ports/152529: [Patch] Update games/openttd to 1.0.5

Koop Mast kwm at FreeBSD.org
Tue Nov 23 21:50:08 UTC 2010 

>Number:         152529
>Category:       ports
>Synopsis:       [Patch] Update games/openttd to 1.0.5
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Nov 23 21:50:08 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Koop Mast
>Release:        FreeBSD 8.1-STABLE i386
>Organization:
>Environment:
System: FreeBSD freefall.freebsd.org 8.1-STABLE FreeBSD 8.1-STABLE #2 r215627: Sun Nov 21 13:36:51 UTC 2010 simon at freefall.freebsd.org:/usr/obj/usr/src/sys/FREEFALL i386


	
>Description:
	Update OpenTTD to 1.0.5. And add vuxml entry for CVE-2010-4168.
	http://security.openttd.org/en/CVE-2010-4168
	The patch is to silence some build warnings spam.
	
>How-To-Repeat:
	
>Fix:

	

--- openttd-1.0.5.diff begins here ---
Index: games/openttd/Makefile
===================================================================
RCS file: /home/pcvs/ports/games/openttd/Makefile,v
retrieving revision 1.31
diff -a -u -r1.31 Makefile
--- games/openttd/Makefile	22 Aug 2010 12:30:53 -0000	1.31
+++ games/openttd/Makefile	23 Nov 2010 21:36:21 -0000
@@ -6,10 +6,9 @@
 #
 
 PORTNAME=	openttd
-PORTVERSION=	1.0.3
+PORTVERSION=	1.0.5
 CATEGORIES=	games
-MASTER_SITES=	http://gb.binaries.openttd.org/binaries/releases/${PORTVERSION}/ \
-		#SF/${PORTNAME}/${PORTNAME}/${PORTNAME}-${PORTVERSION}
+MASTER_SITES=	http://gb.binaries.openttd.org/binaries/releases/${PORTVERSION}/
 
 MAINTAINER=	danfe at FreeBSD.org
 COMMENT=	An open source clone of Microprose Transport Tycoon Deluxe
@@ -21,7 +20,8 @@
 CONFIGURE_ARGS=	--prefix-dir="${PREFIX}" --data-dir="${DATADIR_REL}"
 USE_BZIP2=	yes
 USE_GMAKE=	yes
-INSTALLS_ICONS=	yes
+# We don't use installs_icons because it depends on a program shipped with gtk20
+#INSTALLS_ICONS=	yes
 MAKE_JOBS_SAFE=	yes
 
 DISTVERSIONSUFFIX=	-source
Index: games/openttd/distinfo
===================================================================
RCS file: /home/pcvs/ports/games/openttd/distinfo,v
retrieving revision 1.21
diff -a -u -r1.21 distinfo
--- games/openttd/distinfo	22 Aug 2010 12:30:53 -0000	1.21
+++ games/openttd/distinfo	23 Nov 2010 21:36:21 -0000
@@ -1,3 +1,2 @@
-MD5 (openttd-1.0.3-source.tar.bz2) = cff60c624913a491ed3c91474e845722
-SHA256 (openttd-1.0.3-source.tar.bz2) = f52f2381c678de024d26ee465c8203323eb3484300c4dc182c0d68c439ee8c57
-SIZE (openttd-1.0.3-source.tar.bz2) = 5395672
+SHA256 (openttd-1.0.5-source.tar.bz2) = c353626b16b4b781db3c3c61f0ad651f5701e50f87439c4005b4456b63db09f8
+SIZE (openttd-1.0.5-source.tar.bz2) = 5684796
Index: games/openttd/pkg-plist
===================================================================
RCS file: /home/pcvs/ports/games/openttd/pkg-plist,v
retrieving revision 1.13
diff -a -u -r1.13 pkg-plist
--- games/openttd/pkg-plist	22 Aug 2010 12:30:53 -0000	1.13
+++ games/openttd/pkg-plist	23 Nov 2010 21:36:21 -0000
@@ -18,6 +18,7 @@
 @dirrm %%DATADIR%%/data
 %%DATADIR%%/lang/afrikaans.lng
 %%DATADIR%%/lang/arabic_egypt.lng
+%%DATADIR%%/lang/belarusian.lng
 %%DATADIR%%/lang/brazilian_portuguese.lng
 %%DATADIR%%/lang/bulgarian.lng
 %%DATADIR%%/lang/catalan.lng
Index: games/openttd/files/patch-src_string-func.h
===================================================================
RCS file: games/openttd/files/patch-src_string-func.h
diff -N games/openttd/files/patch-src_string-func.h
--- /dev/null	1 Jan 1970 00:00:00 -0000
+++ games/openttd/files/patch-src_string-func.h	23 Nov 2010 21:36:21 -0000
@@ -0,0 +1,12 @@
+--- src/string_func.h.orig	2010-10-10 09:15:22.000000000 +0200
++++ src/string_func.h	2010-10-10 09:19:08.000000000 +0200
+@@ -252,7 +252,8 @@
+ #endif
+ 
+ /* strndup is a GNU extension */
+-#if defined(_GNU_SOURCE) || (defined(__NetBSD_Version__) && 400000000 <= __NetBSD_Version__)
++#if defined(_GNU_SOURCE) || (defined(__NetBSD_Version__) && 400000000 <= __NetBSD_Version__) || \
++	defined(__FreeBSD__)
+ #	undef DEFINE_STRNDUP
+ #else
+ #	define DEFINE_STRNDUP
Index: security/vuxml/vuln.xml
===================================================================
RCS file: /home/pcvs/ports/security/vuxml/vuln.xml,v
retrieving revision 1.2253
diff -a -u -r1.2253 vuln.xml
--- security/vuxml/vuln.xml	23 Nov 2010 19:02:12 -0000	1.2253
+++ security/vuxml/vuln.xml	23 Nov 2010 21:36:28 -0000
@@ -34,6 +34,34 @@
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="373e412e-f748-11df-96cd-0015f2db7bde">
+    <topic>OpenTTD -- Denial of service (server/client) via invalid read</topic>
+    <affects>
+      <package>
+	<name>openttd</name>
+	<range><ge>1.0.0</ge><lt>1.0.5</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>The OpenTTD Team reports:</p>
+	<blockquote cite="http://security.openttd.org/en/CVE-2010-4168">
+	  <p>When a client disconnects, without sending the "quit" or "client
+          error" message, the server has a chance of reading and writing a
+          just freed piece of memory. </p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2010-4168</cvename>
+      <url>http://security.openttd.org/en/CVE-2010-4168</url>
+    </references>
+    <dates>
+      <discovery>2010-11-20</discovery>
+      <entry>2010-11-23</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="a3314314-f731-11df-a757-0011098ad87f">
     <topic>horde-base -- XSS: VCARD attachments vulnerability</topic>
     <affects>
--- openttd-1.0.5.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list