From nobody Sun Jan 23 23:02:42 2022 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 979F7195F25C; Sun, 23 Jan 2022 23:02:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JhpYG3mJpz58kt; Sun, 23 Jan 2022 23:02:42 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642978962; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=GkJA2wmY6PBO+OKpbXEww4v0nnxeYZURbauTxLOa4yk=; b=WL7MCMpzyncFbaG9BXrhfVdWPlVjE21AqxMEDWxacENaCfzXgkFIy57sXE5XOWhRyclNy8 Im+mHcTE/QCiGFSN9CYIWQchzXGM5EbDEdGJSxF5JHzKuzFz53IhbRQr1Wv+FcHJul3jD7 yTNM1FIbkbpilkYG15wqdaso0b65gwoIBUg9TU/fwe5bvOt6I+Qtb1XnJao16DG4koynAi ARWPRTgWOYvloP8YxKLIWbTy+c/nYyh9EF9GgVSEv8zSUNRSGm1+OMzyHcNpGN8DZQP9zg Cc7NKH0bPHoTfecjzjB2Iikg4eBlebMIKzcDapbqTmT6P2VLWRASRDvi/Elkrw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 627B82AF0; Sun, 23 Jan 2022 23:02:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 20NN2gnC018931; Sun, 23 Jan 2022 23:02:42 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 20NN2gib018930; Sun, 23 Jan 2022 23:02:42 GMT (envelope-from git) Date: Sun, 23 Jan 2022 23:02:42 GMT Message-Id: <202201232302.20NN2gib018930@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org From: Cy Schubert Subject: git: 06dbdc2155d4 - 2022Q1 - security/aide: Update to 0.17.4 List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: ports X-Git-Refname: refs/heads/2022Q1 X-Git-Reftype: branch X-Git-Commit: 06dbdc2155d4edbe853e16ee56b1dfaeea62404e Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642978962; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=GkJA2wmY6PBO+OKpbXEww4v0nnxeYZURbauTxLOa4yk=; b=t/5wF0lBTKXLIZCmcVkr1bxMhCDVj3BLB/hl6ah/R6Jr+rHJ6H1Jhx9DnCWJ/ZfBcfT2EL AebWn2tIY/pq8USSWNja4pzw3TT2JHkDNZXNAwV9rKSjl3tFLDHZS9hlUujEGu/37ku64h H29yJvQq5eFH8slGsdADaBUac5MtM3+U8CO0rCW4r3ipEAztP120lOHx6/5lRpw0PBF1y6 pbnGOWdK10Xp+IBg8z1h5RJGkVQLLDBcB8y/36fgRWXkc323UtxNlzFX5ApP/d0jJCEzd/ i8+NHLfJuE0M8r95PAcj+/mYulc0vPz1LWcjA6QnJoUdTaARwlIR37IXi5lNHg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1642978962; a=rsa-sha256; cv=none; b=Hmwms06T9VSSHSYc6yYJj0hsL8yCuPYmseQ7xkaDX2Q24YPMMFAb5Y5KUmX0LBEOykR+Ii gMAKYto19e0KCUM8AvPKgB1tOjGPaGlXf6eMsBvSrcQQXc7KqYACTlS3+Ls2hvY3fg7tZX hoWH/XD5uUFib5/4AM/6UjcINLDTfC2oHgHHupU7kmXU9qHFevxZ08dyo+AVwzRKU1M3Wy hRZyRboDPwqKWvro2EVqU1BoYXjRaWZhTpTzN03uydrH8gIkpVKtwGTY3ljEGsNl3dCXlr vMvEPKFP+FU7fQLm1ipCUisDHCo9GZit9Wyk54TcGtsO3Y0R55bXrVDcAIGSUQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch 2022Q1 has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=06dbdc2155d4edbe853e16ee56b1dfaeea62404e commit 06dbdc2155d4edbe853e16ee56b1dfaeea62404e Author: Cy Schubert AuthorDate: 2022-01-23 22:51:09 +0000 Commit: Cy Schubert CommitDate: 2022-01-23 23:02:38 +0000 security/aide: Update to 0.17.4 Update aide to 0.17.4, fixing CVE-2021-45417. PR: 261407 Reported by: Yonas Yanfa Security: CVE-2021-45417 (cherry picked from commit 8fbfc5f93128b55b1ca8748cde645fe443c31c10) --- security/aide/Makefile | 2 +- security/aide/distinfo | 6 +++--- security/aide/files/patch-doc_aide.1 | 14 -------------- security/aide/files/patch-include_util.h | 10 ++++++++++ security/aide/files/patch-src_commandconf.c | 13 +++++++++++++ 5 files changed, 27 insertions(+), 18 deletions(-) diff --git a/security/aide/Makefile b/security/aide/Makefile index 20a64c443422..fbf829de0469 100644 --- a/security/aide/Makefile +++ b/security/aide/Makefile @@ -1,7 +1,7 @@ # Created by: Cy Schubert (Cy.Schubert@uumail.gov.bc.ca) PORTNAME= aide -PORTVERSION= 0.16.1 +PORTVERSION= 0.17.4 CATEGORIES= security MASTER_SITES= https://github.com/aide/aide/releases/download/v${PORTVERSION}/ diff --git a/security/aide/distinfo b/security/aide/distinfo index 05b3dba1c573..73ae932bb832 100644 --- a/security/aide/distinfo +++ b/security/aide/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1555181364 -SHA256 (aide-0.16.1.tar.gz) = 0f2b7cecc70c1a27d35c06c98804fcdb9f326630de5d035afc447122186010b7 -SIZE (aide-0.16.1.tar.gz) = 391531 +TIMESTAMP = 1642975384 +SHA256 (aide-0.17.4.tar.gz) = c81505246f3ffc2e76036d43a77212ae82895b5881d9b9e25c1361b1a9b7a846 +SIZE (aide-0.17.4.tar.gz) = 331783 diff --git a/security/aide/files/patch-doc_aide.1 b/security/aide/files/patch-doc_aide.1 deleted file mode 100644 index 2dacc0a93438..000000000000 --- a/security/aide/files/patch-doc_aide.1 +++ /dev/null @@ -1,14 +0,0 @@ ---- doc/aide.1.orig 2016-07-25 14:09:52.000000000 -0700 -+++ doc/aide.1 2016-07-26 12:35:55.894637000 -0700 -@@ -103,9 +103,9 @@ - .SH FILES - .IP \fB${prefix}/etc/aide.conf\fR - Default aide configuration file. --.IP \fB${prefix}/etc/aide.db\fR -+.IP \fB/var/db/aide/aide.db\fR - Default aide database. --.IP \fB${prefix}/etc/aide.db.new\fR -+.IP \fB/var/db/aide/aide.db.new\fR - Default aide output database. - .SH SEE ALSO - .BR aide.conf (5) diff --git a/security/aide/files/patch-include_util.h b/security/aide/files/patch-include_util.h new file mode 100644 index 000000000000..100a2541214e --- /dev/null +++ b/security/aide/files/patch-include_util.h @@ -0,0 +1,10 @@ +--- include/util.h.orig 2022-01-19 12:03:06.000000000 -0800 ++++ include/util.h 2022-01-23 14:44:04.712694000 -0800 +@@ -24,6 +24,7 @@ + #include + #include + #include ++#include "config.h" + #include "url.h" + + #define HEXD2ASC(x) (((x) < 10) ? ((x) + '0') : ((x) - 10 + 'A')) diff --git a/security/aide/files/patch-src_commandconf.c b/security/aide/files/patch-src_commandconf.c new file mode 100644 index 000000000000..d9c980015ee2 --- /dev/null +++ b/security/aide/files/patch-src_commandconf.c @@ -0,0 +1,13 @@ +--- src/commandconf.c.orig 2022-01-19 12:03:06.000000000 -0800 ++++ src/commandconf.c 2022-01-23 14:49:37.915576000 -0800 +@@ -226,8 +226,8 @@ + c=fgetc(db->fp); + if(c==(unsigned char)'\213'){ + log_msg(LOG_LEVEL_DEBUG,"db_input_wrapper(): handle gzip header"); +- lseek(fileno(db->fp),0L,SEEK_SET); +- db->gzp=gzdopen(fileno(db->fp),"rb"); ++ lseek(fileno((FILE *)(db->fp)),0L,SEEK_SET); ++ db->gzp=gzdopen(fileno((FILE *)(db->fp)),"rb"); + c=gzgetc(db->gzp); + log_msg(LOG_LEVEL_DEBUG, "db_input_wrapper(): first character after gzip header is: %c(%#X)\n",c,c); + if(c==-1) {