ports/71328: [UPDATE] security/super to 3.23.0 (security fix)
Piet Delport
pjd at point45.com
Fri Sep 3 07:30:14 UTC 2004
>Number: 71328
>Category: ports
>Synopsis: [UPDATE] security/super to 3.23.0 (security fix)
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Fri Sep 03 07:30:13 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Piet Delport
>Release:
>Organization:
>Environment:
>Description:
This release of super fixes a potential root exploit:
http://www.freebsd.org/ports/portaudit/fae06c04-c38c-11d8-8898-000d6111a684.html
http://xforce.iss.net/xforce/xfdb/16458
Other changes to the port:
* Remove files/patch-utils.c (fixed upstream since version 3.22.1).
* Patch localsys.h to not include malloc.h, preventing many (harmless,
but ugly) deprecation warnings.
>How-To-Repeat:
>Fix:
--- super-3.23.0.patch begins here ---
diff -ruN /usr/ports/security/super/Makefile super/Makefile
--- /usr/ports/security/super/Makefile Wed Oct 1 11:39:14 2003
+++ super/Makefile Thu Sep 2 08:54:18 2004
@@ -7,7 +7,7 @@
#
PORTNAME= super
-PORTVERSION= 3.20.1
+PORTVERSION= 3.23.0
CATEGORIES= security sysutils
MASTER_SITES= ftp://ftp.ucolick.org/pub/users/will/
EXTRACT_SUFX= -tar.gz
diff -ruN /usr/ports/security/super/distinfo super/distinfo
--- /usr/ports/security/super/distinfo Wed Mar 31 10:05:33 2004
+++ super/distinfo Thu Sep 2 08:55:48 2004
@@ -1,2 +1,2 @@
-MD5 (super-3.20.1-tar.gz) = 9d0466d57e85bd94d82c8f934c39c500
-SIZE (super-3.20.1-tar.gz) = 200982
+MD5 (super-3.23.0-tar.gz) = 01c7e6cae4622683452425985fef2e2b
+SIZE (super-3.23.0-tar.gz) = 222367
diff -ruN /usr/ports/security/super/files/patch-localsys.h super/files/patch-localsys.h
--- /usr/ports/security/super/files/patch-localsys.h Thu Jan 1 02:00:00 1970
+++ super/files/patch-localsys.h Thu Sep 2 09:19:31 2004
@@ -0,0 +1,13 @@
+--- localsys.h.orig Fri Jun 18 18:22:22 2004
++++ localsys.h Thu Sep 2 09:19:06 2004
+@@ -293,10 +293,6 @@
+ #include <unistd.h>
+ #endif
+
+-#ifdef HAVE_MALLOC_H
+-#include <malloc.h>
+-#endif
+-
+ #ifdef HAVE_SYSLOG_H
+ #include <syslog.h>
+ #endif
diff -ruN /usr/ports/security/super/files/patch-utils.c super/files/patch-utils.c
--- /usr/ports/security/super/files/patch-utils.c Mon Jul 14 00:10:16 2003
+++ super/files/patch-utils.c Thu Jan 1 02:00:00 1970
@@ -1,14 +0,0 @@
---- utils.c.orig Mon Jun 16 15:34:14 2003
-+++ utils.c Sun Jul 13 15:06:15 2003
-@@ -1272,9 +1272,10 @@
- if (add_variable("SI_SYSNAME", buf) == -1)
- return -1;
- }
-- return 0;
- #endif
- #endif
-+
-+ return 0;
- }
-
- #ifdef HAVE_UNAME
--- super-3.23.0.patch ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list