ports/74633: [Maintainer update] shells/scponly: Update to 4.0(security vulnerability fixed in this version)

Thu Dec 2 22:50:08 UTC 2004

>Number:         74633
>Category:       ports
>Synopsis:       [Maintainer update] shells/scponly: Update to 4.0 (security vulnerability fixed in this version)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Thu Dec 02 22:50:07 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator:     Hideyuki KURASHINA
>Release:        FreeBSD 5.3-STABLE i386
>Organization:
>Environment:

	System: FreeBSD ***.*******.jp 5.3-STABLE FreeBSD 5.3-STABLE #0: Sun Nov 7 16:21:11 JST 2004 hideyuki@***.*******.jp:/usr/obj/usr/src/sys/*** i386

>Description:

	Update to 4.0, which include a fix for security issue (Arbitrary
	command execution) recently discoverd by Jason Wies.

	See followings for details:

	  http://www.sublimation.org/scponly/#relnotes
	  http://www.securityfocus.com/archive/1/383046
	  http://marc.theaimsgroup.com/?l=bugtraq&m=110202047507273&w=2

>How-To-Repeat:

	According to the Jason's report,

	  ssh restricteduser at remotehost 'rsync -e "touch /tmp/example --" localhost:/dev/null /tmp'

	  scp command.sh restricteduser at remotehost:/tmp/command.sh
	  ssh restricteduser at remotehost 'scp -S /tmp/command.sh localhost:/dev/null /tmp'

	Regarding to the first item, /tmp/example is actually touch(1)'ed
	(Please note that touch(1) is not allowed program by scponly).
	Second item is confirmed to work.

>Fix:

	Apply following patch,

Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/shells/scponly/Makefile,v
retrieving revision 1.12
diff -u -r1.12 Makefile

--- Makefile	17 Jul 2004 13:02:01 -0000	1.12
+++ Makefile	28 Nov 2004 14:25:35 -0000
@@ -15,6 +15,11 @@
 #
 # Core funcionality:
 #
+# SCPONLY_DEFAULT_CHDIR=DIR
+# default: undefined
+# example: public_html
+# define if you want to make users `cd' to this directory after authentication
+#
 # WITHOUT_SCPONLY_WILDCARDS
 # default: undefined
 # define if you want to disable wildcard processing.
@@ -39,6 +44,10 @@
 # default: undefined
 # define if you want to enable rsync compatibility.
 #
+# WITH_SCPONLY_SVN
+# default: undefined
+# define if you want to enable subversion compatibility.
+#
 # WITH_SCPONLY_UNISON
 # default: undefined
 # define if you want to enable unison compatibility.
@@ -53,7 +62,7 @@
 # to be installed.
 
 PORTNAME=	scponly
-PORTVERSION=	3.11
+PORTVERSION=	4.0
 PORTREVISION=	0
 CATEGORIES=	shells
 MASTER_SITES=	http://www.sublimation.org/scponly/
@@ -69,6 +78,10 @@
 
 .include <bsd.port.pre.mk>
 
+.if defined(SCPONLY_DEFAULT_CHDIR) && !empty(SCPONLY_DEFAULT_CHDIR)
+CONFIGURE_ARGS+=--with-default-chdir=${SCPONLY_DEFAULT_CHDIR}
+.endif
+
 .if defined(WITHOUT_SCPONLY_WILDCARDS)
 CONFIGURE_ARGS+=--disable-wildcards
 .endif
@@ -96,6 +109,12 @@
 CONFIGURE_ARGS+=--enable-rsync-compat
 .endif
 
+.if defined(WITH_SCPONLY_SVN)
+BUILD_DEPENDS+=	svn:${PORTSDIR}/devel/subversion
+RUN_DEPENDS+=	${BUILD_DEPENDS}
+CONFIGURE_ARGS+=--enable-svn-compat
+.endif
+
 .if defined(WITH_SCPONLY_UNISON)
 BUILD_DEPENDS+=	unison:${PORTSDIR}/net/unison
 RUN_DEPENDS+=	${BUILD_DEPENDS}
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/shells/scponly/distinfo,v
retrieving revision 1.8
diff -u -r1.8 distinfo
--- distinfo	17 Jul 2004 13:02:01 -0000	1.8
+++ distinfo	29 Nov 2004 02:00:43 -0000
@@ -1,2 +1,2 @@
-MD5 (scponly-3.11.tgz) = cdbbc570c2bf3cad33ecf66d0af41372
-SIZE (scponly-3.11.tgz) = 83767
+MD5 (scponly-4.0.tgz) = 1706732945996865ed0cccd440b64fc1
+SIZE (scponly-4.0.tgz) = 85053
Index: files/patch-aa
===================================================================
RCS file: files/patch-aa
diff -N files/patch-aa
--- files/patch-aa	17 Jul 2004 13:02:01 -0000	1.1
+++ /dev/null	1 Jan 1970 00:00:00 -0000
@@ -1,14 +0,0 @@
---- scponly.c.orig	Mon Mar 22 14:30:38 2004
-+++ scponly.c	Sat Jul 17 19:43:04 2004
-@@ -442,9 +442,9 @@
- 			(-1 == asprintf( &env[0], "HOME=%s", homedir)))
- 		{
- 			syslog(LOG_ERR, "could not set HOME environment variable(%s))", logstamp());
--			exit(EXIT_FAIL);
-+			exit(EXIT_FAILURE);
- 		}
--		if (debug)
-+		if (debuglevel)
- 			syslog(LOG_DEBUG, "set HOME environment variable to %s (%s))", env[0], logstamp());
- #endif 
- 
>Release-Note:
>Audit-Trail:
>Unformatted:

