Security: Fix a double-fclose vulnerability in the dataconn function (CVE-2007-6263, #199206)

Package-Manager: portage-2.1.3.19
author: Robert Buchholz <rbu@gentoo.org> 2008-01-10 23:51:09 +0000
committer: Robert Buchholz <rbu@gentoo.org> 2008-01-10 23:51:09 +0000
commit: 778e5af14013ce973d8db208e21a1f2e59073d05 (patch)
tree: 49c7877a1793a794322d95e4cc91f246b3726acc /net-ftp
parent: Remove old. (diff)
download: historical-778e5af14013ce973d8db208e21a1f2e59073d05.tar.gz
historical-778e5af14013ce973d8db208e21a1f2e59073d05.tar.bz2
historical-778e5af14013ce973d8db208e21a1f2e59073d05.zip
6 files changed, 67 insertions, 29 deletions
diff --git a/net-ftp/ftp/Manifest b/net-ftp/ftp/Manifest
index 7f65862d6701..eb021b89968b 100644
--- a/net-ftp/ftp/Manifest
+++ b/net-ftp/ftp/Manifest
@@ -30,6 +30,10 @@ AUX netkit-ftp-0.17-segv.patch 2009 RMD160 b99e1ec94ca194ec0b6f85abf477fbef70ed6
 MD5 d632888a47c713e0ee59c4677338ca57 files/netkit-ftp-0.17-segv.patch 2009
 RMD160 b99e1ec94ca194ec0b6f85abf477fbef70ed6d1e files/netkit-ftp-0.17-segv.patch 2009
 SHA256 5a5dfb273a24a95757205562925430e84995e30e0bd48a38148dbf8c91a532e1 files/netkit-ftp-0.17-segv.patch 2009
+AUX netkit-ftp-0.17-sigseg.patch 457 RMD160 339df1461663465326799be5b76ed6efc90c6ae5 SHA1 98bf87ad4a9dc9543664e976c63da38db5ef04a2 SHA256 f8ece2c062220c72c2c2b0740bbf8291f211ab9e7c6cd839319b6373febc15a0
+MD5 0f95e21918640d0ded34767fceccea8a files/netkit-ftp-0.17-sigseg.patch 457
+RMD160 339df1461663465326799be5b76ed6efc90c6ae5 files/netkit-ftp-0.17-sigseg.patch 457
+SHA256 f8ece2c062220c72c2c2b0740bbf8291f211ab9e7c6cd839319b6373febc15a0 files/netkit-ftp-0.17-sigseg.patch 457
 AUX netkit-ftp-0.17-ssl-0.2.patch 29503 RMD160 53ca3a2cad782693d752550b2d8968a34d0ca695 SHA1 98774a2a6a34d6dd62e34ea9b5f471489adc52bc SHA256 7cd2f0c1f15d466ad6e382fe1c47b3b7d16186a3e57ef3bbb299351d0e7fba2f
 MD5 09690f6257abf7efa064aec59226e016 files/netkit-ftp-0.17-ssl-0.2.patch 29503
 RMD160 53ca3a2cad782693d752550b2d8968a34d0ca695 files/netkit-ftp-0.17-ssl-0.2.patch 29503
@@ -39,10 +43,14 @@ EBUILD ftp-0.17-r6.ebuild 1540 RMD160 15c4dbdf7515fac59d671a6bc0e03ee8d1662d07 S
 MD5 f575917c2d3103fe0cd22c5ccdc33433 ftp-0.17-r6.ebuild 1540
 RMD160 15c4dbdf7515fac59d671a6bc0e03ee8d1662d07 ftp-0.17-r6.ebuild 1540
 SHA256 f59c39e9d6c14dd3e52423299a2c676e86f44833758b4d84946934b73b5f7c3d ftp-0.17-r6.ebuild 1540
-MISC ChangeLog 4324 RMD160 5ccb579483a2858c1710a1d8b2f8ce5e0e6156f5 SHA1 6f8e06905e34675d654ad86c15e54e57c89e5b32 SHA256 c283e6a0dba8350835c3308de1bdf15f1be87bcc3f3fe74b9fabaf6e79434480
-MD5 f6afec0a2d784261d4cd71eccb7adb5f ChangeLog 4324
-RMD160 5ccb579483a2858c1710a1d8b2f8ce5e0e6156f5 ChangeLog 4324
-SHA256 c283e6a0dba8350835c3308de1bdf15f1be87bcc3f3fe74b9fabaf6e79434480 ChangeLog 4324
+EBUILD ftp-0.17-r7.ebuild 1608 RMD160 e866b6a1a6b07d9d8fdb3965bdef74c47c92af63 SHA1 0844eedefec233fec91270875fe4c15f450c01db SHA256 bec02137d270242fcd9c50d4478954109d7969702f822dc719972d7eba5b1d33
+MD5 4b45cd0e62736c0214fb34f42929556d ftp-0.17-r7.ebuild 1608
+RMD160 e866b6a1a6b07d9d8fdb3965bdef74c47c92af63 ftp-0.17-r7.ebuild 1608
+SHA256 bec02137d270242fcd9c50d4478954109d7969702f822dc719972d7eba5b1d33 ftp-0.17-r7.ebuild 1608
+MISC ChangeLog 4559 RMD160 24c2fdff9b05f52496d68841e9d2a7b4a3ce9c44 SHA1 e3032ddcb3d90f7d0a14974848f61c84a6e3f66c SHA256 600eece2dcb7709ca20b46401c99a28fbe1c4fdcc21bbf6e4c177716a78c3a99
+MD5 d576e10f2f0244a089c60ce483c3a938 ChangeLog 4559
+RMD160 24c2fdff9b05f52496d68841e9d2a7b4a3ce9c44 ChangeLog 4559
+SHA256 600eece2dcb7709ca20b46401c99a28fbe1c4fdcc21bbf6e4c177716a78c3a99 ChangeLog 4559
 MISC metadata.xml 164 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 SHA1 9c213f5803676c56439df3716be07d6692588856 SHA256 f5f2891f2a4791cd31350bb2bb572131ad7235cd0eeb124c9912c187ac10ce92
 MD5 9a09f8d531c582e78977dbfd96edc1f2 metadata.xml 164
 RMD160 f43cbec30b7074319087c9acffdb9354b17b0db3 metadata.xml 164
@@ -50,3 +58,6 @@ SHA256 f5f2891f2a4791cd31350bb2bb572131ad7235cd0eeb124c9912c187ac10ce92 metadata
 MD5 f4890e205b373ba7a958cd9009a5dacd files/digest-ftp-0.17-r6 244
 RMD160 045b1cdad471c04351e504a7985b110d1e12dd42 files/digest-ftp-0.17-r6 244
 SHA256 a2b846dda96021b74d8946cb5f0b4a22216d5f6a8fd5b39949deb7e643a1b260 files/digest-ftp-0.17-r6 244
+MD5 f4890e205b373ba7a958cd9009a5dacd files/digest-ftp-0.17-r7 244
+RMD160 045b1cdad471c04351e504a7985b110d1e12dd42 files/digest-ftp-0.17-r7 244
+SHA256 a2b846dda96021b74d8946cb5f0b4a22216d5f6a8fd5b39949deb7e643a1b260 files/digest-ftp-0.17-r7 244
diff --git a/net-ftp/netkit-ftpd/ChangeLog b/net-ftp/netkit-ftpd/ChangeLog
index 5133c26f65cb..a564bfe43997 100644
--- a/net-ftp/netkit-ftpd/ChangeLog
+++ b/net-ftp/netkit-ftpd/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for net-ftp/netkit-ftpd
-# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/netkit-ftpd/ChangeLog,v 1.8 2007/12/30 20:38:31 ulm Exp $
+# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/netkit-ftpd/ChangeLog,v 1.9 2008/01/10 23:51:08 rbu Exp $
+
+*netkit-ftpd-0.17-r7 (10 Jan 2008)
+
+  10 Jan 2008; Robert Buchholz <rbu@gentoo.org>
+  +files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch,
+  -netkit-ftpd-0.17-r6.ebuild, +netkit-ftpd-0.17-r7.ebuild:
+  Security: Fix a double-fclose vulnerability in the dataconn function
+  (CVE-2007-6263, #199206)
 
 *netkit-ftpd-0.17-r6 (30 Dec 2007)
 
diff --git a/net-ftp/netkit-ftpd/Manifest b/net-ftp/netkit-ftpd/Manifest
index ef28ca4522ad..361ee83357bf 100644
--- a/net-ftp/netkit-ftpd/Manifest
+++ b/net-ftp/netkit-ftpd/Manifest
@@ -1,6 +1,3 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
 AUX ftp.xinetd 318 RMD160 fbb913e2ec08c7cbd08b1a520ca8893c21919cf3 SHA1 90b9af1d19230098a45d2995d5271d5343be0a16 SHA256 e55e99f3b978648f9e126f31caae7b7ab870e310dd29dc2120723bae9addd24f
 MD5 4a89aeceac5dd0b32bfa42c3103714ff files/ftp.xinetd 318
 RMD160 fbb913e2ec08c7cbd08b1a520ca8893c21919cf3 files/ftp.xinetd 318
@@ -17,6 +14,10 @@ AUX netkit-ftpd-0.17-cleanup.patch 186 RMD160 4e9690b7d03cd49783bc8f2f1ca0c021ed
 MD5 c4967c150312787be69aaea3127feb88 files/netkit-ftpd-0.17-cleanup.patch 186
 RMD160 4e9690b7d03cd49783bc8f2f1ca0c021eddce117 files/netkit-ftpd-0.17-cleanup.patch 186
 SHA256 5eb8134a8be569f1fc448bb781193f1820bddd36e735b1d164de2dfd4071a12f files/netkit-ftpd-0.17-cleanup.patch 186
+AUX netkit-ftpd-0.17-fclose-CVE-2007-6263.patch 658 RMD160 eaad780f4978e9f1bffde66a5b06226cc045daae SHA1 4a05d978f1c1c3c855c83b0adf0e85df7dbe122b SHA256 aa233506a3322bd9363aca4423b1bbb18ad618f2d722edae614b47640f42bb65
+MD5 558c647338ad82eb337e531331f43b1b files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch 658
+RMD160 eaad780f4978e9f1bffde66a5b06226cc045daae files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch 658
+SHA256 aa233506a3322bd9363aca4423b1bbb18ad618f2d722edae614b47640f42bb65 files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch 658
 AUX netkit-ftpd-0.17-gcc41.patch 770 RMD160 d9c69b0b8d1ded60b399ec36e0f975f8e14e57af SHA1 87db2260da0d0ae00d558de586853794b27c168e SHA256 d5ebda1221b9dbce3ba7ddccae846da65a0c7c5e544a0a8625d93396a3a1ea50
 MD5 7e94d8f9f93abba34bff5b358dead289 files/netkit-ftpd-0.17-gcc41.patch 770
 RMD160 d9c69b0b8d1ded60b399ec36e0f975f8e14e57af files/netkit-ftpd-0.17-gcc41.patch 770
@@ -39,14 +40,14 @@ EBUILD netkit-ftpd-0.17-r5.ebuild 1571 RMD160 ac26540f7510735ed9dc04b3e45147b8a8
 MD5 75a29a8ad0cbb178eb680557bbdc4f39 netkit-ftpd-0.17-r5.ebuild 1571
 RMD160 ac26540f7510735ed9dc04b3e45147b8a80133b0 netkit-ftpd-0.17-r5.ebuild 1571
 SHA256 39d9b1cc5633a9a35117bc567e23380e14070783838ca6fc78961dcd391b22a1 netkit-ftpd-0.17-r5.ebuild 1571
-EBUILD netkit-ftpd-0.17-r6.ebuild 1550 RMD160 7c9572e28712de00a1a96c940c931ab38b9c1a56 SHA1 a4744ba251e74d2b0066db5c9f993452a694fd7e SHA256 0aaac24001710a395e905bd9f4f6959a8c30f9705a7e0426a2f261d3f4d5c1e1
-MD5 388b99a2f8a286f4112ef853d1e3e67c netkit-ftpd-0.17-r6.ebuild 1550
-RMD160 7c9572e28712de00a1a96c940c931ab38b9c1a56 netkit-ftpd-0.17-r6.ebuild 1550
-SHA256 0aaac24001710a395e905bd9f4f6959a8c30f9705a7e0426a2f261d3f4d5c1e1 netkit-ftpd-0.17-r6.ebuild 1550
-MISC ChangeLog 5605 RMD160 f2889d37713af6629b54e43167ca82ef2a2258f5 SHA1 5d01387eab0b9b56d8f1199c10b9d2610e37307a SHA256 687cfe05fb2259c6d2fb72f7e4645085a6a28eaeabd5a0b64f1d6ec14cccc1e8
-MD5 14d179e87b017860a2a82ad2f403294a ChangeLog 5605
-RMD160 f2889d37713af6629b54e43167ca82ef2a2258f5 ChangeLog 5605
-SHA256 687cfe05fb2259c6d2fb72f7e4645085a6a28eaeabd5a0b64f1d6ec14cccc1e8 ChangeLog 5605
+EBUILD netkit-ftpd-0.17-r7.ebuild 1612 RMD160 68a1d34ca2d510d1c76eb2649784daf1d78c44f3 SHA1 de0000492f99e61373a14cd0ccf96603afbbe8c8 SHA256 2db58a085c5267c56e9bb34c2a0a74a731ca5de676aa583e947c11a54d6a3803
+MD5 a3c4c576523fe9cae1dc13ac1f1a5075 netkit-ftpd-0.17-r7.ebuild 1612
+RMD160 68a1d34ca2d510d1c76eb2649784daf1d78c44f3 netkit-ftpd-0.17-r7.ebuild 1612
+SHA256 2db58a085c5267c56e9bb34c2a0a74a731ca5de676aa583e947c11a54d6a3803 netkit-ftpd-0.17-r7.ebuild 1612
+MISC ChangeLog 5902 RMD160 fb34681075c1ba46d66f9e5d466551c017c8ff26 SHA1 5c1adec75a614e33d3f96df0751397e6e6e69e63 SHA256 b86a7bd33a5a439f3090d9f379b2111c286586a0eac2c104d65bfd49e26c3db1
+MD5 c52325765a46ab77cc144669c1766d4d ChangeLog 5902
+RMD160 fb34681075c1ba46d66f9e5d466551c017c8ff26 ChangeLog 5902
+SHA256 b86a7bd33a5a439f3090d9f379b2111c286586a0eac2c104d65bfd49e26c3db1 ChangeLog 5902
 MISC metadata.xml 165 RMD160 1c3eeab5c3fc7c211e19ce70d30db054b3448591 SHA1 e5bc9fac08f72762fdc827e1b520ed403667be37 SHA256 0879c713d0d1ea2f39c1088bf4717b1328b4ab06d6f5dd6968c5559750422ae6
 MD5 2fde084ac8d62be622a13e156d25f684 metadata.xml 165
 RMD160 1c3eeab5c3fc7c211e19ce70d30db054b3448591 metadata.xml 165
@@ -57,13 +58,6 @@ SHA256 193c18b7c4e2467ed5453bee8fc5e2b66ab314c429cc4a2daf79fbe652de26ba files/di
 MD5 a5158bf958d1411f9daefa3a43b7f12e files/digest-netkit-ftpd-0.17-r5 497
 RMD160 db856b5782788330427703698f410c205225d8e2 files/digest-netkit-ftpd-0.17-r5 497
 SHA256 193c18b7c4e2467ed5453bee8fc5e2b66ab314c429cc4a2daf79fbe652de26ba files/digest-netkit-ftpd-0.17-r5 497
-MD5 a5158bf958d1411f9daefa3a43b7f12e files/digest-netkit-ftpd-0.17-r6 497
-RMD160 db856b5782788330427703698f410c205225d8e2 files/digest-netkit-ftpd-0.17-r6 497
-SHA256 193c18b7c4e2467ed5453bee8fc5e2b66ab314c429cc4a2daf79fbe652de26ba files/digest-netkit-ftpd-0.17-r6 497
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.8 (GNU/Linux)
-
-iEYEARECAAYFAkd4Ad4ACgkQOeoy/oIi7uyqUwCfY0+jy9edcHUfODqIvGBwnLId
-Jl8AoOsNLrYW6XmgkVh9D0bnoekgvRow
-=OfQY
------END PGP SIGNATURE-----
+MD5 a5158bf958d1411f9daefa3a43b7f12e files/digest-netkit-ftpd-0.17-r7 497
+RMD160 db856b5782788330427703698f410c205225d8e2 files/digest-netkit-ftpd-0.17-r7 497
+SHA256 193c18b7c4e2467ed5453bee8fc5e2b66ab314c429cc4a2daf79fbe652de26ba files/digest-netkit-ftpd-0.17-r7 497
diff --git a/net-ftp/netkit-ftpd/files/digest-netkit-ftpd-0.17-r6 b/net-ftp/netkit-ftpd/files/digest-netkit-ftpd-0.17-r7
index 9c0de1ba222e..9c0de1ba222e 100644
--- a/net-ftp/netkit-ftpd/files/digest-netkit-ftpd-0.17-r6
+++ b/net-ftp/netkit-ftpd/files/digest-netkit-ftpd-0.17-r7
diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch
new file mode 100644
index 000000000000..5da61aee7343
--- /dev/null
+++ b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-fclose-CVE-2007-6263.patch
@@ -0,0 +1,24 @@
+diff -u linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c
+--- linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c
++++ linux-ftpd-ssl-0.17.18+0.3/ftpd/ftpd.c
+@@ -1729,7 +1729,7 @@
+ static FILE * dataconn(const char *name, off_t size, const char *mode, int stou)
+ {
+ 	char sizebuf[32];
+-	FILE *file;
++	FILE *file = NULL;
+ 	int retry = 0, tos;
+ 
+ 	file_size = size;
+@@ -1822,7 +1822,10 @@
+ 				    ERR_error_string(ERR_get_error(),NULL));
+ 			perror_reply(425, errbuf);
+ 			/* abort time methinks ... */
+-			fclose(file);
++			if(file != NULL){
++				fclose(file);
++				file = NULL;
++			}
+ 			return NULL;
+ 		    } else {
+ 			if (ssl_debug_flag) {
diff --git a/net-ftp/netkit-ftpd/netkit-ftpd-0.17-r6.ebuild b/net-ftp/netkit-ftpd/netkit-ftpd-0.17-r7.ebuild
index 068bc031ddba..3d754854d2d2 100644
--- a/net-ftp/netkit-ftpd/netkit-ftpd-0.17-r6.ebuild
+++ b/net-ftp/netkit-ftpd/netkit-ftpd-0.17-r7.ebuild
@@ -1,6 +1,6 @@
-# Copyright 1999-2007 Gentoo Foundation
+# Copyright 1999-2008 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/netkit-ftpd/netkit-ftpd-0.17-r6.ebuild,v 1.1 2007/12/30 20:38:31 ulm Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/netkit-ftpd/netkit-ftpd-0.17-r7.ebuild,v 1.1 2008/01/10 23:51:08 rbu Exp $
 
 inherit eutils ssl-cert
 
@@ -30,6 +30,7 @@ src_unpack() {
 	epatch "${FILESDIR}"/${P}-shadowfix.patch
 	epatch "${FILESDIR}"/${P}-gcc41.patch
 	epatch "${FILESDIR}"/${P}-setguid.patch
+	epatch "${FILESDIR}"/${P}-fclose-CVE-2007-6263.patch #199206
 }
 
 src_compile() {
author	Robert Buchholz <rbu@gentoo.org>	2008-01-10 23:51:09 +0000
committer	Robert Buchholz <rbu@gentoo.org>	2008-01-10 23:51:09 +0000
commit	778e5af14013ce973d8db208e21a1f2e59073d05 (patch)
tree	49c7877a1793a794322d95e4cc91f246b3726acc /net-ftp
parent	Remove old. (diff)
download	historical-778e5af14013ce973d8db208e21a1f2e59073d05.tar.gz historical-778e5af14013ce973d8db208e21a1f2e59073d05.tar.bz2 historical-778e5af14013ce973d8db208e21a1f2e59073d05.zip