aboutsummaryrefslogtreecommitdiffstats
path: root/main/net-snmp
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2009-09-04 06:17:56 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2009-09-04 06:17:56 +0000
commitdab0955e5a18fa5e7f88ed9f918f3594549587ee (patch)
tree51ef8d83ef95c7a4543e473d44cf53636f3681a5 /main/net-snmp
parent5e9ddf38f85f18bb4cf62baf88a61af88fd8489b (diff)
downloadaports-dab0955e5a18fa5e7f88ed9f918f3594549587ee.tar.gz
aports-dab0955e5a18fa5e7f88ed9f918f3594549587ee.tar.bz2
aports-dab0955e5a18fa5e7f88ed9f918f3594549587ee.tar.xz
main/net-snmp: CVE-2008-6123, fix textrels
Diffstat (limited to 'main/net-snmp')
-rw-r--r--main/net-snmp/APKBUILD24
-rw-r--r--main/net-snmp/CVE-2008-6123.patch19
2 files changed, 35 insertions, 8 deletions
diff --git a/main/net-snmp/APKBUILD b/main/net-snmp/APKBUILD
index ac497cb9b3..26cf67d6fa 100644
--- a/main/net-snmp/APKBUILD
+++ b/main/net-snmp/APKBUILD
@@ -2,21 +2,24 @@
# Maintainer: Carlo Landmeter <clandmeter@gmail.com>
pkgname=net-snmp
pkgver=5.4.2.1
-pkgrel=0
+pkgrel=1
pkgdesc="Simple Network Management Protocol"
url="http://www.net-snmp.org/"
license="GPL"
depends=
-makedepends="perl-dev"
+makedepends="perl-dev openssl-dev"
subpackages="$pkgname-doc $pkgname-dev $pkgname-tools"
source="http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz
-snmpd.initd
-snmpd.confd
-snmptrapd.initd
-snmptrapd.confd"
+ snmpd.initd
+ snmpd.confd
+ snmptrapd.initd
+ snmptrapd.confd
+ CVE-2008-6123.patch
+ "
build() {
cd "$srcdir/$pkgname-$pkgver"
+ patch -p0 -i ../CVE-2008-6123.patch || return 1
export lt_cv_sys_max_cmd_len=8192
@@ -30,8 +33,12 @@ build() {
--with-logfile="/var/log/net-snmpd.log" \
--enable-ucd-snmp-compatibility \
--with-persistent-directory="/var/lib/net-snmp" \
+ --with-openssl \
+ --enable-ipv6 \
--enable-shared \
- --enable-as-needed
+ --enable-as-needed \
+ --disable-embedded-perl
+ # embedded-perl seems to create TEXTREL's
make -j1 || return 1
make -j1 DESTDIR="$pkgdir" install
@@ -54,4 +61,5 @@ md5sums="984932520143f0c8bf7b7ce1fc9e1da1 net-snmp-5.4.2.1.tar.gz
941e257218aa773b33696a2c7222a14e snmpd.initd
96510a2f3bc9f21648b03f7e8d76c0d3 snmpd.confd
c5198c350991637849595dba93019bda snmptrapd.initd
-363f7728a76bdfc46e29b7e1f5cf4950 snmptrapd.confd"
+363f7728a76bdfc46e29b7e1f5cf4950 snmptrapd.confd
+e8eac801c76e03bca7e7bf6b267b0d3d CVE-2008-6123.patch"
diff --git a/main/net-snmp/CVE-2008-6123.patch b/main/net-snmp/CVE-2008-6123.patch
new file mode 100644
index 0000000000..b4b06f63e9
--- /dev/null
+++ b/main/net-snmp/CVE-2008-6123.patch
@@ -0,0 +1,19 @@
+diff -Naur snmplib.orig/snmpUDPDomain.c snmplib/snmpUDPDomain.c
+--- snmplib.orig/snmpUDPDomain.c 2007-10-11 22:46:30.000000000 +0200
++++ snmplib/snmpUDPDomain.c 2009-07-10 23:41:37.000000000 +0200
+@@ -104,12 +110,12 @@
+ char tmp[64];
+ to = (struct sockaddr_in *) &(addr_pair->remote_addr);
+ if (to == NULL) {
+- sprintf(tmp, "UDP: [%s]->unknown",
++ sprintf(tmp, "UDP: unknown->[%s]",
+ inet_ntoa(addr_pair->local_addr));
+ } else {
+- sprintf(tmp, "UDP: [%s]->", inet_ntoa(addr_pair->local_addr));
+- sprintf(tmp + strlen(tmp), "[%s]:%hd",
++ sprintf(tmp, "UDP: [%s]:%hu->",
+ inet_ntoa(to->sin_addr), ntohs(to->sin_port));
++ sprintf(tmp + strlen(tmp), "[%s]", inet_ntoa(addr_pair->local_addr));
+ }
+ return strdup(tmp);
+ }