Date: 17 May 2002 07:18:30 -0000 From: Mitsuru Yoshida <mitsuru@riken.go.jp> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/38171: update tinyproxy port (security fix) Message-ID: <20020517071830.68792.qmail@zebu.riken.go.jp>
next in thread | raw e-mail | index | archive | help
>Number: 38171 >Category: ports >Synopsis: update tinyproxy port (security fix) >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Fri May 17 00:20:03 PDT 2002 >Closed-Date: >Last-Modified: >Originator: Mitsuru Yoshida >Release: FreeBSD 4.6-PRERELEASE i386 >Organization: >Environment: System: FreeBSD 4.6-PRERELEASE i386 >Description: update tinyproxy port (security fix) >How-To-Repeat: See http://online.securityfocus.com/bid/4731/discussion/ >Fix: diff -ruN tinyproxy.old/Makefile tinyproxy/Makefile --- tinyproxy.old/Makefile Thu May 16 11:35:13 2002 +++ tinyproxy/Makefile Fri May 17 15:55:41 2002 @@ -6,7 +6,7 @@ # PORTNAME= tinyproxy -PORTVERSION= 1.4.3 +PORTVERSION= 1.5.0 CATEGORIES= www MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= ${PORTNAME} @@ -15,7 +15,7 @@ GNU_CONFIGURE= yes USE_GMAKE= yes -CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --with-config=${PREFIX}/etc/tinyproxy/tinyproxy.conf +CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --with-config=${PREFIX}/etc/tinyproxy/tinyproxy.conf --program-transform-name="" MAN8= tinyproxy.8 @@ -24,9 +24,5 @@ ${MV} $$f $$f.orig; \ ${SED} -e s:/etc/tinyproxy/tinyproxy.conf:${PREFIX}/etc/tinyproxy/tinyproxy.conf: \ < $$f.orig > $$f - -post-install: - ${MKDIR} ${PREFIX}/etc/tinyproxy - ${INSTALL_DATA} ${WRKSRC}/doc/tinyproxy.conf ${PREFIX}/etc/tinyproxy/tinyproxy.conf.sample .include <bsd.port.mk> diff -ruN tinyproxy.old/distinfo tinyproxy/distinfo --- tinyproxy.old/distinfo Thu May 16 11:35:13 2002 +++ tinyproxy/distinfo Thu May 16 11:36:58 2002 @@ -1 +1 @@ -MD5 (tinyproxy-1.4.3.tar.gz) = d8b35d99e739023e8442ece2e3546398 +MD5 (tinyproxy-1.5.0.tar.gz) = 2236b57f183b168dcfaaffbda43b4051 diff -ruN tinyproxy.old/files/patch-aa tinyproxy/files/patch-aa --- tinyproxy.old/files/patch-aa Thu May 16 11:35:13 2002 +++ tinyproxy/files/patch-aa Thu May 16 12:24:28 2002 @@ -1,11 +1,12 @@ ---- src/sock.c.dist Tue Nov 13 06:10:29 2001 -+++ src/sock.c Thu Feb 7 18:33:24 2002 -@@ -259,7 +259,7 @@ - - for (n = 1; n < maxlen; n++) { - again: -- if ((rc = recv(fd, &c, 1, MSG_NOSIGNAL)) == 1) { -+ if ((rc = recv(fd, &c, 1, 0)) == 1) { - *ptr++ = c; - if (c == '\n') - break; +--- Makefile.in.dist Thu May 16 12:23:51 2002 ++++ Makefile.in Thu May 16 12:24:07 2002 +@@ -363,9 +363,6 @@ + $(mkinstalldirs) $(DESTDIR)@TINYPROXY_CONFIG_DIR@ + $(INSTALL) -m 600 $(srcdir)/doc/tinyproxy.conf \ + $(DESTDIR)@TINYPROXY_CONFIG_DIR@/@TINYPROXY_CONFIG_FILE@-dist +- test ! -f $(DESTDIR)@TINYPROXY_CONFIG_DIR@/@TINYPROXY_CONFIG_FILE@ \ +- && $(INSTALL) -m 600 $(srcdir)/doc/tinyproxy.conf \ +- $(DESTDIR)@TINYPROXY_CONFIG_DIR@/@TINYPROXY_CONFIG_FILE@ + @echo "" + @echo "A configuration file has been copied to:" + @echo "" diff -ruN tinyproxy.old/files/patch-ab tinyproxy/files/patch-ab --- tinyproxy.old/files/patch-ab Thu May 16 11:35:13 2002 +++ tinyproxy/files/patch-ab Fri May 17 15:42:21 2002 @@ -1,22 +1,11 @@ ---- src/tinyproxy.h.dist Fri Oct 26 02:27:17 2001 -+++ src/tinyproxy.h Thu Feb 7 18:34:32 2002 -@@ -27,9 +27,6 @@ - * Include standard headers which are used through-out tinyproxy - */ - #include <sys/types.h> --#ifdef HAVE_SYS_RESOURCE_H --# include <sys/resource.h> --#endif - #ifdef HAVE_SYS_SELECT_H - # include <sys/select.h> - #endif -@@ -44,6 +41,9 @@ - # else - # include <time.h> - # endif -+#endif -+#ifdef HAVE_SYS_RESOURCE_H -+# include <sys/resource.h> - #endif - #include <sys/uio.h> - #include <netinet/in.h> +--- src/reqs.c.dist Fri May 17 15:37:16 2002 ++++ src/reqs.c Fri May 17 15:38:04 2002 +@@ -783,7 +783,7 @@ + &data, + (void**)&header); + +- if (!is_anonymous_enabled() || anonymous_search(data) <= 0) { ++ if (!is_anonymous_enabled() || anonymous_search(data) > 0) { + ret = write_message(connptr->server_fd, + "%s: %s\r\n", + data, header); diff -ruN tinyproxy.old/files/patch-ac tinyproxy/files/patch-ac --- tinyproxy.old/files/patch-ac Thu Jan 1 09:00:00 1970 +++ tinyproxy/files/patch-ac Fri May 17 15:47:50 2002 @@ -0,0 +1,19 @@ +--- doc/tinyproxy.8.dist Fri May 17 15:47:17 2002 ++++ doc/tinyproxy.8 Fri May 17 15:47:25 2002 +@@ -1,6 +1,6 @@ + .\" -*- nroff -*- + .\" +-.\" tinyproxy.1 ++.\" tinyproxy.8 + .\" + .\" Copyright (c) 1998-2000 Steven Young and Robert James Kaes. + .\" Copyright (c) 2001 Robert James Kaes +@@ -8,7 +8,7 @@ + .\" This program is distributed under the terms of the GNU General Public + .\" License. See COPYING for additional information. + .\" +-.TH tinyproxy 1 .\" "tinyproxy Manual" "August 25, 2001" ++.TH tinyproxy 8 .\" "tinyproxy Manual" "August 25, 2001" + .SH NAME + tinyproxy - A small HTTP proxy server + .SH SYNTAX diff -ruN tinyproxy.old/pkg-plist tinyproxy/pkg-plist --- tinyproxy.old/pkg-plist Thu May 16 11:35:13 2002 +++ tinyproxy/pkg-plist Fri May 17 15:06:51 2002 @@ -1,3 +1,3 @@ sbin/tinyproxy -etc/tinyproxy/tinyproxy.conf.sample +etc/tinyproxy/tinyproxy.conf-dist @dirrm etc/tinyproxy >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020517071830.68792.qmail>