main/quagga: security upgrade to 1.0.20160315 (CVE-2016-2342). Fixes #5341

2 files changed, 7 insertions, 25 deletions

diff --git a/main/quagga/APKBUILD b/main/quagga/APKBUILD
index 841c251c7d..ddf9989f23 100644
--- a/main/quagga/APKBUILD
+++ b/main/quagga/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=quagga
-pkgver=0.99.24.1
-pkgrel=3
+pkgver=1.0.20160315
+pkgrel=0
 pkgdesc="A free routing daemon replacing Zebra supporting RIP, OSPF and BGP."
 url="http://quagga.net/"
 arch="all"
@@ -13,8 +13,8 @@ subpackages="$pkgname-dev $pkgname-doc $pkgname-dbg"
 pkgusers="quagga"
 pkggroups="quagga"
 source="http://download.savannah.gnu.org/releases/quagga/quagga-$pkgver.tar.xz
-	bgpd-route-selection-crash.patch
 	dont-hook-core-signals.patch
+
 	bgpd.initd
 	zebra.initd
 	zebra.confd
@@ -23,6 +23,7 @@ source="http://download.savannah.gnu.org/releases/quagga/quagga-$pkgver.tar.xz
 _builddir="$srcdir"/$pkgname-$pkgver
 prepare() {
 	cd "$_builddir"
+	update_config_sub || return 1
 	for i in $source; do
 		case $i in
 		*.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
@@ -70,20 +71,17 @@ package() {
 	install -Dm644 "$srcdir/zebra.confd" "$pkgdir"/etc/conf.d/zebra
 	install -o quagga -g quagga -d -m755 "$pkgdir"/etc/quagga
 }
-md5sums="b168db69435100ee04564c4fb39c7413  quagga-0.99.24.1.tar.xz
-10c9c745f2f9fdd1d81a4100d44e3313  bgpd-route-selection-crash.patch
+md5sums="61bfd0c8fb696dd778234ee8b05821bc  quagga-1.0.20160315.tar.xz
 1224ba91ea6b6e81f583bad7813aba98  dont-hook-core-signals.patch
 09a77e2e84e71c43f5a449738c026261  bgpd.initd
 916f1dd1a286ee7b862cda4fe56cbf21  zebra.initd
 34e06a1d2bc602ce691abc9ed169dd15  zebra.confd"
-sha256sums="6fd6baadb136a801c29c1dd72d0fe69da9f19ae498e87bff7057778361e43b14  quagga-0.99.24.1.tar.xz
-d8d65cc092cf7644b059d4c1b789b223482b0f50ba2cc891da4d71fe083f8cc0  bgpd-route-selection-crash.patch
+sha256sums="d284af5dd875dbba90ab875d40db5d68fdc9ede17a76f2af525f85344be56767  quagga-1.0.20160315.tar.xz
 4b71588e34ac14f8d6e72e6064b5e4ec302f286ebbe43df94c97411cceb66a23  dont-hook-core-signals.patch
 aab037454c6a70cd5cb45e14c47b7dfea358f8d81c7d12418edcf7e58a86c679  bgpd.initd
 c1d7526581927e990e687cbd5d08447eb060f76a439475572785b5b90c60c460  zebra.initd
 f7a52d383f60270a5a8fee5d4ac522c5c0ec2b7c4b5252cff54e260f32d9b323  zebra.confd"
-sha512sums="71c340ce0f4e52c69892d8fed82d30956161b09b029fb0a82ba774664aa2303b493068664ea057870bec3c7c2a1ffea0a68fba0c400d6868efef691d7b055d2a  quagga-0.99.24.1.tar.xz
-3317554cc2470f12eb6694f2ada187be4ccc45976ebf09aa487634bbd7a4820a917f3c202bb9d4736771adf33e5eafa45f7bb8dadd2e9872d5fe7885261714b5  bgpd-route-selection-crash.patch
+sha512sums="ad633d189017a2cef68cf1653b85e082a0dc4fe146720a985da8cdf2aa4c61f2df8a8339419c986e9d74aa88f7f7109bc6d0c13d9ff4904a23852cee3e112edc  quagga-1.0.20160315.tar.xz
 5ef5c5e6d70d991b33b13a062e25b6fbde395dceee36aea29384b0640a48d2957ed5f50d416a1f2f770bf69bae2340133e35b1114be7e1fa722eb6d3d021f37a  dont-hook-core-signals.patch
 13b5b57e10df013bd2d931abc49bf76b8c4dee59dbceab22c9f151ccb988b2c5f7167f2909027d5e0f990b59da8de115667b02484aee9a67d347625700f6cacd  bgpd.initd
 1638a4a64ffd066b1884f7e5a4243edab68739aabd83bd35ea8c9608af7b8623eece1d59fb08feead84e4386b6d1da4220764ccf5fd7f2a9959a8470d5cce86a  zebra.initd
diff --git a/main/quagga/bgpd-route-selection-crash.patch b/main/quagga/bgpd-route-selection-crash.patch
deleted file mode 100644
index 473e4e564b..0000000000
--- a/main/quagga/bgpd-route-selection-crash.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c
-index 34ba1ab..7ade22f 100644
---- a/bgpd/bgp_route.c
-+++ b/bgpd/bgp_route.c
-@@ -553,6 +553,11 @@ bgp_info_cmp (struct bgp *bgp, struct bgp_info *new, struct bgp_info *exist,
-     return 0;
- 
-   /* 13. Neighbor address comparision. */
-+  if (new->peer->su_remote == NULL)
-+    return 0;
-+  if (exist->peer->su_remote == NULL)
-+    return 1;
-+
-   ret = sockunion_cmp (new->peer->su_remote, exist->peer->su_remote);
- 
-   if (ret == 1)