diff options
| author | wxs <wxs@FreeBSD.org> | 2008-11-19 07:21:09 +0800 |
|---|---|---|
| committer | wxs <wxs@FreeBSD.org> | 2008-11-19 07:21:09 +0800 |
| commit | b023e5f2398121269729610dcf06c2800409349c (patch) | |
| tree | 0b8cbacff47f53247b61f76beaec381d9b090bab /sysutils/syslog-ng-devel | |
| parent | bccc4dbab29bf409af454fb9614703a0ac6ec500 (diff) | |
| download | freebsd-ports-gnome-b023e5f2398121269729610dcf06c2800409349c.tar.gz freebsd-ports-gnome-b023e5f2398121269729610dcf06c2800409349c.tar.zst freebsd-ports-gnome-b023e5f2398121269729610dcf06c2800409349c.zip | |
Add patch to fix chroot vulnerability.
PR: ports/128960
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Approved by: Ivan Lago <ivan.lago@ifom-ieo-campus.it> (maintainer)
Security: http://www.vuxml.org/freebsd/75f2382e-b586-11dd-95f9-00e0815b8da8.html
Diffstat (limited to 'sysutils/syslog-ng-devel')
| -rw-r--r-- | sysutils/syslog-ng-devel/Makefile | 9 | ||||
| -rw-r--r-- | sysutils/syslog-ng-devel/files/patch-src_main.c | 22 |
2 files changed, 26 insertions, 5 deletions
diff --git a/sysutils/syslog-ng-devel/Makefile b/sysutils/syslog-ng-devel/Makefile index 9ba5a261535b..d3958e7ae664 100644 --- a/sysutils/syslog-ng-devel/Makefile +++ b/sysutils/syslog-ng-devel/Makefile @@ -7,7 +7,7 @@ PORTNAME= syslog-ng PORTVERSION= 2.0.9 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= sysutils MASTER_SITES= http://www.balabit.com/downloads/files/syslog-ng/sources/2.0/src/ PKGNAMESUFFIX= 2 @@ -27,12 +27,11 @@ USE_GNOME= glib20 SUB_FILES= pkg-message SUB_LIST= RC_SUBR_SUFFIX=${RC_SUBR_SUFFIX} -LIBNET_CONFIG?= ${LOCALBASE}/bin/libnet11-config +LIBNET_CONFIG?= ${LOCALBASE}/bin/libnet11-config CONFIGURE_ARGS= --sysconfdir=${LOCALBASE}/etc --localstatedir=/var/db \ - --enable-dynamic-linking --mandir=${PREFIX}/man \ - --with-libnet=${LOCALBASE}/bin -CONFIGURE_ENV= CFLAGS="`${LIBNET_CONFIG} --cflags`" \ + --enable-dynamic-linking --with-libnet=${LOCALBASE}/bin +CONFIGURE_ENV= CFLAGS="`${LIBNET_CONFIG} --cflags`" \ LDFLAGS="`${LIBNET_CONFIG} --libs`" .if defined(WITH_TCP_WRAPPERS) diff --git a/sysutils/syslog-ng-devel/files/patch-src_main.c b/sysutils/syslog-ng-devel/files/patch-src_main.c new file mode 100644 index 000000000000..e6423ef8fa25 --- /dev/null +++ b/sysutils/syslog-ng-devel/files/patch-src_main.c @@ -0,0 +1,22 @@ +Patch for CVE-2008-5110 + +Obtained from: http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=14;mbox=yes;bug=505791 +Note: was not able to cleanly apply the original patch, so it was recreated + by hand using the original submission contents + +--- src/main.c.orig 2008-03-23 23:35:27.000000000 +0300 ++++ src/main.c 2008-11-18 14:38:13.000000000 +0300 +@@ -275,6 +275,13 @@ + { + if (chroot_dir) + { ++ if (chdir(chroot_dir) < 0) ++ { ++ msg_error("Error during chdir() before chroot()", ++ evt_tag_errno(EVT_TAG_OSERROR, errno), ++ NULL); ++ return 0; ++ } + if (chroot(chroot_dir) < 0) + { + msg_error("Error during chroot()", |