rpms/ntop/devel ntop-http_c.patch, 1.2, 1.3 import.log, 1.3, 1.4 ntop.spec, 1.12, 1.13
Rakesh Pandit
rakesh at fedoraproject.org
Sat Oct 10 06:09:32 UTC 2009
- Previous message (by thread): rpms/ntop/F-11 ntop-http_c_user.patch, NONE, 1.1 ntop-lua_wget.patch, NONE, 1.1 .cvsignore, 1.4, 1.5 import.log, 1.2, 1.3 ntop-geoip.patch, 1.1, 1.2 ntop.spec, 1.9, 1.10 sources, 1.4, 1.5 ntop-http_c.patch, 1.1, NONE
- Next message (by thread): rpms/ntop/F-11 ntop.spec,1.10,1.11
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: rakesh
Update of /cvs/pkgs/rpms/ntop/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv6767/devel
Modified Files:
import.log ntop.spec
Added Files:
ntop-http_c.patch
Log Message:
Patch7: ntop-http_c_user.patch for #518264 (CVE-2009-2732)
ntop-http_c.patch:
http.c | 3 +++
1 file changed, 3 insertions(+)
Index: ntop-http_c.patch
===================================================================
RCS file: ntop-http_c.patch
diff -N ntop-http_c.patch
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ ntop-http_c.patch 10 Oct 2009 06:09:31 -0000 1.3
@@ -0,0 +1,12 @@
+--- ntop-3.3.10.org/http.c 2009-09-13 14:23:48.895204786 +0530
++++ ntop-3.3.10/http.c 2009-09-13 14:45:35.603204376 +0530
+@@ -3439,6 +3439,9 @@
+ strncpy(thePw, &outBuffer[i+1], thePwLen-1)[thePwLen-1] = '\0';
+ }
+
++ if(user == NULL)
++ user = "";
++
+ if(strlen(user) >= sizeof(theHttpUser)) user[sizeof(theHttpUser)-1] = '\0';
+ strcpy(theHttpUser, user);
+
Index: import.log
===================================================================
RCS file: /cvs/pkgs/rpms/ntop/devel/import.log,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -p -r1.3 -r1.4
--- import.log 5 Aug 2009 15:25:07 -0000 1.3
+++ import.log 10 Oct 2009 06:09:31 -0000 1.4
@@ -1,3 +1,4 @@
ntop-3_3_6-5_fc9:HEAD:ntop-3.3.6-5.fc9.src.rpm:1218561708
ntop-3_3_8-1_fc10:HEAD:ntop-3.3.8-1.fc10.src.rpm:1224702132
ntop-3_3_10-1_fc11:HEAD:ntop-3.3.10-1.fc11.src.rpm:1249486132
+ntop-3_3_10-3_fc12:HEAD:ntop-3.3.10-3.fc12.src.rpm:1255155644
Index: ntop.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ntop/devel/ntop.spec,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -p -r1.12 -r1.13
--- ntop.spec 21 Aug 2009 14:44:32 -0000 1.12
+++ ntop.spec 10 Oct 2009 06:09:31 -0000 1.13
@@ -1,6 +1,6 @@
Name: ntop
Version: 3.3.10
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: A network traffic probe similar to the UNIX top command
Group: Applications/Internet
# Confirmed from fedora legal 488717
@@ -17,6 +17,7 @@ Patch3: ntop-dbfile-default-dir.
Patch4: ntop-enable-sslv3.patch
Patch5: ntop-geoip.patch
Patch6: ntop-lua_wget.patch
+Patch7: ntop-http_c.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: autoconf, automake, pkgconfig, libtool, groff, libpcap-devel wget
BuildRequires: gdbm-devel, gd-devel, rrdtool-devel, openssl-devel
@@ -69,7 +70,7 @@ find . \( -name \*\.gz -o -name \*\.c -o
%patch4 -p1 -b .sslv3
%patch5 -p1 -b .geo
%patch6 -p1 -b .lua_wget
-#%patch6 -p1 -b .http_c
+%patch7 -p1 -b .http_c
%build
#run ntop own autoconf wrapper
@@ -189,6 +190,9 @@ fi
%{_localstatedir}/lib/ntop/rrd
%changelog
+* Sun Sep 13 2009 Rakesh Pandit <rakesh at fedoraproject.org> - 3.3.10-3
+- Patch7: ntop-http_c.patch for #518264 (CVE-2009-2732)
+
* Fri Aug 21 2009 Tomas Mraz <tmraz at redhat.com> - 3.3.10-2
- rebuilt with new openssl
- Previous message (by thread): rpms/ntop/F-11 ntop-http_c_user.patch, NONE, 1.1 ntop-lua_wget.patch, NONE, 1.1 .cvsignore, 1.4, 1.5 import.log, 1.2, 1.3 ntop-geoip.patch, 1.1, 1.2 ntop.spec, 1.9, 1.10 sources, 1.4, 1.5 ntop-http_c.patch, 1.1, NONE
- Next message (by thread): rpms/ntop/F-11 ntop.spec,1.10,1.11
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list