Vulnerable packages in ports tree 03/11

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Vulnerable packages in ports tree 03/11

Sevan / Venture37-2
Reply | Threaded
Open this post in threaded view
|

Re: Vulnerable packages in ports tree 03/11

Giovanni Bechis-7
On Tue, Nov 03, 2015 at 01:06:00AM +0000, Sevan / Venture37 wrote:
> net/miniupnpc - http://talosintel.com/reports/TALOS-2015-0035/
> databases/postgresql - http://www.postgresql.org/about/news/1615/
>
databases/mariadb: 10.0.22 fixes some CVE
 Giovanni

Reply | Threaded
Open this post in threaded view
|

Re: Vulnerable packages in ports tree 03/11

Pierre-Emmanuel Andre
In reply to this post by Sevan / Venture37-2
On Tue, Nov 03, 2015 at 01:06:00AM +0000, Sevan / Venture37 wrote:
> net/miniupnpc - http://talosintel.com/reports/TALOS-2015-0035/
> databases/postgresql - http://www.postgresql.org/about/news/1615/
>

I will commit the PostgreSQL update today.
Thanks,

Reply | Threaded
Open this post in threaded view
|

Re: Vulnerable packages in ports tree 03/11

David Coppa
In reply to this post by Sevan / Venture37-2
On Tue, 03 Nov 2015, Sevan / Venture37 wrote:

> net/miniupnpc - http://talosintel.com/reports/TALOS-2015-0035/

Here's a diff for miniupnpc:

Index: Makefile
===================================================================
RCS file: /cvs/ports/net/miniupnp/miniupnpc/Makefile,v
retrieving revision 1.6
diff -u -p -u -p -r1.6 Makefile
--- Makefile 3 Feb 2014 13:30:52 -0000 1.6
+++ Makefile 3 Nov 2015 11:14:12 -0000
@@ -10,6 +10,8 @@ DISTNAME= miniupnpc-${MODPY_EGG_VERSION}
 PKGNAME-main= ${DISTNAME}
 PKGNAME-python= py-${DISTNAME}
 
+REVISION-main= 0
+
 SHARED_LIBS += miniupnpc 2.0
 
 WANTLIB-main += c
Index: patches/patch-igd_desc_parse_c
===================================================================
RCS file: patches/patch-igd_desc_parse_c
diff -N patches/patch-igd_desc_parse_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-igd_desc_parse_c 3 Nov 2015 11:14:12 -0000
@@ -0,0 +1,23 @@
+$OpenBSD$
+
+commit 79cca974a4c2ab1199786732a67ff6d898051b78
+Author: Thomas Bernard <[hidden email]>
+Date:   Tue Sep 15 15:32:33 2015 +0200
+
+igd_desc_parse.c: fix buffer overflow
+
+http://talosintel.com/reports/TALOS-2015-0035/
+
+--- igd_desc_parse.c.orig Mon Apr 11 11:19:37 2011
++++ igd_desc_parse.c Tue Nov  3 12:08:09 2015
+@@ -15,7 +15,9 @@
+ void IGDstartelt(void * d, const char * name, int l)
+ {
+ struct IGDdatas * datas = (struct IGDdatas *)d;
+- memcpy( datas->cureltname, name, l);
++ if(l >= MINIUPNPC_URL_MAXSIZE)
++ l = MINIUPNPC_URL_MAXSIZE-1;
++ memcpy(datas->cureltname, name, l);
+ datas->cureltname[l] = '\0';
+ datas->level++;
+ if( (l==7) && !memcmp(name, "service", l) ) {

Reply | Threaded
Open this post in threaded view
|

Re: Vulnerable packages in ports tree 03/11

Sevan / Venture37-2
In reply to this post by Sevan / Venture37-2