Date: Thu, 4 Oct 2007 23:28:34 GMT From: Xin LI <delphij@FreeBSD.org> To: FreeBSD-gnats-submit@FreeBSD.org Cc: ports-security@FreeBSD.org, skv@FreeBSD.org Subject: ports/116940: [PATCH] [SECURITY] Upgrade firebird2-server to 2.0.3 Message-ID: <200710042328.l94NSYaC091999@freefall.freebsd.org> Resent-Message-ID: <200710042330.l94NU9SV092149@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 116940 >Category: ports >Synopsis: [PATCH] [SECURITY] Upgrade firebird2-server to 2.0.3 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Thu Oct 04 23:30:07 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Xin LI >Release: FreeBSD 6.2-STABLE i386 >Organization: The FreeBSD Project >Environment: System: FreeBSD freefall.freebsd.org 6.2-STABLE FreeBSD 6.2-STABLE #0: Fri Jul 13 03:43:15 UTC 2007 peter@freefall.freebsd.org:/usr/obj/usr/src/sys/FREEFALL i386 >Description: As reported at BugTraq bid 25925, firebird has released a fixed version that is not vulnerable to a remotely exploitable vulnerability of firebird server. Maintainer (skv@) cc'ed. >How-To-Repeat: Test cases at: http://www.securityfocus.com/data/vulnerabilities/exploits/fb_svc_attach.rb http://www.securityfocus.com/data/vulnerabilities/exploits/fb_isc_create_database.rb http://www.securityfocus.com/data/vulnerabilities/exploits/fb_isc_attach_database.rb >Fix: --- firebird2.diff begins here --- Index: Makefile =================================================================== RCS file: /home/ncvs/ports/databases/firebird2-server/Makefile,v retrieving revision 1.61 diff -u -p -r1.61 Makefile --- Makefile 30 Sep 2007 04:46:39 -0000 1.61 +++ Makefile 4 Oct 2007 23:03:01 -0000 @@ -6,13 +6,12 @@ # PORTNAME?= firebird -PORTVERSION= 2.0.2 -PORTREVISION= 1 +PORTVERSION= 2.0.3 CATEGORIES?= databases MASTER_SITES= SF MASTER_SITE_SUBDIR=firebird PKGNAMESUFFIX?= -server -DISTNAME= Firebird-2.0.2.12964-0 +DISTNAME= Firebird-2.0.3.12981-1 MAINTAINER= skv@FreeBSD.org COMMENT?= Firebird-2 relational database (server) Index: distinfo =================================================================== RCS file: /home/ncvs/ports/databases/firebird2-server/distinfo,v retrieving revision 1.16 diff -u -p -r1.16 distinfo --- distinfo 30 Aug 2007 21:35:30 -0000 1.16 +++ distinfo 4 Oct 2007 22:52:24 -0000 @@ -1,3 +1,3 @@ -MD5 (Firebird-2.0.2.12964-0.tar.bz2) = 6b7d5781a3e4b72ef6349b2c5c67f576 -SHA256 (Firebird-2.0.2.12964-0.tar.bz2) = 34b63c6ab4d992c050dc769a656d7ea13a96c8ac7b7f6e399df54df18f9e79b5 -SIZE (Firebird-2.0.2.12964-0.tar.bz2) = 12624989 +MD5 (Firebird-2.0.3.12981-1.tar.bz2) = 5c70e72c4a3e4689d4bae2cee2694991 +SHA256 (Firebird-2.0.3.12981-1.tar.bz2) = 2afe8411f844414f86ff93a66a75e542b78a1593019cc430a56ef27616885f00 +SIZE (Firebird-2.0.3.12981-1.tar.bz2) = 12627615 Index: files/patch-builds%posix%make.defaults =================================================================== RCS file: /home/ncvs/ports/databases/firebird2-server/files/patch-builds%posix%make.defaults,v retrieving revision 1.2 diff -u -p -r1.2 patch-builds%posix%make.defaults --- files/patch-builds%posix%make.defaults 18 Sep 2006 15:20:03 -0000 1.2 +++ files/patch-builds%posix%make.defaults 4 Oct 2007 23:05:51 -0000 @@ -1,6 +1,6 @@ ---- builds/posix/make.defaults.orig Wed Dec 28 09:58:28 2005 -+++ builds/posix/make.defaults Wed Aug 16 16:26:16 2006 -@@ -102,7 +102,7 @@ +--- builds/posix/make.defaults.orig 2007-09-04 15:51:17.000000000 +0800 ++++ builds/posix/make.defaults 2007-10-05 07:05:13.947441166 +0800 +@@ -107,7 +107,7 @@ CHMOD= chmod CHMOD_6= chmod 666 CHMOD_7= chmod 777 @@ -9,7 +9,7 @@ MV= mv -f TOUCH= touch CP= cp -@@ -180,9 +180,6 @@ +@@ -185,9 +185,6 @@ LIBFBSTATIC_A = $(LIB)/libfbstatic.a LIBEDITLINE_A = $(LIB)/libeditline.a @@ -19,3 +19,12 @@ # Shared library name for usage inside of the UDF IbUtilLibraryName = $(LIB_PREFIX)ib_util.$(SHRLIB_EXT) +@@ -203,7 +200,7 @@ + STATICEXE_LINK:= @CXX@ + + LINK_LIBS = @LIBS@ @EDITLINE_A@ +-ICU_LIBS = -licuuc -licudata -licui18n ++ICU_LIBS = @ICU_LIBS@ @ICU_LDFLAGS@ + STATICLINK_LIBS = @LIBS@ @EDITLINE_A@ + SO_LINK_LIBS = @LIBS@ + Index: files/patch-builds%posix%make.rules =================================================================== RCS file: /home/ncvs/ports/databases/firebird2-server/files/patch-builds%posix%make.rules,v retrieving revision 1.1 diff -u -p -r1.1 patch-builds%posix%make.rules --- files/patch-builds%posix%make.rules 18 Sep 2006 15:20:03 -0000 1.1 +++ files/patch-builds%posix%make.rules 4 Oct 2007 22:58:05 -0000 @@ -1,5 +1,5 @@ ---- builds/posix/make.rules.orig Wed Dec 28 09:58:28 2005 -+++ builds/posix/make.rules Thu Sep 14 17:29:08 2006 +--- builds/posix/make.rules.orig 2007-09-04 15:51:17.000000000 +0800 ++++ builds/posix/make.rules 2007-10-05 06:56:37.104972944 +0800 @@ -33,7 +33,7 @@ @@ -9,12 +9,3 @@ ifeq ($(IsProdTypeBuild),Y) CFLAGS:= $(CFLAGS) $(PROD_FLAGS) -DPROD_BUILD -@@ -75,7 +75,7 @@ - STATICEXE_LINK = @CXX@ - - LINK_LIBS = @LIBS@ @EDITLINE_A@ --ICU_LIBS = -licuuc -licudata -licui18n -+ICU_LIBS = @ICU_LIBS@ @ICU_LDFLAGS@ - STATICLINK_LIBS = @LIBS@ @EDITLINE_A@ - SO_LINK_LIBS = @LIBS@ - Index: files/patch-configure.in =================================================================== RCS file: /home/ncvs/ports/databases/firebird2-server/files/patch-configure.in,v retrieving revision 1.4 diff -u -p -r1.4 patch-configure.in --- files/patch-configure.in 1 Apr 2007 12:38:44 -0000 1.4 +++ files/patch-configure.in 4 Oct 2007 23:00:08 -0000 @@ -1,18 +1,17 @@ ---- configure.in.orig Fri Dec 8 21:26:56 2006 -+++ configure.in Fri Jan 12 13:04:42 2007 -@@ -445,9 +445,10 @@ +--- configure.in.orig 2007-09-04 15:51:12.000000000 +0800 ++++ configure.in 2007-10-05 06:59:32.243635556 +0800 +@@ -447,8 +447,9 @@ AC_CHECK_LIB(termcap, tgetent, , \ AC_CHECK_LIB(tinfo, tgetent, , \ AC_MSG_ERROR(termcap support not found))))) - AC_SUBST(EDITLINE_A, -leditline) + AC_SUBST(EDITLINE_A, "-ledit -lreadline") fi - AC_CHECK_LIB(stdc++, main,,, $LIBS) +AM_PATH_ICU(3, 6) dnl Check for functions -@@ -718,6 +719,10 @@ +@@ -720,6 +721,10 @@ AC_SUBST(NEW_FIREBIRD_DIR) AC_DEFINE_UNQUOTED(FB_PREFIX, $(if test "x$prefix" = "xNONE" ; then echo \"$ac_default_prefix\"; else echo \"$prefix\"; fi), [Installation path prefix]) @@ -23,7 +22,7 @@ AC_CONFIG_COMMANDS(,,[ dnl # rebuild version header if needed -@@ -1026,19 +1031,11 @@ +@@ -1048,19 +1053,11 @@ gen/Makefile.install:builds/install/arch-specific/${INSTALL_PREFIX}/Makefile.in Makefile:Makefile.in gen/Makefile.extern.editline:${MAKE_SRC_DIR}/Makefile.in.extern.editline --- firebird2.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200710042328.l94NSYaC091999>