Date: Tue, 24 Aug 2010 15:43:46 GMT From: mike tancsa <mike@sentex.net> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/149940: security update for Quagga Message-ID: <201008241543.o7OFhkbZ082644@www.freebsd.org> Resent-Message-ID: <201008241550.o7OFo1jL017743@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 149940 >Category: ports >Synopsis: security update for Quagga >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Aug 24 15:50:01 UTC 2010 >Closed-Date: >Last-Modified: >Originator: mike tancsa >Release: RELENG_8 >Organization: sentex >Environment: 8.1-STABLE FreeBSD 8.1-STABLE #1: Fri Aug 6 09:20:04 EDT 2010 >Description: Full changelog is at http://www.quagga.net/download/quagga-0.99.17.changelog.txt "This release provides two important bugfixes, which address remote crash possibility in bgpd discovered by CROSS team." The patch in files/patch-lib-sockopt.c fixes the bug in http://www.freebsd.org/cgi/query-pr.cgi?pr=148238 which prevents ripng and ospfd from working on FreeBSD >How-To-Repeat: install the previous version of the port >Fix: # cat files/patch-lib-sockopt.c --- lib/sockopt.c.orig 2008-01-11 16:47:21.000000000 +0300 +++ lib/sockopt.c 2008-01-11 16:47:57.000000000 +0300 @@ -23,6 +23,10 @@ #include "log.h" #include "sockopt.h" +#ifdef HAVE_STRUCT_IP_MREQN_IMR_IFINDEX +#undef HAVE_STRUCT_IP_MREQN_IMR_IFINDEX +#endif + int setsockopt_so_recvbuf (int sock, int size) { --- Makefile.prev 2010-08-24 11:00:10.000000000 -0400 +++ Makefile 2010-08-24 11:00:18.000000000 -0400 @@ -6,7 +6,7 @@ # PORTNAME= quagga -PORTVERSION= 0.99.16 +PORTVERSION= 0.99.17 CATEGORIES= net ipv6 MASTER_SITES= http://quagga.net/download/ \ http://www.ru.quagga.net/download/ \ # diff -u distinfo.prev distinfo --- distinfo.prev 2010-08-24 11:00:07.000000000 -0400 +++ distinfo 2010-08-24 11:01:09.000000000 -0400 @@ -1,3 +1,3 @@ -MD5 (quagga-0.99.16.tar.gz) = 350fb150be526cdfc4d2b093cb4d69a7 -SHA256 (quagga-0.99.16.tar.gz) = 840e376bf42a3c5ee1069eedddb195749b1ebadeef6cacd9fee24ed6f44c35c5 -SIZE (quagga-0.99.16.tar.gz) = 2168417 +MD5 (quagga-0.99.17.tar.gz) = 37b9022adca04b03863d2d79787e643f +SHA256 (quagga-0.99.17.tar.gz) = 1d77df121a334e9504b45e489ee7ce35bf478e27d33cd2793a23280b59d9efd4 +SIZE (quagga-0.99.17.tar.gz) = 2202151 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201008241543.o7OFhkbZ082644>