[arch-commits] CVS update of extra/network/denyhosts (PKGBUILD log-injection-fix.diff)
Simo Leone
simo at archlinux.org
Tue Feb 5 08:58:25 UTC 2008
Date: Tuesday, February 5, 2008 @ 03:58:25
Author: simo
Path: /home/cvs-extra/extra/network/denyhosts
Added: log-injection-fix.diff (1.1)
Modified: PKGBUILD (1.6 -> 1.7)
upgpkg: denyhosts 2.6-2
fix #9422 - log injection vuln
------------------------+
PKGBUILD | 20 +++++++++++++-------
log-injection-fix.diff | 11 +++++++++++
2 files changed, 24 insertions(+), 7 deletions(-)
Index: extra/network/denyhosts/PKGBUILD
diff -u extra/network/denyhosts/PKGBUILD:1.6 extra/network/denyhosts/PKGBUILD:1.7
--- extra/network/denyhosts/PKGBUILD:1.6 Tue Feb 13 19:30:43 2007
+++ extra/network/denyhosts/PKGBUILD Tue Feb 5 03:58:25 2008
@@ -1,26 +1,32 @@
-# $Id: PKGBUILD,v 1.6 2007/02/14 00:30:43 simo Exp $
+# $Id: PKGBUILD,v 1.7 2008/02/05 08:58:25 simo Exp $
# Contributor : phrakture < aaron m griffin :: gmail-com >
# Maintainer: simo <simo at archlinux.org>
pkgname=denyhosts
pkgver=2.6
-pkgrel=1
+pkgrel=2
pkgdesc="DenyHosts is a script to help thwart ssh server attacks"
-arch=(i686 x86_64)
+arch=('i686' 'x86_64')
url="http://denyhosts.sourceforge.net/"
-license="GPL"
+license=('GPL')
depends=('python')
backup=('etc/denyhosts/denyhosts.cfg')
source=(http://dl.sourceforge.net/sourceforge/$pkgname/DenyHosts-$pkgver.tar.gz \
denyhosts.cfg \
denyhosts \
- archify.diff)
-md5sums=('fc2365305a9402886a2b0173d1beb7df' '5352744bf34b29bfc95c54bfb14eb3e3'\
- '0f186257e2473b8710c9b9e9f601ff19' 'ab8b175618f76b53c9cc81355cad0f86')
+ archify.diff
+ log-injection-fix.diff)
+
+md5sums=('fc2365305a9402886a2b0173d1beb7df'
+ '5352744bf34b29bfc95c54bfb14eb3e3'
+ '0f186257e2473b8710c9b9e9f601ff19'
+ 'ab8b175618f76b53c9cc81355cad0f86'
+ 'a68b0405e2a10f20232193ced183c73b')
build()
{
cd $startdir/src/DenyHosts-$pkgver
patch -p1 < $startdir/src/archify.diff
+ patch -p1 < $startdir/src/log-injection-fix.diff
python setup.py install --root=$startdir/pkg
install -D -m644 $startdir/src/denyhosts.cfg $startdir/pkg/etc/denyhosts/denyhosts.cfg
install -D -m755 $startdir/src/denyhosts $startdir/pkg/etc/rc.d/denyhosts
Index: extra/network/denyhosts/log-injection-fix.diff
diff -u /dev/null extra/network/denyhosts/log-injection-fix.diff:1.1
--- /dev/null Tue Feb 5 03:58:25 2008
+++ extra/network/denyhosts/log-injection-fix.diff Tue Feb 5 03:58:25 2008
@@ -0,0 +1,11 @@
+--- DenyHosts-2.6/DenyHosts/regex-old.py 2008-01-29 03:07:51.000000000 +0100
++++ DenyHosts-2.6/DenyHosts/regex.py 2008-01-29 03:07:53.000000000 +0100
+@@ -17,7 +17,7 @@
+
+ FAILED_ENTRY_REGEX4 = re.compile(r"""Authentication failure for (?P<user>.*) .*from (?P<host>.*)""")
+
+-FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) .*from (?P<host>.*) not allowed because none of user's groups are listed in AllowGroups""")
++FAILED_ENTRY_REGEX5 = re.compile(r"""User (?P<user>.*) .*from (?P<host>.*) not allowed because none of user's groups are listed in AllowGroups$""")
+
+ FAILED_ENTRY_REGEX6 = re.compile(r"""Did not receive identification string .*from (::ffff:)?(?P<host>\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})""")
+
More information about the arch-commits
mailing list