aboutsummaryrefslogtreecommitdiffstats
path: root/main/arpwatch
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2012-06-11 09:20:10 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2012-06-11 09:20:10 +0000
commit9e53e215d8bbbec9dd0dafe2b59a2d6d96454fad (patch)
tree850e872c75938a3e30f31cb0e0261fa300c73c23 /main/arpwatch
parentaa5ea892d95139b20314f82df9ad10eb95614864 (diff)
downloadaports-9e53e215d8bbbec9dd0dafe2b59a2d6d96454fad.tar.bz2
aports-9e53e215d8bbbec9dd0dafe2b59a2d6d96454fad.tar.xz
main/arpwatch: security fix CVE-2012-2653
fixes #1202
Diffstat (limited to 'main/arpwatch')
-rw-r--r--main/arpwatch/APKBUILD17
-rw-r--r--main/arpwatch/CVE-2012-2653.patch12
2 files changed, 28 insertions, 1 deletions
diff --git a/main/arpwatch/APKBUILD b/main/arpwatch/APKBUILD
index c71eb25e06..b7dab0be59 100644
--- a/main/arpwatch/APKBUILD
+++ b/main/arpwatch/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=arpwatch
pkgver=2.1a15
-pkgrel=3
+pkgrel=4
pkgdesc="Ethernet monitoring program"
url="http://www-nrg.ee.lbl.gov/"
arch="all"
@@ -12,9 +12,19 @@ makedepends="libpcap-dev"
install=
subpackages=""
source="ftp://ftp.ee.lbl.gov/$pkgname.tar.gz
+ CVE-2012-2653.patch
arpwatch.confd
arpwatch.initd"
+prepare() {
+ cd "$srcdir/$pkgname-$pkgver"
+ for i in $source; do
+ case $i in
+ *.oatch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+ esac
+ done
+}
+
build() {
cd "$srcdir/$pkgname-$pkgver"
@@ -23,6 +33,10 @@ build() {
--mandir=/usr/share/man \
--infodir=/usr/share/info
make -j1 || return 1
+}
+
+package() {
+ cd "$srcdir/$pkgname-$pkgver"
#install command wouldn't create directory ?
mkdir -p "$pkgdir"/usr/sbin/
make -j1 DESTDIR="$pkgdir" install
@@ -33,5 +47,6 @@ build() {
}
md5sums="cebfeb99c4a7c2a6cee2564770415fe7 arpwatch.tar.gz
+af7d5a6cddca6c31fe84acd1d5209c8b CVE-2012-2653.patch
dc8300ce5f02d6be95899a2982397064 arpwatch.confd
51ecada198c4f954ac4d5f5903198ebb arpwatch.initd"
diff --git a/main/arpwatch/CVE-2012-2653.patch b/main/arpwatch/CVE-2012-2653.patch
new file mode 100644
index 0000000000..c37b5132ed
--- /dev/null
+++ b/main/arpwatch/CVE-2012-2653.patch
@@ -0,0 +1,12 @@
+diff -u arpwatch-2.1a15/arpwatch.c arpwatch-2.1a15/arpwatch.c
+--- arpwatch-2.1a15/arpwatch.c
++++ arpwatch-2.1a15/arpwatch.c
+@@ -153,7 +153,7 @@
+ struct passwd* pw;
+ pw = getpwnam( user );
+ if ( pw ) {
+- if ( initgroups(pw->pw_name, 0) != 0 || setgid(pw->pw_gid) != 0 ||
++ if ( initgroups(pw->pw_name, pw->pw_gid) != 0 || setgid(pw->pw_gid) != 0 ||
+ setuid(pw->pw_uid) != 0 ) {
+ syslog(LOG_ERR, "Couldn't change to '%.32s' uid=%d gid=%d", user,pw->pw_uid, pw->pw_gid);
+ exit(1);