From owner-freebsd-ports  Fri May 17  0:20:28 2002
Delivered-To: freebsd-ports@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id DCD8F37B407
	for <freebsd-ports@hub.freebsd.org>; Fri, 17 May 2002 00:20:03 -0700 (PDT)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g4H7K3X50932;
	Fri, 17 May 2002 00:20:03 -0700 (PDT)
	(envelope-from gnats)
Received: from zebu.riken.go.jp (zebu.riken.go.jp [134.160.20.73])
	by hub.freebsd.org (Postfix) with SMTP id 31B2637B405
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 17 May 2002 00:18:10 -0700 (PDT)
Received: (qmail 68793 invoked by uid 123); 17 May 2002 07:18:30 -0000
Message-Id: <20020517071830.68792.qmail@zebu.riken.go.jp>
Date: 17 May 2002 07:18:30 -0000
From: Mitsuru Yoshida <mitsuru@riken.go.jp>
Reply-To: Mitsuru Yoshida <mitsuru@riken.go.jp>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Subject: ports/38171: update tinyproxy port (security fix)
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-ports.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-ports>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-ports>
X-Loop: FreeBSD.org


>Number:         38171
>Category:       ports
>Synopsis:       update tinyproxy port (security fix)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Fri May 17 00:20:03 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator:     Mitsuru Yoshida
>Release:        FreeBSD 4.6-PRERELEASE i386
>Organization:
>Environment:
System: FreeBSD 4.6-PRERELEASE i386


	
>Description:
	update tinyproxy port (security fix)
>How-To-Repeat:
	See http://online.securityfocus.com/bid/4731/discussion/
>Fix:

diff -ruN tinyproxy.old/Makefile tinyproxy/Makefile
--- tinyproxy.old/Makefile	Thu May 16 11:35:13 2002
+++ tinyproxy/Makefile	Fri May 17 15:55:41 2002
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	tinyproxy
-PORTVERSION=	1.4.3
+PORTVERSION=	1.5.0
 CATEGORIES=	www
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=	${PORTNAME}
@@ -15,7 +15,7 @@
 
 GNU_CONFIGURE=  yes
 USE_GMAKE=	yes
-CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --with-config=${PREFIX}/etc/tinyproxy/tinyproxy.conf
+CONFIGURE_ARGS= --bindir=${PREFIX}/sbin --with-config=${PREFIX}/etc/tinyproxy/tinyproxy.conf --program-transform-name=""
 
 MAN8=		tinyproxy.8
 
@@ -24,9 +24,5 @@
 	${MV} $$f $$f.orig; \
 	${SED} -e s:/etc/tinyproxy/tinyproxy.conf:${PREFIX}/etc/tinyproxy/tinyproxy.conf: \
 	< $$f.orig > $$f
-
-post-install:
-	${MKDIR} ${PREFIX}/etc/tinyproxy
-	${INSTALL_DATA} ${WRKSRC}/doc/tinyproxy.conf ${PREFIX}/etc/tinyproxy/tinyproxy.conf.sample
 
 .include <bsd.port.mk>
diff -ruN tinyproxy.old/distinfo tinyproxy/distinfo
--- tinyproxy.old/distinfo	Thu May 16 11:35:13 2002
+++ tinyproxy/distinfo	Thu May 16 11:36:58 2002
@@ -1 +1 @@
-MD5 (tinyproxy-1.4.3.tar.gz) = d8b35d99e739023e8442ece2e3546398
+MD5 (tinyproxy-1.5.0.tar.gz) = 2236b57f183b168dcfaaffbda43b4051
diff -ruN tinyproxy.old/files/patch-aa tinyproxy/files/patch-aa
--- tinyproxy.old/files/patch-aa	Thu May 16 11:35:13 2002
+++ tinyproxy/files/patch-aa	Thu May 16 12:24:28 2002
@@ -1,11 +1,12 @@
---- src/sock.c.dist	Tue Nov 13 06:10:29 2001
-+++ src/sock.c	Thu Feb  7 18:33:24 2002
-@@ -259,7 +259,7 @@
- 
- 	for (n = 1; n < maxlen; n++) {
- 	again:
--		if ((rc = recv(fd, &c, 1, MSG_NOSIGNAL)) == 1) {
-+		if ((rc = recv(fd, &c, 1, 0)) == 1) {
- 			*ptr++ = c;
- 			if (c == '\n')
- 				break;
+--- Makefile.in.dist	Thu May 16 12:23:51 2002
++++ Makefile.in	Thu May 16 12:24:07 2002
+@@ -363,9 +363,6 @@
+ 	$(mkinstalldirs) $(DESTDIR)@TINYPROXY_CONFIG_DIR@
+ 	$(INSTALL) -m 600 $(srcdir)/doc/tinyproxy.conf \
+ 		$(DESTDIR)@TINYPROXY_CONFIG_DIR@/@TINYPROXY_CONFIG_FILE@-dist
+-	test ! -f $(DESTDIR)@TINYPROXY_CONFIG_DIR@/@TINYPROXY_CONFIG_FILE@ \
+-		&& $(INSTALL) -m 600 $(srcdir)/doc/tinyproxy.conf \
+-			$(DESTDIR)@TINYPROXY_CONFIG_DIR@/@TINYPROXY_CONFIG_FILE@
+ 	@echo ""
+ 	@echo "A configuration file has been copied to:"
+ 	@echo ""
diff -ruN tinyproxy.old/files/patch-ab tinyproxy/files/patch-ab
--- tinyproxy.old/files/patch-ab	Thu May 16 11:35:13 2002
+++ tinyproxy/files/patch-ab	Fri May 17 15:42:21 2002
@@ -1,22 +1,11 @@
---- src/tinyproxy.h.dist	Fri Oct 26 02:27:17 2001
-+++ src/tinyproxy.h	Thu Feb  7 18:34:32 2002
-@@ -27,9 +27,6 @@
-  * Include standard headers which are used through-out tinyproxy
-  */
- #include        <sys/types.h>
--#ifdef HAVE_SYS_RESOURCE_H
--#  include      <sys/resource.h>
--#endif
- #ifdef HAVE_SYS_SELECT_H
- #  include	<sys/select.h>
- #endif
-@@ -44,6 +41,9 @@
- #  else
- #    include	<time.h>
- #  endif
-+#endif
-+#ifdef HAVE_SYS_RESOURCE_H
-+#  include      <sys/resource.h>
- #endif
- #include	<sys/uio.h>
- #include	<netinet/in.h>
+--- src/reqs.c.dist	Fri May 17 15:37:16 2002
++++ src/reqs.c	Fri May 17 15:38:04 2002
+@@ -783,7 +783,7 @@
+ 					     &data,
+ 					     (void**)&header);
+ 
+-			if (!is_anonymous_enabled() || anonymous_search(data) <= 0) {
++			if (!is_anonymous_enabled() || anonymous_search(data) > 0) {
+ 				ret = write_message(connptr->server_fd,
+ 						    "%s: %s\r\n",
+ 						    data, header);
diff -ruN tinyproxy.old/files/patch-ac tinyproxy/files/patch-ac
--- tinyproxy.old/files/patch-ac	Thu Jan  1 09:00:00 1970
+++ tinyproxy/files/patch-ac	Fri May 17 15:47:50 2002
@@ -0,0 +1,19 @@
+--- doc/tinyproxy.8.dist	Fri May 17 15:47:17 2002
++++ doc/tinyproxy.8	Fri May 17 15:47:25 2002
+@@ -1,6 +1,6 @@
+ .\" -*- nroff -*-
+ .\"
+-.\" tinyproxy.1
++.\" tinyproxy.8
+ .\"
+ .\" Copyright (c) 1998-2000  Steven Young and Robert James Kaes.
+ .\" Copyright (c) 2001       Robert James Kaes
+@@ -8,7 +8,7 @@
+ .\" This program is distributed under the terms of the GNU General Public
+ .\" License. See COPYING for additional information.
+ .\"
+-.TH tinyproxy 1 .\" "tinyproxy Manual" "August 25, 2001"
++.TH tinyproxy 8 .\" "tinyproxy Manual" "August 25, 2001"
+ .SH NAME
+ tinyproxy - A small HTTP proxy server
+ .SH SYNTAX
diff -ruN tinyproxy.old/pkg-plist tinyproxy/pkg-plist
--- tinyproxy.old/pkg-plist	Thu May 16 11:35:13 2002
+++ tinyproxy/pkg-plist	Fri May 17 15:06:51 2002
@@ -1,3 +1,3 @@
 sbin/tinyproxy
-etc/tinyproxy/tinyproxy.conf.sample
+etc/tinyproxy/tinyproxy.conf-dist
 @dirrm etc/tinyproxy


>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message