From owner-freebsd-ports-bugs@FreeBSD.ORG Sat Dec 17 08:00:14 2005 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EC43416A41F for ; Sat, 17 Dec 2005 08:00:14 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6AE9A43D5C for ; Sat, 17 Dec 2005 08:00:14 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id jBH80EL1028020 for ; Sat, 17 Dec 2005 08:00:14 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id jBH80ECw028018; Sat, 17 Dec 2005 08:00:14 GMT (envelope-from gnats) Resent-Date: Sat, 17 Dec 2005 08:00:14 GMT Resent-Message-Id: <200512170800.jBH80ECw028018@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Gea-Suan Lin Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EFCD516A41F; Sat, 17 Dec 2005 07:57:48 +0000 (GMT) (envelope-from gslin@netnews.NCTU.edu.tw) Received: from netnews.NCTU.edu.tw (ccreader.nctu.edu.tw [140.113.54.119]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6FCD443D62; Sat, 17 Dec 2005 07:57:46 +0000 (GMT) (envelope-from gslin@netnews.NCTU.edu.tw) Received: by netnews.NCTU.edu.tw (Postfix, from userid 1000) id 6C131F1; Sat, 17 Dec 2005 15:57:42 +0800 (CST) Message-Id: <20051217075742.6C131F1@netnews.NCTU.edu.tw> Date: Sat, 17 Dec 2005 15:57:42 +0800 (CST) From: Gea-Suan Lin To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: clement@FreeBSD.org Subject: ports/90531: [PATCH] security/dropbear: update to 0.47 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 17 Dec 2005 08:00:15 -0000 >Number: 90531 >Category: ports >Synopsis: [PATCH] security/dropbear: update to 0.47 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Sat Dec 17 08:00:13 GMT 2005 >Closed-Date: >Last-Modified: >Originator: Gea-Suan Lin >Release: FreeBSD 6.0-RELEASE i386 >Organization: >Environment: System: FreeBSD netnews.NCTU.edu.tw 6.0-RELEASE FreeBSD 6.0-RELEASE #3: Sat Dec 10 02:26:21 CST 2005 >Description: - Dropbear server versions prior to 0.47 have a buffer sizing error that may allow authenticated users to run code as the server user (usually root). - Add SHA256. Port maintainer (clement@FreeBSD.org) is cc'd. Generated with FreeBSD Port Tools 0.63 >How-To-Repeat: >Fix: --- dropbear-0.47.patch begins here --- diff -ruN --exclude=CVS /usr/ports/security/dropbear/Makefile /home/staff/gslin/work/dropbear/Makefile --- /usr/ports/security/dropbear/Makefile Mon Jul 11 03:52:15 2005 +++ /home/staff/gslin/work/dropbear/Makefile Sat Dec 17 15:49:53 2005 @@ -6,7 +6,7 @@ # PORTNAME= dropbear -PORTVERSION= 0.46 +PORTVERSION= 0.47 CATEGORIES= security ipv6 MASTER_SITES= http://matt.ucc.asn.au/dropbear/releases/ diff -ruN --exclude=CVS /usr/ports/security/dropbear/distinfo /home/staff/gslin/work/dropbear/distinfo --- /usr/ports/security/dropbear/distinfo Mon Jul 11 03:52:15 2005 +++ /home/staff/gslin/work/dropbear/distinfo Sat Dec 17 15:50:29 2005 @@ -1,2 +1,3 @@ -MD5 (dropbear-0.46.tar.gz) = 3c6daae8f45dce5c838ab3df81c4b5f9 -SIZE (dropbear-0.46.tar.gz) = 1603118 +MD5 (dropbear-0.47.tar.gz) = 49a72d314592438eb0e56e85a3517ab1 +SHA256 (dropbear-0.47.tar.gz) = 5f30c174714c3783cc5e83ffcc343adda874290f0bd47a559ae0dec2acaedeb0 +SIZE (dropbear-0.47.tar.gz) = 1612040 --- dropbear-0.47.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: