512 14412f717ad334e6ce5cf65b9b0968fc3ab27e93f3d3ce52d39e0b646694e8e7d7905ede25feeabad6ef3301b5644677f30e27b867ff32f665ab6c4e2cd0a662 WHIRLPOOL b6e2a87ef590b806a128bc7198b2d278fede6bdd6b5326f3dd1bcbda193e8c56248a997e01e624e4c7468b9f459c8d18fc3c9631263dd560ff0601bf5dde3598
 AUX cron.daily 459 SHA256 6ec7ceeead17ef5a84d5ec5472d38810d9e1478213643da5f3fd9863dde40094 SHA512 3e42afb0be6235594e2ccf68d0fd4c7be4954d6583562e1692e98ab55e8fdc74026690b01417e4b6fc9fe288df40e66e5e63e5a1fd98d5484c6eb366aa1b4d4a WHIRLPOOL e9c69a8d21a38435522f02fd7ac4b2924ad641e2058a9bc3ae051f155eee500e33d116cf868328a665d082c616c42ba3e5de751437ba24eef193541975e792db
 AUX initd 830 SHA256 d9fd5c213c65f74779f444337fec93304771f4bd560baf712d1f6e7c04fdd1e1 SHA512 284592c02d32d4be7eefa4743e3e46782100bb101648de523f16defe944103d212315f9d3113c74706c355041005390b2e56bbe6486b83f16a013011fe76d9b2 WHIRLPOOL 6e0f81474025444124f762e3343c279ecd7af494b08f6fc0e02120a1f0864f945949df64558c27a5f21be48786e2d2202aba5a78a4b2282ed3035888e12ebd15
 AUX logrotate 377 SHA256 6f1624d655383452a6d56d69327d41b80379cc667ad2d481ca94f8ea78f7a65b SHA512 c2f4be7294953a63a89e5beee40029e03faa1db49986a6f8d974def67b064d391be13ecddec0d6b4d7ec369db6dcd0bafc328e90b54ccec911df739c719fd885 WHIRLPOOL 80037bc359ffb860ce19e2493d10597f81e02138368ad2bce002da8f4a725cdeee61662478efff4755f0f8a0c9f376263fd6b56505eddddd5c18c1a33f7d22b8
 DIST apt-cacher-ng_0.7.26.orig.tar.xz 272508 SHA256 5a22b9e19ca87245b7c2f37b25d2e5782080d70e3e0bee8bf73a8c0dd38b08a5 SHA512 84c9c4329b4fbc468b9aad684b00fab82e65be911f8d9833666b969db6b65543130bfc706e2c639ecf82d4b73781d47612e6e5b09f0b785a79ae3949bc9d923a WHIRLPOOL 152776af06708b3cff2487488f826bac32a7ab2d10a476d7edb961a0681b2e6af2c4ba02aeaf949b3afd1aeb236779b05a22d462a37aad66942c03ddb189d3df
-EBUILD apt-cacher-ng-0.7.26.ebuild 2209 SHA256 c8d99cabf3d3f695d0bcd4e182ea3163f1ae098bdab4f115c932366b27b80625 SHA512 285888d0c88054574f9ea73e6ec32da05e4c6e7b7df5c041f9e390b073e8c20d4a46f784c2d9f3dcff4ed1810d2d6f871f4dd3551c32c69d77d62a146c71b84a WHIRLPOOL 5f96f4f97d989137910ac8ccdbed7a27cfedf963faf4f9dd040877141ec13e618a1096a5505a995fced04e62973a8deadb828af2f3bcce6cf2ba5bdc2567e3ae
-MISC ChangeLog 6743 SHA256 ac6a3ca48ff6970ce93e8022aff56333b574fad846acf3a3ec00796d6a012149 SHA512 8e16ddbb00cede6fbdebab828c27446fc6be98a7cefae6b3671bb85bac577f653223b2c0ba4e1818aa5d2a05f5bc6b11c2e2e8de2790654e6386417ef4606c35 WHIRLPOOL dd6ab4a415997b4ab352a790224ca71ab0f01d6d8f22c9b356e5ada5ee57d85fad4357f751ac7efd373cd932288b4c43eccf4e814ef5df069ae18fc4bd181556
+EBUILD apt-cacher-ng-0.7.26-r1.ebuild 2265 SHA256 6d9d297a3924dd1eb7dbe2ebcbe83325db436fe7bf838dd3f8801afc7459fde4 SHA512 71be3b6d5ab62b335d2a916da5b4d20edaac65746293a9874096a626d229ff1af031da4fe2aac6b2f829fd50ba41ee7730ebd12fc3134f0cdc0bf87c735df1b1 WHIRLPOOL 25f92cf76959e41c826e4175a8c2f75313cace726f39fce454266475be4aa748567785b3c02442e36a84906b9152d3445706cdd2f5079af6b44c53c37a3d2811
+MISC ChangeLog 6992 SHA256 a876300dc615f3f8239eb65874baa4edbddcf761e5ffa8fab93fe7eec9bf4021 SHA512 d4802f7b3b74f92c2cf9b928a3d726c7b9237a3614effa00a6519427d972b5cab5c5f5afbc97e03babdf9c424b0934b26703d23f1d3a14f256f5b19390b517df WHIRLPOOL 8342f3332f49d9b99f4c6a38a0c48c99c0a17431d49db79502624c7115afa19824675fd007c70690d0cf41e87b74e0492fbca6f864fff9da07ac2df113c0c2a8
 MISC metadata.xml 387 SHA256 83e4af4a9dff85e9d5d58a7704abff4dad046540b992c819a8203d529673e6d0 SHA512 5208a00d95e1f640eb0e10bd448f90465fa61eb3b9139406287af49b14511ead780a7bf613924b8e41dadba6fb1da2939683fe64ee97fb27ef2baaf494331c28 WHIRLPOOL e8fa3d5a1b746fb808e082eec20f734d4d309625f4f485df443f477a79d4f9fe358935cab369c7311f9432366a0e5fbf8ecb1a3377393ffc43922af265983de6
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.22 (GNU/Linux)
 
-iEYEAREIAAYFAlOkTFoACgkQVWmRsqeSphMyXgCfUe3VCW+GlyM5Fvnt5TjptRqq
-Oa8An0gclfs2xoMWIUYLd060TQ1IYTPU
-=Emia
+iEYEAREIAAYFAlOpezAACgkQVWmRsqeSphOyLACcCx7+ZGer6fRYn7EIndpHj5iX
+liIAn1ZOhYpB31AXkk5kxraaSVwbyL4Q
+=Tzr9
 -----END PGP SIGNATURE-----
diff --git a/net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26.ebuild b/net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26-r1.ebuild
index e938f13a5fa9..205a5c98c875 100644
--- a/net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26.ebuild
+++ b/net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26-r1.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2014 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26.ebuild,v 1.1 2014/03/24 14:20:07 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/apt-cacher-ng/apt-cacher-ng-0.7.26-r1.ebuild,v 1.1 2014/06/24 13:20:47 jer Exp $
 
 EAPI=5
 inherit cmake-utils eutils user
@@ -33,6 +33,10 @@ RDEPEND="
 	tcpd? ( sys-apps/tcp-wrappers )
 "
 
+PATCHES=(
+	"${FILESDIR}"/${P}-CVE-2014-4510.patch
+)
+
 pkg_setup() {
 	# add new user & group for daemon
 	enewgroup ${PN}
diff --git a/net-misc/apt-cacher-ng/files/apt-cacher-ng-0.7.26-CVE-2014-4510.patch b/net-misc/apt-cacher-ng/files/apt-cacher-ng-0.7.26-CVE-2014-4510.patch
new file mode 100644
index 000000000000..d7c9c8674b5d
--- /dev/null
+++ b/net-misc/apt-cacher-ng/files/apt-cacher-ng-0.7.26-CVE-2014-4510.patch
@@ -0,0 +1,74 @@
+From 6f08e6a3995d1bed4e837889a3945b6dc650f6ad Mon Sep 17 00:00:00 2001
+From: Eduard Bloch <blade@debian.org>
+Date: Thu, 19 Jun 2014 23:10:28 +0200
+Subject: [PATCH 1/1] Option to have a custom message body
+
+---
+ include/job.h |  2 +-
+ source/job.cc | 15 +++++++++------
+ 2 files changed, 10 insertions(+), 7 deletions(-)
+
+diff --git a/include/job.h b/include/job.h
+index 9724590..e2026ac 100644
+--- a/include/job.h
++++ b/include/job.h
+@@ -76,7 +76,7 @@ class job {
+ 
+       const char * BuildAndEnqueHeader(const fileitem::FiStatus &fistate, const off_t &nGooddataSize, header& respHead);
+       fileitem::FiStatus _SwitchToPtItem(const mstring &fileLoc);
+-      void SetErrorResponse(const char * errorLine, const char *szLocation=NULL);
++      void SetErrorResponse(const char * errorLine, const char *szLocation=NULL, const char *bodytext=NULL);
+       void HandleLocalDownload(const mstring &visPath,
+     			const mstring &fsBase, const mstring &fsSubpath);
+ 
+diff --git a/source/job.cc b/source/job.cc
+index 53168d2..293d34b 100644
+--- a/source/job.cc
++++ b/source/job.cc
+@@ -729,7 +729,8 @@ report_overload:
+     return ;
+ 
+ report_notallowed:
+-	SetErrorResponse((tSS() << "403 Forbidden file type or location: " << sReqPath).c_str());
++	SetErrorResponse((tSS() << "403 Forbidden file type or location: " << sReqPath).c_str(),
++			NULL, "403 Forbidden file type or location");
+ //    USRDBG( sRawUriPath + " -- ACCESS FORBIDDEN");
+     return ;
+ 
+@@ -1156,26 +1157,28 @@ fileitem::FiStatus job::_SwitchToPtItem(const std::string &fileLoc)
+ }
+ 
+ 
+-void job::SetErrorResponse(const char * errorLine, const char *szLocation)
++void job::SetErrorResponse(const char * errorLine, const char *szLocation, const char *bodytext)
+ {
+ 	LOGSTART2("job::SetErrorResponse", errorLine << " ; for " << m_sOrigUrl);
+ 	class erroritem: public tGeneratedFitemBase
+ 	{
+ 	public:
+-		erroritem(const string &sId, const char *szError) : tGeneratedFitemBase(sId, szError)
++		erroritem(const string &sId, const char *szError, const char *bodytext)
++			: tGeneratedFitemBase(sId, szError)
+ 		{
+ 			if(BODYFREECODE(m_head.getStatus()))
+ 				return;
+ 			// otherwise do something meaningful
+ 			m_data << "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n"
+-				"<html><head><title>" << szError << "</title>\n</head>\n<body><h1>"
+-				<< szError << "</h1></body></html>";
++				"<html><head><title>" << (bodytext ? bodytext : szError)
++				<< "</title>\n</head>\n<body><h1>"
++				<< (bodytext ? bodytext : szError) << "</h1></body></html>";
+ 			m_head.set(header::CONTENT_TYPE, "text/html");
+ 			seal();
+ 		}
+ 	};
+ 
+-	erroritem *p = new erroritem("noid", errorLine);
++	erroritem *p = new erroritem("noid", errorLine, bodytext);
+ 	p->HeadRef().set(header::LOCATION, szLocation);
+ 	m_pItem.ReplaceWithLocal(p);
+ 	//aclog::err(tSS() << "fileitem is now " << uintptr_t(m_pItem.get()));
+-- 
+1.9.1
+