Date: Sat, 27 Apr 2002 09:45:46 -0400 (EDT) From: Trish Lynch <trish@bsdunix.net> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/37506: Ecartis Port Security Upgrade (urgent) Message-ID: <200204271345.g3RDjktD065970@femme.sapphite.org>
next in thread | raw e-mail | index | archive | help
>Number: 37506 >Category: ports >Synopsis: Ecartis Port Security Upgrade (urgent) >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Sat Apr 27 06:50:01 PDT 2002 >Closed-Date: >Last-Modified: >Originator: Trish Lynch >Release: FreeBSD 5.0-CURRENT i386 >Organization: Ecartis Core Team >Environment: System: FreeBSD femme.sapphite.org 5.0-CURRENT FreeBSD 5.0-CURRENT #1: Sun Apr 21 09:42:05 EDT 2002 trish@femme.sapphite.org:/admins/obj/admins/src/sys/FEMME i386 >Description: Multiple strcpy and strcat security issues, as well as sprintf's fixed. Fix for "ecartisx.c" vulnerability >How-To-Repeat: >Fix: diff -ruN ecartis.old/Makefile ecartis/Makefile --- ecartis.old/Makefile Sat Apr 27 09:38:10 2002 +++ ecartis/Makefile Sat Apr 27 03:46:09 2002 @@ -9,7 +9,7 @@ PORTVERSION= 1.0.0b CATEGORIES= mail MASTER_SITES= ftp://ftp.ecartis.org/pub/ecartis/snapshots/tar/ -DISTNAME= ecartis-1.0.0-snap20020118 +DISTNAME= ecartis-1.0.0-snap20020427 MAINTAINER= trish@bsdunix.net diff -ruN ecartis.old/distinfo ecartis/distinfo --- ecartis.old/distinfo Sat Apr 27 09:38:10 2002 +++ ecartis/distinfo Sat Apr 27 03:45:20 2002 @@ -1 +1 @@ -MD5 (ecartis-1.0.0-snap20020118.tar.gz) = 9f3c60e2786212f73feb2f9366f491f3 +MD5 (ecartis-1.0.0-snap20020427.tar.gz) = 3ae4896c772719bf0bc9168bac15b22d diff -ruN ecartis.old/files/patch-aa ecartis/files/patch-aa --- ecartis.old/files/patch-aa Sat Apr 27 09:38:10 2002 +++ ecartis/files/patch-aa Sat Apr 27 09:36:13 2002 @@ -1,5 +1,5 @@ ---- Makefile.orig Sun Jun 17 22:13:03 2001 -+++ Makefile Sun Jun 17 22:14:19 2001 +--- Makefile.dist Sat Apr 27 02:26:56 2002 ++++ Makefile Sat Apr 27 09:35:52 2002 @@ -6,8 +6,8 @@ # they should be set. All of them are conditional on options set in this # file, so it should be relatively easy to determine which branch is correct @@ -37,16 +37,18 @@ endif # Warning-level flags. Under SunOS (4 and 5), this NEEDS TO BE BLANK. -@@ -134,7 +133,7 @@ +@@ -134,9 +133,7 @@ # # It appears that IRIX is also rather stupid, and may require this # to be removed. -WFLAGS=-Wall -Werror +-# Uncomment this to build with gdb symbols (comment above line) +-#WFLAGS=-ggdb -Wall -Werror +WFLAGS:=${CFLAGS} # Now set up the initial command line. SUNOS_5 makes this a bit wierd. ifndef SUNOS_5 -@@ -321,6 +320,7 @@ +@@ -327,6 +324,7 @@ install: targets cp build/ecartis ${BINDIR} chmod ug+s ${BINDIR}/ecartis diff -ruN ecartis.old/pkg-plist ecartis/pkg-plist --- ecartis.old/pkg-plist Sat Apr 27 09:38:10 2002 +++ ecartis/pkg-plist Sat Apr 27 03:58:50 2002 @@ -49,6 +49,7 @@ ecartis/README.LISTS ecartis/README.DIGEST ecartis/README.ANTISPAM +ecartis/README.CVS ecartis/README ecartis/NOTE ecartis/LICENSE @@ -66,4 +67,5 @@ @dirrm ecartis/scripts @dirrm ecartis/queue @dirrm ecartis/modules +@dirrm ecartis/documentation @dirrm ecartis >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200204271345.g3RDjktD065970>