diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2012-06-11 09:20:10 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2012-06-11 09:20:10 +0000 |
| commit | 9e53e215d8bbbec9dd0dafe2b59a2d6d96454fad (patch) | |
| tree | 850e872c75938a3e30f31cb0e0261fa300c73c23 /main/arpwatch | |
| parent | aa5ea892d95139b20314f82df9ad10eb95614864 (diff) | |
| download | aports-9e53e215d8bbbec9dd0dafe2b59a2d6d96454fad.tar.bz2 aports-9e53e215d8bbbec9dd0dafe2b59a2d6d96454fad.tar.xz | |
main/arpwatch: security fix CVE-2012-2653
fixes #1202
Diffstat (limited to 'main/arpwatch')
| -rw-r--r-- | main/arpwatch/APKBUILD | 17 | ||||
| -rw-r--r-- | main/arpwatch/CVE-2012-2653.patch | 12 |
2 files changed, 28 insertions, 1 deletions
diff --git a/main/arpwatch/APKBUILD b/main/arpwatch/APKBUILD index c71eb25e06..b7dab0be59 100644 --- a/main/arpwatch/APKBUILD +++ b/main/arpwatch/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=arpwatch pkgver=2.1a15 -pkgrel=3 +pkgrel=4 pkgdesc="Ethernet monitoring program" url="http://www-nrg.ee.lbl.gov/" arch="all" @@ -12,9 +12,19 @@ makedepends="libpcap-dev" install= subpackages="" source="ftp://ftp.ee.lbl.gov/$pkgname.tar.gz + CVE-2012-2653.patch arpwatch.confd arpwatch.initd" +prepare() { + cd "$srcdir/$pkgname-$pkgver" + for i in $source; do + case $i in + *.oatch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done +} + build() { cd "$srcdir/$pkgname-$pkgver" @@ -23,6 +33,10 @@ build() { --mandir=/usr/share/man \ --infodir=/usr/share/info make -j1 || return 1 +} + +package() { + cd "$srcdir/$pkgname-$pkgver" #install command wouldn't create directory ? mkdir -p "$pkgdir"/usr/sbin/ make -j1 DESTDIR="$pkgdir" install @@ -33,5 +47,6 @@ build() { } md5sums="cebfeb99c4a7c2a6cee2564770415fe7 arpwatch.tar.gz +af7d5a6cddca6c31fe84acd1d5209c8b CVE-2012-2653.patch dc8300ce5f02d6be95899a2982397064 arpwatch.confd 51ecada198c4f954ac4d5f5903198ebb arpwatch.initd" diff --git a/main/arpwatch/CVE-2012-2653.patch b/main/arpwatch/CVE-2012-2653.patch new file mode 100644 index 0000000000..c37b5132ed --- /dev/null +++ b/main/arpwatch/CVE-2012-2653.patch @@ -0,0 +1,12 @@ +diff -u arpwatch-2.1a15/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15/arpwatch.c
++++ arpwatch-2.1a15/arpwatch.c
+@@ -153,7 +153,7 @@
+ struct passwd* pw;
+ pw = getpwnam( user );
+ if ( pw ) {
+- if ( initgroups(pw->pw_name, 0) != 0 || setgid(pw->pw_gid) != 0 ||
++ if ( initgroups(pw->pw_name, pw->pw_gid) != 0 || setgid(pw->pw_gid) != 0 ||
+ setuid(pw->pw_uid) != 0 ) {
+ syslog(LOG_ERR, "Couldn't change to '%.32s' uid=%d gid=%d", user,pw->pw_uid, pw->pw_gid);
+ exit(1);
|