diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2015-05-21 10:03:31 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2015-05-21 11:06:36 +0000 |
| commit | 39554ea06d8d10fb80ea89d8f7389b92e9fc2d40 (patch) | |
| tree | 4cab6ba0bfd68528ac472f20e5515ae7d81ec1fb | |
| parent | ecf1daf475f163d39ae2f3b07222ae9734de6e38 (diff) | |
| download | aports-39554ea06d8d10fb80ea89d8f7389b92e9fc2d40.tar.bz2 aports-39554ea06d8d10fb80ea89d8f7389b92e9fc2d40.tar.xz | |
main/icecast: security fix for CVE-2015-3026
fixes #4191
| -rw-r--r-- | main/icecast/APKBUILD | 20 | ||||
| -rw-r--r-- | main/icecast/CVE-2015-3026.patch | 24 |
2 files changed, 42 insertions, 2 deletions
diff --git a/main/icecast/APKBUILD b/main/icecast/APKBUILD index 83282982c7..7fd5fc27b0 100644 --- a/main/icecast/APKBUILD +++ b/main/icecast/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Francesco Colista <francesco.colista@gmail.com> pkgname=icecast pkgver=2.3.3 -pkgrel=5 +pkgrel=6 pkgdesc="Open source media server" url="http://www.icecast.org" arch="all" @@ -15,12 +15,17 @@ makedepends="libxslt-dev libxml2-dev libogg-dev libvorbis-dev libtheora-dev open subpackages="$pkgname-doc" source="http://downloads.xiph.org/releases/$pkgname/$pkgname-$pkgver.tar.gz conf-change-owner.patch + CVE-2015-3026.patch icecast.initd icecast.confd" prepare() { cd "$srcdir"/$pkgname-$pkgver - patch -p1 -i "$srcdir"/conf-change-owner.patch + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done } build() { @@ -45,5 +50,16 @@ package() { md5sums="2b5d1b40778922e5f6431b7758c359ad icecast-2.3.3.tar.gz d65fe756a3811e21fd8327ec599206c8 conf-change-owner.patch +4eff0dc69a4b419a41eda494a8f4d549 CVE-2015-3026.patch 9860c914e30d0cfac45eef4cc4e81535 icecast.initd 37ceeb26f61551e712364a2dffa8c208 icecast.confd" +sha256sums="1b1d06f5f83c9a983cd28cc78aa90e4038f933511b3d20d7fd2cfc116645c36d icecast-2.3.3.tar.gz +52a85e356192f805a02c6e00375d8a9ebfda8112d9458b19eb183e238d7e54d3 conf-change-owner.patch +c6afd703565b288287b013e5c967f15990c5fc485b01acc590491430fa759311 CVE-2015-3026.patch +c80f239889dbdd1e1be57d67ad04cd12fa25df79bc33f78d8f86f965c209acc9 icecast.initd +bf0b7596f642cf920f7909af28d7bb632f5616fee8b3c44decd609ab748e164a icecast.confd" +sha512sums="e0ae26047744bfcb902dd5418bb83a6e25956109bd410f244fb23dd21216d2d0456c29684c38db99cfa6c5496353a860be776f569964b98286f0deca78156aba icecast-2.3.3.tar.gz +3de3ed881a60f99d3e4cf656a46cdb157e95abcfa9bd44ebc7e13840a9b0ee84ec9e5b30878d67e42385dac5fa974694c215ad162b910c47b6b7864d474bf636 conf-change-owner.patch +577f1365338ce9821e9ea5316e06560dc0c6345c6f3f4929e4ab7a627ee7520a2c6918d47f7c64837a3575e962aa5be8a0224532af503a5c2d408fcf8dece459 CVE-2015-3026.patch +e8d75fef460af33fafbb91fa0089d7f044f8e71b038bdf0d688bde96a1e1612b42ab0c521971d61ccd32d3d4f6f8fa33852f54d847001ea9978e69b662838854 icecast.initd +7e4299b34207bd4323bc89f2d98abebcb62cbeee3b0931d6d18e1c2c736a17e823b07dfb38364f22a375585843a917031beb1b9efe2fff71de036146371536f3 icecast.confd" diff --git a/main/icecast/CVE-2015-3026.patch b/main/icecast/CVE-2015-3026.patch new file mode 100644 index 0000000000..f07e7312e4 --- /dev/null +++ b/main/icecast/CVE-2015-3026.patch @@ -0,0 +1,24 @@ +Index: src/auth_url.c
+===================================================================
+--- a/src/auth_url.c (revision 2b7cb1c641b7d9b632f93e410dc4048938f41913)
++++ b/src/auth_url.c (revision 27abfbbd688df3e3077b535997330aa06603250f)
+@@ -540,7 +540,17 @@
+ port = config->port;
+ config_release_config ();
+- user = util_url_escape (client->username);
+- pass = util_url_escape (client->password);
+ ipaddr = util_url_escape (client->con->ip);
++
++ if (client->username) {
++ user = util_url_escape(client->username);
++ } else {
++ user = strdup("");
++ }
++
++ if (client->password) {
++ pass = util_url_escape(client->password);
++ } else {
++ pass = strdup("");
++ }
+
+ snprintf (post, sizeof (post),
|