Date: Mon, 30 Dec 2013 10:58:48 GMT From: <ohauer@FreeBSD.org> To: FreeBSD-gnats-submit@freebsd.org Cc: m.tsatsenko@gmail.com Subject: ports/185288: [patch] net/radsecproxy update to v1.6.5 Message-ID: <201312301058.rBUAwm6f054868@freefall.freebsd.org> Resent-Message-ID: <201312301100.rBUB00v9054969@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 185288
>Category: ports
>Synopsis: [patch] net/radsecproxy update to v1.6.5
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Mon Dec 30 11:00:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Olli Hauer
>Release:
>Organization:
>Environment:
>Description:
It seems all versions of radsecproxy before version 1.6.2 are affected by
CVE-2012-4566 and CVE-2012-4523
1.6.2
Bug fixes (security):
Fix the issue with verification of clients when using multiple 'tls'
config blocks for DTLS too (RADSECPROXY-43, CVE-2012-4566).
1.6.1
Bug fixes (security):
When verifying clients, don't consider config blocks with CA settings
('tls') which differ from the one used for verifying the certificate
chain (RADSECPROXY-43, CVE-2012-4523). Reported by Ralf Paffrath.
The patch updates the port to version 1.6.5
PS:
I don't use radsecproxy, so I have no testcase for the new version ...
>How-To-Repeat:
>Fix:
--- radsecproxy.diff begins here ---
Index: radsecproxy/Makefile
===================================================================
--- radsecproxy/Makefile (revision 338062)
+++ radsecproxy/Makefile (working copy)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= radsecproxy
-PORTVERSION= 1.4.2
+PORTVERSION= 1.6.5
CATEGORIES= net
MASTER_SITES= http://software.uninett.no/radsecproxy/
@@ -12,20 +12,14 @@
LICENSE= GPLv2 BSD
LICENSE_COMB= dual
-MAN1= radsecproxy.1
-MAN5= radsecproxy.conf.5
-
GNU_CONFIGURE= yes
USE_RC_SUBR= ${PORTNAME}
USE_OPENSSL= yes
CONFIGURE_ARGS= --with-ssl=${OPENSSLBASE}
-NO_STAGE= yes
-do-install:
- ${INSTALL_PROGRAM} ${WRKSRC}/radsecproxy ${PREFIX}/bin/catgconf
- ${INSTALL_PROGRAM} ${WRKSRC}/radsecproxy ${PREFIX}/sbin/radsecproxy
- ${INSTALL_DATA} ${WRKSRC}/radsecproxy.conf-example ${PREFIX}/etc/radsecproxy.conf-example
- ${INSTALL_MAN} ${WRKSRC}/radsecproxy.1 ${PREFIX}/man/man1/radsecproxy.1
- ${INSTALL_MAN} ${WRKSRC}/radsecproxy.conf.5 ${PREFIX}/man/man5/radsecproxy.conf.5
- ${INSTALL_DATA} ${WRKSRC}/radsecproxy.conf-example ${PREFIX}/etc/radsecproxy.conf-example
+post-install:
+ ${MAKE} install-man -C ${WRKSRC} ${MAKE_ARGS}
+ ${INSTALL_DATA} ${WRKSRC}/radsecproxy.conf-example \
+ ${STAGEDIR}${PREFIX}/etc
+
.include <bsd.port.mk>
Index: radsecproxy/distinfo
===================================================================
--- radsecproxy/distinfo (revision 338062)
+++ radsecproxy/distinfo (working copy)
@@ -1,2 +1,2 @@
-SHA256 (radsecproxy-1.4.2.tar.gz) = 76f2db133c22883bd87bd0c6f2c258c14d7c01751845d425abb4a1599401757e
-SIZE (radsecproxy-1.4.2.tar.gz) = 188224
+SHA256 (radsecproxy-1.6.5.tar.gz) = b0b7718c84a73ee2af48684cb5c9f3d76369c7e3a4ad3258b919769b4dc65e5f
+SIZE (radsecproxy-1.6.5.tar.gz) = 206053
Index: radsecproxy/pkg-plist
===================================================================
--- radsecproxy/pkg-plist (revision 338062)
+++ radsecproxy/pkg-plist (working copy)
@@ -1,3 +1,6 @@
-bin/catgconf
+bin/radsecproxy-conf
+etc/radsecproxy.conf-example
+etc/rc.d/radsecproxy
+man/man1/radsecproxy-hash.1.gz
+man/man1/radsecproxy.1.gz
sbin/radsecproxy
-etc/radsecproxy.conf-example
--- radsecproxy.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201312301058.rBUAwm6f054868>