From owner-freebsd-ports-bugs@FreeBSD.ORG Mon Feb 20 14:20:15 2006 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 28ECF16A422 for ; Mon, 20 Feb 2006 14:20:15 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0163B43D49 for ; Mon, 20 Feb 2006 14:20:13 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k1KEKDCq098669 for ; Mon, 20 Feb 2006 14:20:13 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k1KEKDa4098668; Mon, 20 Feb 2006 14:20:13 GMT (envelope-from gnats) Resent-Date: Mon, 20 Feb 2006 14:20:13 GMT Resent-Message-Id: <200602201420.k1KEKDa4098668@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Hirohisa Yamaguchi Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5F1C316A420 for ; Mon, 20 Feb 2006 14:13:19 +0000 (GMT) (envelope-from umq@ueo.co.jp) Received: from mvs2.plala.or.jp (c158130.vh.plala.or.jp [210.150.158.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 87A7F43D48 for ; Mon, 20 Feb 2006 14:13:17 +0000 (GMT) (envelope-from umq@ueo.co.jp) Received: from eupheme.kaumoge.org ([58.95.93.247]) by mvs2.plala.or.jp with ESMTP id <20060220141316.HXVW16182.mvs2.plala.or.jp@eupheme.kaumoge.org> for ; Mon, 20 Feb 2006 23:13:16 +0900 Received: from calliope.kaumoge.org (calliope.kaumoge.org [192.168.233.120]) by eupheme.kaumoge.org (8.12.11/8.12.11/20030713) with ESMTP id k1KEDbAJ097549 for ; Mon, 20 Feb 2006 23:13:38 +0900 (JST) (envelope-from umq@ueo.co.jp) Message-Id: <863bie5dac.wl%umq@ueo.co.jp> Date: Mon, 20 Feb 2006 23:13:15 +0900 From: Hirohisa Yamaguchi To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/93594: [update] shells/rssh update to 2.3.2 fixes root compromise bug X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Hirohisa Yamaguchi List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Feb 2006 14:20:15 -0000 >Number: 93594 >Category: ports >Synopsis: [update] shells/rssh update to 2.3.2 fixes root compromise bug >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Mon Feb 20 14:20:13 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Hirohisa Yamaguchi >Release: FreeBSD 7.0-CURRENT amd64 >Organization: >Environment: System: FreeBSD calliope.****.org 7.0-CURRENT FreeBSD 7.0-CURRENT #0: Thu Jan 26 11:28:00 JST 2006 root@calliope.****.org:/usr/obj/usr/src/sys/CALLIOPE64 amd64 >Description: The root compromise bug in rssh, reported as CVE-2005-3345, has been fixed in the new version 2.3.2. Please remove FORBIDDEN tag. CVE-2005-3345: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3345 Release News: http://www.pizzashack.org/rssh/index.shtml >How-To-Repeat: >Fix: the patch follows diff -rpu ports/orig/shells/rssh/Makefile ports/shells/rssh/Makefile --- ports/orig/shells/rssh/Makefile Fri Feb 17 00:10:24 2006 +++ ports/shells/rssh/Makefile Mon Feb 20 23:02:31 2006 @@ -6,15 +6,13 @@ # PORTNAME= rssh -PORTVERSION= 2.2.3 +PORTVERSION= 2.3.2 CATEGORIES= shells security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= ${PORTNAME} MAINTAINER= enigmatyc@laposte.net COMMENT= A Restricted Secure SHell only for sftp or/and scp - -FORBIDDEN= http://vuxml.FreeBSD.org/e34d0c2e-9efb-11da-b410-000e0c2e438a.html GNU_CONFIGURE= yes USE_REINPLACE= yes diff -rpu ports/orig/shells/rssh/distinfo ports/shells/rssh/distinfo --- ports/orig/shells/rssh/distinfo Tue Jan 24 10:04:18 2006 +++ ports/shells/rssh/distinfo Mon Feb 20 22:54:30 2006 @@ -1,3 +1,3 @@ -MD5 (rssh-2.2.3.tar.gz) = 74f40a4fd5d2b097af34a817e21a33cf -SHA256 (rssh-2.2.3.tar.gz) = 2a6bd0924cbd691c90ac3f6d4504cf184b381688c52fbe6efe3f0bdea39a1e1e -SIZE (rssh-2.2.3.tar.gz) = 107216 +MD5 (rssh-2.3.2.tar.gz) = 65712f2c06ff5fc6fc783bc8c2e4e1ba +SHA256 (rssh-2.3.2.tar.gz) = 8569a07dd96c8f70d0310186b37bbb2e8e591807ac1d1bd0990c02bfd467ba57 +SIZE (rssh-2.3.2.tar.gz) = 113959 >Release-Note: >Audit-Trail: >Unformatted: