Revbump, fixes for CVE-2007-5623 and CVE-2007-5198

Package-Manager: portage-2.1.3.16
author: Tobias Scherbaum <dertobi123@gentoo.org> 2007-10-29 19:51:35 +0000
committer: Tobias Scherbaum <dertobi123@gentoo.org> 2007-10-29 19:51:35 +0000
commit: ba0a7fef45e7ff599af1c333dcec83c5796b1d32 (patch)
tree: e7682cfce5fc9deaa59a86eb78827c33a1f74fbb /net-analyzer/nagios-plugins
parent: Sparc stable --- Bug #196608 --- developer request. (diff)
download: historical-ba0a7fef45e7ff599af1c333dcec83c5796b1d32.tar.gz
historical-ba0a7fef45e7ff599af1c333dcec83c5796b1d32.tar.bz2
historical-ba0a7fef45e7ff599af1c333dcec83c5796b1d32.zip
6 files changed, 210 insertions, 5 deletions
diff --git a/net-analyzer/nagios-plugins/ChangeLog b/net-analyzer/nagios-plugins/ChangeLog
index 2ae34ce63201..584f3f255e6b 100644
--- a/net-analyzer/nagios-plugins/ChangeLog
+++ b/net-analyzer/nagios-plugins/ChangeLog
@@ -1,6 +1,16 @@
 # ChangeLog for net-analyzer/nagios-plugins
 # Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/nagios-plugins/ChangeLog,v 1.76 2007/10/23 19:43:06 dertobi123 Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/nagios-plugins/ChangeLog,v 1.77 2007/10/29 19:51:34 dertobi123 Exp $
+
+*nagios-plugins-1.4.10-r1 (29 Oct 2007)
+
+  29 Oct 2007; Tobias Scherbaum <dertobi123@gentoo.org>
+  +files/nagios-plugins-1.4.10-check_http.patch, +files/CVE-2007-5623.patch,
+  +nagios-plugins-1.4.10-r1.ebuild:
+  revbump, Include a fix for CVE-2007-5623 (Bug #196308)
+  The fix for CVE-2007-5198 (Bug #194178) was incomplete as per
+  http://sourceforge.net/tracker/index.php?func=detail&aid=1813346&group_id=29
+  880&atid=397597
 
   23 Oct 2007; Tobias Scherbaum <dertobi123@gentoo.org>
   -files/nagios-plugins-1.4.8-mysql.patch,
diff --git a/net-analyzer/nagios-plugins/Manifest b/net-analyzer/nagios-plugins/Manifest
index 7f2bccc6adbd..962d8f170b1e 100644
--- a/net-analyzer/nagios-plugins/Manifest
+++ b/net-analyzer/nagios-plugins/Manifest
@@ -1,3 +1,11 @@
+AUX CVE-2007-5623.patch 1060 RMD160 c8704e0c39a4194ee153b444a7285f0a44363030 SHA1 2e82a8daa2020de28f1d77c2db26fbf9048a4245 SHA256 f41b53fe45669ef26a3742a73de536658c072f991d82a6479bcd887b932e3295
+MD5 8471e03d3f5592c0795271f90582c775 files/CVE-2007-5623.patch 1060
+RMD160 c8704e0c39a4194ee153b444a7285f0a44363030 files/CVE-2007-5623.patch 1060
+SHA256 f41b53fe45669ef26a3742a73de536658c072f991d82a6479bcd887b932e3295 files/CVE-2007-5623.patch 1060
+AUX nagios-plugins-1.4.10-check_http.patch 549 RMD160 e3b85a38d04b32e68b97bf57595b5347be7ce1cc SHA1 d452e8e3bf09d85751219b5c6e8bd762548451ed SHA256 2fffe117269d1f9b56870169e38ea0836f47c0cc088bb8b3520a9ecfce90c79e
+MD5 e9fd958641b8807efea7c749064e3881 files/nagios-plugins-1.4.10-check_http.patch 549
+RMD160 e3b85a38d04b32e68b97bf57595b5347be7ce1cc files/nagios-plugins-1.4.10-check_http.patch 549
+SHA256 2fffe117269d1f9b56870169e38ea0836f47c0cc088bb8b3520a9ecfce90c79e files/nagios-plugins-1.4.10-check_http.patch 549
 AUX nagios-plugins-1.4.10-contrib.patch 1610 RMD160 928e2ce0a8071b5fd93ca28722512d8996eaa027 SHA1 ff7105763268fc3cc48dced7c17df9ff0bb84899 SHA256 d7aa2d6e420438ae5e5e687bd61bd5ff1ca5aebb763e3b692238db23f24d7278
 MD5 d5a111b2c5cff8f253cb1003afc52b71 files/nagios-plugins-1.4.10-contrib.patch 1610
 RMD160 928e2ce0a8071b5fd93ca28722512d8996eaa027 files/nagios-plugins-1.4.10-contrib.patch 1610
@@ -7,14 +15,18 @@ MD5 03db813b6ec458ef463fac07546ca497 files/nagios-plugins-1.4.10-noradius.patch
 RMD160 e1e449d93966d822eca21782968e24fce4547a95 files/nagios-plugins-1.4.10-noradius.patch 1029
 SHA256 bff601e67a413abd84c2b430bfcf10395f68a83f98a628a398ee50f7cb406229 files/nagios-plugins-1.4.10-noradius.patch 1029
 DIST nagios-plugins-1.4.10.tar.gz 1693979 RMD160 8f8167f07d6162165d7cb38c9c09ebff418151bd SHA1 8b41a69a90f9c656afb56b861f4505e5ad1aa5a4 SHA256 193ef480cd2b98d63de9183a83e277d6ef3b55032f44bd76616ef5e7a3d4a76e
+EBUILD nagios-plugins-1.4.10-r1.ebuild 3752 RMD160 2620b75ddeea444c2164e697b89f1c4d2b3c581d SHA1 a3c7f83e1850aa13347460118e745eed26947785 SHA256 6d61e4b86812fc64608151a3cfb8f08a0eb6a233caac055997a172cfa3dcdfa6
+MD5 689a35f7b74d1dc0d3b16803c894507e nagios-plugins-1.4.10-r1.ebuild 3752
+RMD160 2620b75ddeea444c2164e697b89f1c4d2b3c581d nagios-plugins-1.4.10-r1.ebuild 3752
+SHA256 6d61e4b86812fc64608151a3cfb8f08a0eb6a233caac055997a172cfa3dcdfa6 nagios-plugins-1.4.10-r1.ebuild 3752
 EBUILD nagios-plugins-1.4.10.ebuild 3635 RMD160 00e410b90800d325bb14a19c8088cedbcef762e4 SHA1 bd601f5ff2f6248f07c036840f97cde84470a50c SHA256 6c3d4014416e071a5923f24c5af4fb2749f363c507c1026c4ad6d814864f37cd
 MD5 a84b0cbf654b912ac86d876fc0c5a032 nagios-plugins-1.4.10.ebuild 3635
 RMD160 00e410b90800d325bb14a19c8088cedbcef762e4 nagios-plugins-1.4.10.ebuild 3635
 SHA256 6c3d4014416e071a5923f24c5af4fb2749f363c507c1026c4ad6d814864f37cd nagios-plugins-1.4.10.ebuild 3635
-MISC ChangeLog 13501 RMD160 95e153fbbe710f17498304548d068edb08c86b2a SHA1 a55ee303ba12e84ab46a034bbd6163ada5ba19af SHA256 d41de98aa7b64e7d001a471029ffd4431198f98d289042c289eb3f01baf1ccc0
-MD5 f6262fd825a01e8c488f6a24d134cf1e ChangeLog 13501
-RMD160 95e153fbbe710f17498304548d068edb08c86b2a ChangeLog 13501
-SHA256 d41de98aa7b64e7d001a471029ffd4431198f98d289042c289eb3f01baf1ccc0 ChangeLog 13501
+MISC ChangeLog 13930 RMD160 6e12c2793777570fb424efd6817e42027d424517 SHA1 5553bf6d34732fb5cb1d6db4a381733e05af18b9 SHA256 771d713540238f68341de30633316ac454e389d97826400455c0c9ea1fa16468
+MD5 cf53d6067aae726d4b54a9f32b614042 ChangeLog 13930
+RMD160 6e12c2793777570fb424efd6817e42027d424517 ChangeLog 13930
+SHA256 771d713540238f68341de30633316ac454e389d97826400455c0c9ea1fa16468 ChangeLog 13930
 MISC metadata.xml 374 RMD160 c261e08c2be47cbf618ed122151d25f96a176aa9 SHA1 88da42b8cc7c08339067720081f61c110e00acb5 SHA256 4babbe654b066c416bb453a8decbd1e8bdaf450226d9ed6d4380bf17e5761f59
 MD5 afd013450a188e41979f4d528607d692 metadata.xml 374
 RMD160 c261e08c2be47cbf618ed122151d25f96a176aa9 metadata.xml 374
@@ -22,3 +34,6 @@ SHA256 4babbe654b066c416bb453a8decbd1e8bdaf450226d9ed6d4380bf17e5761f59 metadata
 MD5 d75d2af2cab30c528f228913ad57570e files/digest-nagios-plugins-1.4.10 268
 RMD160 ec41e1b29051f95d8074af822de325f1209d00e8 files/digest-nagios-plugins-1.4.10 268
 SHA256 51cbacb57cfc44ca66a1ceb4a037409e106fc335ab15d5ccc4da3422547664bb files/digest-nagios-plugins-1.4.10 268
+MD5 d75d2af2cab30c528f228913ad57570e files/digest-nagios-plugins-1.4.10-r1 268
+RMD160 ec41e1b29051f95d8074af822de325f1209d00e8 files/digest-nagios-plugins-1.4.10-r1 268
+SHA256 51cbacb57cfc44ca66a1ceb4a037409e106fc335ab15d5ccc4da3422547664bb files/digest-nagios-plugins-1.4.10-r1 268
diff --git a/net-analyzer/nagios-plugins/files/CVE-2007-5623.patch b/net-analyzer/nagios-plugins/files/CVE-2007-5623.patch
new file mode 100644
index 000000000000..6fc954038f6e
--- /dev/null
+++ b/net-analyzer/nagios-plugins/files/CVE-2007-5623.patch
@@ -0,0 +1,37 @@
+--- plugins/check_snmp.c.old	2007-05-29 07:22:32.000000000 +0200
++++ plugins/check_snmp.c	2007-10-17 22:08:49.000000000 +0200
+@@ -219,12 +219,16 @@ main (int argc, char **argv)
+ 
+ 	ptr = output;
+ 
+-	strcat(perfstr, "| ");
++	strncat(perfstr, "| ", sizeof(perfstr)-strlen(perfstr)-1);
+ 	while (ptr) {
+ 		char *foo;
++		unsigned int copylen;
+ 
+ 		foo = strstr (ptr, delimiter);
+-		strncat(perfstr, ptr, foo-ptr);
++		copylen = foo-ptr;
++		if (copylen > sizeof(perfstr)-strlen(perfstr)-1)
++			copylen = sizeof(perfstr)-strlen(perfstr)-1;
++		strncat(perfstr, ptr, copylen);
+ 		ptr = foo; 
+ 
+ 		if (ptr == NULL)
+@@ -357,11 +361,11 @@ main (int argc, char **argv)
+ 
+ 		i++;
+ 
+-		strcat(perfstr, "=");
+-		strcat(perfstr, show);
++		strncat(perfstr, "=", sizeof(perfstr)-strlen(perfstr)-1);
++		strncat(perfstr, show, sizeof(perfstr)-strlen(perfstr)-1);
+ 		if (type)
+-			strcat(perfstr, type);
+-		strcat(perfstr, " ");
++			strncat(perfstr, type, sizeof(perfstr)-strlen(perfstr)-1);
++		strncat(perfstr, " ", sizeof(perfstr)-strlen(perfstr)-1);
+ 
+ 	}	/* end while (ptr) */
+ 
diff --git a/net-analyzer/nagios-plugins/files/digest-nagios-plugins-1.4.10-r1 b/net-analyzer/nagios-plugins/files/digest-nagios-plugins-1.4.10-r1
new file mode 100644
index 000000000000..b5e8d8d88381
--- /dev/null
+++ b/net-analyzer/nagios-plugins/files/digest-nagios-plugins-1.4.10-r1
@@ -0,0 +1,3 @@
+MD5 c67841223864ae1626ab2adb2f0b4c9d nagios-plugins-1.4.10.tar.gz 1693979
+RMD160 8f8167f07d6162165d7cb38c9c09ebff418151bd nagios-plugins-1.4.10.tar.gz 1693979
+SHA256 193ef480cd2b98d63de9183a83e277d6ef3b55032f44bd76616ef5e7a3d4a76e nagios-plugins-1.4.10.tar.gz 1693979
diff --git a/net-analyzer/nagios-plugins/files/nagios-plugins-1.4.10-check_http.patch b/net-analyzer/nagios-plugins/files/nagios-plugins-1.4.10-check_http.patch
new file mode 100644
index 000000000000..d128581337f9
--- /dev/null
+++ b/net-analyzer/nagios-plugins/files/nagios-plugins-1.4.10-check_http.patch
@@ -0,0 +1,11 @@
+--- plugins/check_http.c.old	2007-07-21 18:29:01.000000000 +0200
++++ plugins/check_http.c	2007-10-14 22:05:26.000000000 +0200
+@@ -1092,7 +1092,7 @@ redir (char *pos, char *status_line)
+     die (STATE_UNKNOWN, _("HTTP UNKNOWN - Could not allocate url\n"));
+ 
+   while (pos) {
+-    sscanf (pos, "%[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]:%n", xx, &i);
++    sscanf (pos, "%1[Ll]%*[Oo]%*[Cc]%*[Aa]%*[Tt]%*[Ii]%*[Oo]%*[Nn]:%n", xx, &i);
+     if (i == 0) {
+       pos += (size_t) strcspn (pos, "\r\n");
+       pos += (size_t) strspn (pos, "\r\n");
diff --git a/net-analyzer/nagios-plugins/nagios-plugins-1.4.10-r1.ebuild b/net-analyzer/nagios-plugins/nagios-plugins-1.4.10-r1.ebuild
new file mode 100644
index 000000000000..741a7d44331a
--- /dev/null
+++ b/net-analyzer/nagios-plugins/nagios-plugins-1.4.10-r1.ebuild
@@ -0,0 +1,129 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/nagios-plugins/nagios-plugins-1.4.10-r1.ebuild,v 1.1 2007/10/29 19:51:34 dertobi123 Exp $
+
+WANT_AUTOCONF="latest"
+WANT_AUTOMAKE="latest"
+
+inherit eutils autotools
+
+DESCRIPTION="Nagios $PV plugins - Pack of plugins to make Nagios work properly"
+HOMEPAGE="http://www.nagios.org/"
+SRC_URI="mirror://sourceforge/nagiosplug/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 ~sparc ~x86"
+IUSE="ssl samba mysql postgres ldap snmp nagios-dns nagios-ntp nagios-ping
+nagios-ssh nagios-game ups ipv6 radius"
+
+DEPEND="ldap? ( >=net-nds/openldap-2.0.25 )
+	mysql? ( virtual/mysql )
+	postgres? ( >=dev-db/postgresql-7.2 )
+	ssl? ( >=dev-libs/openssl-0.9.6g )
+	radius? ( >=net-dialup/radiusclient-0.3.2 )"
+
+RESTRICT="test"
+
+RDEPEND="${DEPEND}
+	>=dev-lang/perl-5.6.1-r7
+	samba? ( >=net-fs/samba-2.2.5-r1 )
+	snmp? ( >=dev-perl/Net-SNMP-4.0.1-r1
+			>=net-analyzer/net-snmp-5.0.6
+			)
+	mysql? ( dev-perl/DBI
+			 dev-perl/DBD-mysql )
+	nagios-dns? ( >=net-dns/bind-tools-9.2.2_rc1 )
+	nagios-ntp? ( >=net-misc/ntp-4.1.1a )
+	nagios-ping? ( >=net-analyzer/fping-2.4_beta2-r1 )
+	nagios-ssh? ( >=net-misc/openssh-3.5_p1 )
+	ups? ( >=sys-power/nut-1.4 )
+	!sparc? ( nagios-game? ( >=games-util/qstat-2.6 ) )"
+
+pkg_setup() {
+	enewgroup nagios
+	enewuser nagios -1 /bin/bash /var/nagios/home nagios
+}
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+
+	if ! use radius; then
+		EPATCH_OPTS="-p1 -d ${S}" epatch \
+		"${FILESDIR}"/nagios-plugins-1.4.10-noradius.patch
+	fi
+
+	epatch "${FILESDIR}"/${PN}-1.4.10-contrib.patch
+
+	## CVE-2007-5623
+	epatch "${FILESDIR}"/CVE-2007-5623.patch
+	
+	epatch "${FILESDIR}"/${P}-check_http.patch
+
+	AT_M4DIR="m4 gl/m4" eautoreconf
+}
+
+src_compile() {
+
+	local conf
+	if use ssl; then
+		conf="${conf} --with-openssl=/usr"
+	else
+		conf="${conf} --without-openssl"
+	fi
+
+	econf \
+		$(use_with mysql) \
+		$(use_with postgres) \
+		$(use_with ipv6) \
+		${conf} \
+		--host=${CHOST} \
+		--prefix=/usr/nagios \
+		--sysconfdir=/etc/nagios \
+		--infodir=/usr/share/info \
+		--mandir=/usr/share/man || die "econf failed"
+
+	# fix problem with additional -
+	sed -i -e 's:/bin/ps -axwo:/bin/ps axwo:g' config.h || die "sed failed"
+
+	emake || die "emake failed"
+}
+
+src_install() {
+	mv "${S}"/contrib/check_compaq_insight.pl "${S}"/contrib/check_compaq_insight.pl.msg
+	chmod +x "${S}"/contrib/*.pl
+
+	sed -i -e '1s;#!.*;#!/usr/bin/perl -w;' "${S}"/contrib/*.pl || die "sed failed"
+	sed -i -e '30s/use lib utils.pm;/use utils;/' \
+		"${S}"/plugins-scripts/check_file_age.pl || die "sed failed"
+
+	dodoc ABOUT-NLS ACKNOWLEDGEMENTS AUTHORS BUGS CODING \
+		ChangeLog FAQ NEWS README REQUIREMENTS SUPPORT THANKS
+
+	emake DESTDIR="${D}" install || die "make install failed"
+
+	if use mysql || use postgres; then
+		dodir /usr/nagios/libexec
+		exeinto /usr/nagios/libexec
+		doexe "${S}"/contrib/check_nagios_db.pl
+	fi
+
+	dodir /usr/nagios/libexec/
+	mv "${S}"/contrib "${D}"/usr/nagios/libexec/contrib
+
+	chown root:nagios "${D}"/usr/nagios || die "Failed Chown of ${D}usr/nagios"
+	chown -R root:nagios "${D}"/usr/nagios/libexec || die "Failed Chown of ${D}usr/nagios/libexec"
+
+	chmod -R o-rwx "${D}"/usr/nagios/libexec || die "Failed Chmod of ${D}usr/nagios/libexec"
+
+	chmod 04710 "${D}"/usr/nagios/libexec/check_icmp || die "Failed Chmod of ${D}usr/nagios/libexec/check_icmp"
+}
+
+pkg_postinst() {
+	einfo "This ebuild has a number of USE flags which determines what nagios is able to monitor."
+	einfo "Depending on what you want to monitor with nagios, some or all of these USE"
+	einfo "flags need to be set for nagios to function correctly."
+	echo
+	einfo "contrib plugins are installed into /usr/nagios/libexec/contrib"
+}
author	Tobias Scherbaum <dertobi123@gentoo.org>	2007-10-29 19:51:35 +0000
committer	Tobias Scherbaum <dertobi123@gentoo.org>	2007-10-29 19:51:35 +0000
commit	ba0a7fef45e7ff599af1c333dcec83c5796b1d32 (patch)
tree	e7682cfce5fc9deaa59a86eb78827c33a1f74fbb /net-analyzer/nagios-plugins
parent	Sparc stable --- Bug #196608 --- developer request. (diff)
download	historical-ba0a7fef45e7ff599af1c333dcec83c5796b1d32.tar.gz historical-ba0a7fef45e7ff599af1c333dcec83c5796b1d32.tar.bz2 historical-ba0a7fef45e7ff599af1c333dcec83c5796b1d32.zip