svn commit: r304087 - in head/net/freeradius2: . files
Ryan Steinmetz
zi at FreeBSD.org
Tue Sep 11 11:33:51 UTC 2012
Author: zi
Date: Tue Sep 11 11:33:50 2012
New Revision: 304087
URL: http://svn.freebsd.org/changeset/ports/304087
Log:
- Add patch for CVE-2012-3547
- Bump PORTREVISION
Submitted by: rea@
Obtained from: Upstream git repo
Security: 3bbbe3aa-fbeb-11e1-8bd8-0022156e8794
Added:
head/net/freeradius2/files/patch-CVE-2012-3547 (contents, props changed)
Modified:
head/net/freeradius2/Makefile
Modified: head/net/freeradius2/Makefile
==============================================================================
--- head/net/freeradius2/Makefile Tue Sep 11 09:04:27 2012 (r304086)
+++ head/net/freeradius2/Makefile Tue Sep 11 11:33:50 2012 (r304087)
@@ -9,7 +9,7 @@
PORTNAME= freeradius
DISTVERSION= 2.1.12
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= net
MASTER_SITES= ftp://ftp.freeradius.org/pub/freeradius/%SUBDIR%/ \
ftp://ftp.ntua.gr/pub/net/radius/freeradius/%SUBDIR%/ \
Added: head/net/freeradius2/files/patch-CVE-2012-3547
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/net/freeradius2/files/patch-CVE-2012-3547 Tue Sep 11 11:33:50 2012 (r304087)
@@ -0,0 +1,11 @@
+--- ./src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c.orig 2011-09-30 10:12:07.000000000 -0400
++++ ./src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c 2012-09-11 07:28:34.000000000 -0400
+@@ -531,7 +531,7 @@
+ */
+ buf[0] = '\0';
+ asn_time = X509_get_notAfter(client_cert);
+- if ((lookup <= 1) && asn_time && (asn_time->length < MAX_STRING_LEN)) {
++ if ((lookup <= 1) && asn_time && (asn_time->length < sizeof(buf))) {
+ memcpy(buf, (char*) asn_time->data, asn_time->length);
+ buf[asn_time->length] = '\0';
+ pairadd(&handler->certs,
More information about the svn-ports-all
mailing list