diff options
-rw-r--r-- | MOVED | 1 | ||||
-rw-r--r-- | irc/Makefile | 1 | ||||
-rw-r--r-- | irc/bitchx-devel/Makefile | 118 | ||||
-rw-r--r-- | irc/bitchx-devel/distinfo | 2 | ||||
-rw-r--r-- | irc/bitchx-devel/files/patch-amd64_fix | 32 | ||||
-rw-r--r-- | irc/bitchx-devel/files/patch-aq | 33 | ||||
-rw-r--r-- | irc/bitchx-devel/files/patch-configure | 26 | ||||
-rw-r--r-- | irc/bitchx-devel/files/patch-source-Makefile.in | 19 | ||||
-rw-r--r-- | irc/bitchx-devel/pkg-descr | 15 | ||||
-rw-r--r-- | irc/bitchx-devel/pkg-plist | 84 | ||||
-rw-r--r-- | security/vuxml/vuln.xml | 50 |
11 files changed, 51 insertions, 330 deletions
@@ -4333,3 +4333,4 @@ x11-toolkits/linux-gtk2||2013-05-30|Has expired: Only used on FreeBSD 7, which i x11-toolkits/linux-openmotif||2013-05-30|Has expired: Only used on FreeBSD 7, which is end-of-life x11-toolkits/linux-pango||2013-05-30|Has expired: Only used on FreeBSD 7, which is end-of-life x11-toolkits/linux-qt33||2013-05-30|Has expired: Only used on FreeBSD 7, which is end-of-life +irc/bitchx-devel|irc/bitchx|2013-05-31|Release finally cut diff --git a/irc/Makefile b/irc/Makefile index 72290936ec9c..242cc1f39729 100644 --- a/irc/Makefile +++ b/irc/Makefile @@ -6,7 +6,6 @@ SUBDIR += anope SUBDIR += bip SUBDIR += bitchx - SUBDIR += bitchx-devel SUBDIR += bitlbee SUBDIR += bnc SUBDIR += bobot++ diff --git a/irc/bitchx-devel/Makefile b/irc/bitchx-devel/Makefile deleted file mode 100644 index a4f432f62d33..000000000000 --- a/irc/bitchx-devel/Makefile +++ /dev/null @@ -1,118 +0,0 @@ -# Created by: Jimbo Bahooli <griffin@blackhole.iceworld.org> -# $FreeBSD$ - -PORTNAME= BitchX -PORTVERSION= 1.2 -CATEGORIES+= irc -DISTNAME= ${PORTNAME}-${PORTNAME}${PORTVERSION}-${GH_COMMIT} - -MAINTAINER?= dan.mashal@gmail.com -COMMENT?= Feature-rich scriptable IRC client - -USE_GITHUB= yes -GH_ACCOUNT= ${PORTNAME} -GH_PROJECT= ${PORTNAME}1.2 -GH_TAGNAME= master -GH_COMMIT= a22b86f - -LATEST_LINK= BitchX-devel -GNU_CONFIGURE= yes -CONFIGURE_ENV= LIBS="-L${LOCALBASE}/lib" -CONFIGURE_ARGS= --libdir="${PREFIX}/share" -USE_GMAKE= yes -USE_PERL5= yes -WANT_GNOME= yes -DOCSDIR= ${PREFIX}/share/bx/help -PORTDOCS= * - -MAN1= ${PORTNAME}.1 - -OPTIONS_DEFINE= ESOUND GNOME IPV6 LATIN PLUGINS SSL XMMS - -GNOME_DESC= Legacy GTK/GNOME frontend -LATIN_DESC= Recommended for ISO-8859-1 display -PLUGINS_DESC= Build a handful of BitchX plugins -XMMS_DESC= Build XMMS plugin - -OPTIONS_DEFAULT= IPV6 PLUGINS SSL - -.include <bsd.port.pre.mk> - -.if ${ARCH} == "amd64" || ${ARCH} == "ia64" -CFLAGS+= -fPIC -.endif - -.if ${PORT_OPTIONS:MIPV6} -CONFIGURE_ARGS+= --enable-ipv6 -.endif - -.if ${PORT_OPTIONS:MSSL} -CONFIGURE_ARGS+= --with-ssl -.endif - -.if ${PORT_OPTIONS:MGNOME} || ${PORT_OPTIONS:MESOUND} -USE_GNOME= gnomelibs -CONFIGURE_ARGS+= --with-gtk -. if ${PORT_OPTIONS:MESOUND} -USE_GNOME+= esound -CONFIGURE_ARGS+= --enable-sound -. endif -CFLAGS+= -I${LOCALBASE}/include/gnome-1.0 -PLIST_SUB+= NOGNOME="@comment " GNOME="" -.else -CONFIGURE_ARGS+= --without-gtk -PLIST_SUB+= GNOME="@comment " NOGNOME="" -.endif - -.if ${PORT_OPTIONS:MPLUGINS} -PLUGINS= abot acro aim arcfour autocycle blowfish cavlink cdrom \ - encrypt europa fserv hint nap nicklist pkga possum qbx \ - qmail wavplay -PLIST_SUB+= PLUGINS="" -.else -PLIST_SUB+= PLUGINS="@comment " -.endif - -.if ${PORT_OPTIONS:MXMMS} -LIB_DEPENDS= xmms:${PORTSDIR}/multimedia/xmms -PLUGINS+= xmms -PLIST_SUB+= XMMS="" -.else -PLIST_SUB+= XMMS="@comment " -.endif - -.if !empty(PLUGINS) -CONFIGURE_ARGS+= --with-plugins="${PLUGINS:C/\$$/,/g}" -.else -CONFIGURE_ARGS+= --without-plugins -.endif - -post-patch: -.if ${PORT_OPTIONS:MLATIN} - ${REINPLACE_CMD} -e 's|#undef LATIN1|#define LATIN1|' \ - ${WRKSRC}/include/config.h -.endif - ${REINPLACE_CMD} -e 's|bzip2|true|g' ${WRKSRC}/Makefile.in - -post-install: -.if ${PORT_OPTIONS:MGNOME} - ${STRIP_CMD} ${PREFIX}/bin/gtkBitchX -.else - ${STRIP_CMD} ${PREFIX}/bin/BitchX - ${STRIP_CMD} ${PREFIX}/bin/scr-bx -.endif -.if ${PORT_OPTIONS:MDOCS} - @${MKDIR} ${DOCSDIR} - cd ${WRKSRC}/bitchx-docs && ${COPYTREE_SHARE} . ${DOCSDIR} -.endif - -# Ensure that `@dirrm share/bx' will be appended last (after PORTDOCS stuff) -add-plist-post: - @${ECHO_CMD} "@dirrm share/bx" >> ${TMPPLIST} -.if (${PREFIX} != ${LOCALBASE} && ${PREFIX} != ${LINUXBASE} && ${PREFIX} != "/usr") - @${ECHO_CMD} "@unexec rmdir %D 2> /dev/null || true" >> ${TMPPLIST} -.else - @${DO_NADA} -.endif - -.include <bsd.port.post.mk> diff --git a/irc/bitchx-devel/distinfo b/irc/bitchx-devel/distinfo deleted file mode 100644 index 669b1bfc4859..000000000000 --- a/irc/bitchx-devel/distinfo +++ /dev/null @@ -1,2 +0,0 @@ -SHA256 (BitchX-BitchX1.2-a22b86f.tar.gz) = 78868bf79960fdb3cb716f38a90a084aaf9dfd76498e0c7df252ef1e43ca9a08 -SIZE (BitchX-BitchX1.2-a22b86f.tar.gz) = 2555622 diff --git a/irc/bitchx-devel/files/patch-amd64_fix b/irc/bitchx-devel/files/patch-amd64_fix deleted file mode 100644 index 51dfe89a9ac7..000000000000 --- a/irc/bitchx-devel/files/patch-amd64_fix +++ /dev/null @@ -1,32 +0,0 @@ - - -Patch attached with submission follows: - -diff -ur BitchX.orig/include/module.h BitchX/include/module.h ---- BitchX.orig/include/module.h Fri Apr 11 03:09:07 2003 -+++ include/module.h Sun Jan 8 17:18:15 2006 -@@ -15,7 +15,7 @@ - - #include "struct.h" - --typedef int (*Function_ptr)(); -+typedef long (*Function_ptr)(); - - #ifdef WANT_DLL - #ifdef HPUX -diff -ur BitchX.orig/source/screen.c BitchX/source/screen.c ---- BitchX.orig/source/screen.c Thu Jul 31 09:01:08 2003 -+++ source/screen.c Sun Jan 8 17:18:18 2006 -@@ -1377,8 +1377,8 @@ - { - if (!w) - w = current_window; -- if (w->screen) -- w->screen->cursor_window = w; -+/* if (w->screen) -+ w->screen->cursor_window = w;*/ - } - - /* - - diff --git a/irc/bitchx-devel/files/patch-aq b/irc/bitchx-devel/files/patch-aq deleted file mode 100644 index 7c46ba4760f5..000000000000 --- a/irc/bitchx-devel/files/patch-aq +++ /dev/null @@ -1,33 +0,0 @@ ---- include/config.h.old Wed Mar 14 11:20:48 2001 -+++ include/config.h Wed Mar 14 11:23:51 2001 -@@ -225,7 +225,7 @@ - * in the client. defining this variable to 1 allows that happen. It also - * adds a HEBREW_TOGGLE variable which can turn this feature on/off - */ --#undef WANT_HEBREW -+#define WANT_HEBREW - - /* if you use cidentd the filename is called .authlie instead of .noident. - * as well some modifications to the format of the file were made. So we -@@ -480,9 +480,9 @@ - #define DEFAULT_AINV 0 - #define DEFAULT_ANNOY_KICK OFF - #define DEFAULT_AOP_VAR OFF --#define DEFAULT_AUTO_AWAY ON --#define DEFAULT_KICK_OPS ON --#define DEFAULT_AUTO_REJOIN ON -+#define DEFAULT_AUTO_AWAY OFF -+#define DEFAULT_KICK_OPS OFF -+#define DEFAULT_AUTO_REJOIN OFF - #define DEFAULT_DEOPFLOOD ON - #if defined(__EMXPM__) || defined(WIN32) - #define DEFAULT_CODEPAGE 437 -@@ -684,7 +684,7 @@ - #endif - - #undef PARANOID /* #define this if your paranoid about dcc hijacking */ --#undef WANT_CHAN_NICK_SERV /* do we want to include some chan/nick/oper server commands */ -+#define WANT_CHAN_NICK_SERV /* do we want to include some chan/nick/oper server commands */ - - /* new epic stuff */ - #define OLD_STATUS_S_EXPANDO_BEHAVIOR diff --git a/irc/bitchx-devel/files/patch-configure b/irc/bitchx-devel/files/patch-configure deleted file mode 100644 index eb380b0aac6a..000000000000 --- a/irc/bitchx-devel/files/patch-configure +++ /dev/null @@ -1,26 +0,0 @@ ---- configure.orig 2012-11-18 22:48:07.000000000 -0500 -+++ configure 2012-11-18 22:48:27.000000000 -0500 -@@ -14756,11 +14756,6 @@ - SHLIB_LD="ld -shared" - fi - ;; -- FreeBSD-1*) -- { { echo "$as_me:$LINENO: error: sorry" >&5 --echo "$as_me: error: sorry" >&2;} -- { (exit no plugins on $ac_cv_system_version); exit no plugins on $ac_cv_system_version; }; } -- ;; - FreeBSD-2.2*) - SHLIB_LD="ld -Bshareable" - ;; -@@ -16242,11 +16237,6 @@ - SHLIB_LD="ld -shared" - fi - ;; -- FreeBSD-1*) -- { { echo "$as_me:$LINENO: error: sorry" >&5 --echo "$as_me: error: sorry" >&2;} -- { (exit no plugins on $ac_cv_system_version); exit no plugins on $ac_cv_system_version; }; } -- ;; - FreeBSD-2.2*) - SHLIB_LD="ld -Bshareable" - ;; diff --git a/irc/bitchx-devel/files/patch-source-Makefile.in b/irc/bitchx-devel/files/patch-source-Makefile.in deleted file mode 100644 index 1de368fa30af..000000000000 --- a/irc/bitchx-devel/files/patch-source-Makefile.in +++ /dev/null @@ -1,19 +0,0 @@ ---- source/Makefile.in.orig Fri Apr 11 03:09:07 2003 -+++ source/Makefile.in Tue Mar 30 14:44:20 2004 -@@ -37,7 +37,7 @@ - IRCLIB = @IRCLIB@ - - CC = @CC@ --DEFS = @INCLUDES@ -+DEFS = @INCLUDES@ @CPPFLAGS@ - LIBS = @LIBS@ - - # Tcl library. -@@ -51,6 +51,7 @@ - # Set this to -g if you want to be able to debug the client, otherwise - # use -O to have the compiler do some optimization instead. - CFLAGS = @CFLAGS@ -+CPPFLAGS= @CPPFLAGS@ - - # Set this to -s if you want the binary to be stripped. - LDFLAGS = @LDFLAGS@ diff --git a/irc/bitchx-devel/pkg-descr b/irc/bitchx-devel/pkg-descr deleted file mode 100644 index 221a3ec6540b..000000000000 --- a/irc/bitchx-devel/pkg-descr +++ /dev/null @@ -1,15 +0,0 @@ -BitchX is an IRC (Internet Relay Chat) client by Colten Edwards aka -panasync@EFnet, it is based on its predecessors ircII and Epic. - -BitchX was originally started as a script by Trench and HappyCrappy for -the popular Unix IRC client ircII. Around Christmas of 1994 the script -was patched directly into the client by Colten Edwards. - -BitchX includes features which make it an eggdrop, a bouncer, and a -friendly IRC client at the same time. - -BitchX is one the most popular IRC clients among Unix systems. It is -highly customizable and capable of running scripts, so it can be used -as an IRC bot too. - -WWW: http://www.bitchx.org/ diff --git a/irc/bitchx-devel/pkg-plist b/irc/bitchx-devel/pkg-plist deleted file mode 100644 index f0e3b8fbf2dd..000000000000 --- a/irc/bitchx-devel/pkg-plist +++ /dev/null @@ -1,84 +0,0 @@ -@unexec if [ -f %D/share/bx/script/bxglobal.old ]; then rm -f %D/share/bx/script/bxglobal.old; fi -%%NOGNOME%%bin/BitchX -%%NOGNOME%%bin/BitchX-1.2c01-svn -%%GNOME%%bin/gtkBitchX -%%GNOME%%bin/gtkBitchX-1.2c01-svn -%%NOGNOME%%bin/scr-bx -share/bx/BitchX.help -share/bx/BitchX.ircnames -share/bx/BitchX.quit -share/bx/BitchX.kick -%%PLUGINS%%share/bx/plugins/BitchX.hints -%%PLUGINS%%share/bx/plugins/acro.so -%%PLUGINS%%share/bx/plugins/autobot.so -%%PLUGINS%%share/bx/plugins/blowfish.so -%%PLUGINS%%share/bx/plugins/encrypt.so -%%PLUGINS%%share/bx/plugins/fserv.so -%%PLUGINS%%share/bx/plugins/hint.so -%%PLUGINS%%share/bx/plugins/pkga.so -%%PLUGINS%%share/bx/plugins/possum.so -%%PLUGINS%%share/bx/plugins/qmail.so -%%PLUGINS%%share/bx/plugins/wavplay.so -%%PLUGINS%%share/bx/plugins/qbx.so -%%PLUGINS%%share/bx/plugins/arcfour.so -%%PLUGINS%%share/bx/plugins/autocycle.so -%%PLUGINS%%share/bx/plugins/aim.so -%%PLUGINS%%share/bx/plugins/cavlink.so -%%PLUGINS%%share/bx/plugins/cdrom.so -%%PLUGINS%%share/bx/plugins/nap.so -%%PLUGINS%%share/bx/plugins/nicklist.so -%%XMMS%%share/bx/plugins/xmms.so -share/bx/script/SCRIPTS -share/bx/script/actplug.gmz -share/bx/script/bxglobal -share/bx/script/bxtcl.tcl -share/bx/script/cyp1.0k.tar.gz -share/bx/script/dcc_fserve-0.50.tgz -share/bx/script/example-.bitchxrc -share/bx/script/file.tcl -share/bx/script/fserve+vfs.tar.gz -share/bx/script/logger.bx -share/bx/script/menu.bx -share/bx/script/operchallenge-1.3.tar -share/bx/script/query.bx -share/bx/script/auto_resume -share/bx/script/fserve.irc -share/bx/script/query -share/bx/translation/ASCII -share/bx/translation/CP437 -share/bx/translation/CP850 -share/bx/translation/DANISH -share/bx/translation/DEC_MCS -share/bx/translation/DG_MCS -share/bx/translation/DUTCH -share/bx/translation/FINNISH -share/bx/translation/FRENCH -share/bx/translation/FRENCH_CANADIAN -share/bx/translation/GERMAN -share/bx/translation/HP_MCS -share/bx/translation/IRV -share/bx/translation/ITALIAN -share/bx/translation/JIS -share/bx/translation/MACINTOSH -share/bx/translation/NEXT -share/bx/translation/NORWEGIAN_1 -share/bx/translation/NORWEGIAN_2 -share/bx/translation/POLISH -share/bx/translation/POLISH_NOPL -share/bx/translation/PORTUGUESE -share/bx/translation/PORTUGUESE_COM -share/bx/translation/RUSSIAN -share/bx/translation/RUSSIAN_ALT -share/bx/translation/RUSSIAN_WIN -share/bx/translation/SPANISH -share/bx/translation/SWEDISH -share/bx/translation/SWEDISH_NAMES -share/bx/translation/SWEDISH_NAMES_COM -share/bx/translation/SWISS -share/bx/translation/UNITED_KINGDOM -share/bx/translation/UNITED_KINGDOM_COM -%%NOGNOME%%share/bx/wserv -@dirrm share/bx/translation -@dirrm share/bx/script -@dirrm share/bx/plugins -@comment "@dirrm share/bx" must be appended after PORTDOCS stuff, see Makefile diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index aa3c2627d5bd..6b4c2ed33cdb 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -51,6 +51,56 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="0a799a8e-c9d4-11e2-a424-14dae938ec40"> + <topic>irc/bitchx -- multiple vulnerabilities</topic> + <affects> + <package> + <name>BitchX</name> + <range><lt>1.2.*,1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>bannedit reports:</p> + <blockquote cite="http://www.cvedetails.com/cve/CVE-2007-4584/"> + <p>Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC + servers to execute arbitrary code via a long string in a MODE + command, related to the p_mode variable.</p> + </blockquote> + <p>Nico Golde reports:</p> + <blockquote cite="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=449149"> + <p>There is a security issue in ircii-pana in bitchx' hostname + command. The e_hostname function (commands.c) uses tmpnam to + create a temporary file which is known to be insecure.</p> + </blockquote> + <p>Chris reports:</p> + <blockquote cite="http://secunia.com/advisories/27556"> + <p>Chris has reported a vulnerability in the Cypress script for + BitchX, which can be exploited by malicious people to disclose + potentially sensitive information or to compromise a vulnerable + system.</p> + + <p>The vulnerability is caused due to malicious code being present + in the modules/mdop.m file. This can be exploited to disclose the + content of various system files or to execute arbitrary shell + commands.</p> + + <p>Successful exploitation allows execution of arbitrary code, but + requires the control of the "lsyn.webhop.net" domain.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2007-4584</cvename> + <cvename>CVE-2007-5839</cvename> + <cvename>CVE-2007-5922</cvename> + </references> + <dates> + <discovery>2007-08-28</discovery> + <entry>2013-05-31</entry> + </dates> + </vuln> + <vuln vid="19751e06-c798-11e2-a373-000c29833058"> <topic>znc -- null pointer dereference in webadmin module</topic> <affects> |