[arch-commits] Commit in ppp/trunk (3 files)
Felix Yan
felixonmars at archlinux.org
Mon Jan 25 21:44:40 UTC 2021
Date: Monday, January 25, 2021 @ 21:44:39
Author: felixonmars
Revision: 406747
upgpkg: ppp 2.4.8-1
Modified:
ppp/trunk/PKGBUILD
ppp/trunk/ppp-2.4.6-makefiles.patch
Deleted:
ppp/trunk/CVE-2015-3310.patch
---------------------------+
CVE-2015-3310.patch | 18 ---------
PKGBUILD | 26 +++++---------
ppp-2.4.6-makefiles.patch | 80 ++------------------------------------------
3 files changed, 15 insertions(+), 109 deletions(-)
Deleted: CVE-2015-3310.patch
===================================================================
--- CVE-2015-3310.patch 2021-01-25 20:40:14 UTC (rev 406746)
+++ CVE-2015-3310.patch 2021-01-25 21:44:39 UTC (rev 406747)
@@ -1,18 +0,0 @@
-Fix buffer overflow in rc_mksid()
-
-rc_mksid converts the PID of pppd to hex to generate a pseudo-unique string.
-If the process id is bigger than 65535 (FFFF), its hex representation will be
-longer than 4 characters, resulting in a buffer overflow.
-
-The bug can be exploited to cause a remote DoS.
---- ppp-2.4.7/pppd/plugins/radius/util.c
-+++ ppp-2.4.7/pppd/plugins/radius/util.c
-@@ -77,7 +77,7 @@ rc_mksid (void)
- static unsigned short int cnt = 0;
- sprintf (buf, "%08lX%04X%02hX",
- (unsigned long int) time (NULL),
-- (unsigned int) getpid (),
-+ (unsigned int) getpid () & 0xFFFF,
- cnt & 0xFF);
- cnt++;
- return buf;
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2021-01-25 20:40:14 UTC (rev 406746)
+++ PKGBUILD 2021-01-25 21:44:39 UTC (rev 406747)
@@ -1,12 +1,14 @@
-# Maintainer: Thomas Baechler <thomas at archlinux.org>
+# Maintainer: Felix Yan <felixonmars at archlinux.org>
+# Contributor: Thomas Baechler <thomas at archlinux.org>
+
pkgname=ppp
-pkgver=2.4.7
-pkgrel=7
+pkgver=2.4.8
+pkgrel=1
pkgdesc="A daemon which implements the Point-to-Point Protocol for dial-up networking"
arch=(x86_64)
url="https://www.samba.org/ppp/"
license=('GPL' 'BSD')
-depends=('glibc' 'libpcap' 'openssl')
+depends=('glibc' 'libpcap' 'libxcrypt' 'openssl')
backup=(etc/ppp/{chap-secrets,pap-secrets,options,ip-up,ip-down,ip-down.d/00-dns.sh,ip-up.d/00-dns.sh,ipv6-up.d/00-iface-config.sh})
source=(https://download.samba.org/pub/ppp/ppp-$pkgver.tar.gz{,.asc}
ppp-2.4.6-makefiles.patch
@@ -19,14 +21,11 @@
ipv6-down
ipv6-up.d.iface-config.sh
ppp.systemd
- CVE-2015-3310.patch
CVE-2020-8597.patch
- ppp-build-fix.patch::"https://github.com/paulusmack/ppp/commit/50a2997b.patch"
- ppp-openssl.patch::https://github.com/paulusmack/ppp/commit/3c7b86229f7bd2600d74db14b1fe5b3896be3875.patch
LICENSE)
-sha512sums=('e34ce24020af6a73e7a26c83c4f73a9c83fa455b7b363794dba27bf01f70368be06bff779777843949bd77f4bc9385d6ad455ea48bf8fff4e0d73cc8fef16ae2'
+sha512sums=('580a5856333e1149a66cfb218f7fb5e698f0f0c11d492d5c87b760827e76b5ef1e2e461c95d1abb368b9c92499c366e7ddb31dd3029d5a9026c3ab10b50bdbb6'
'SKIP'
- 'd36a23470a2b6217555f367c989ce6fdc09c2627d1f03cf5a12e29de6c5421ef6a697d6399128008138d19beb4a2ae6316e2bf0b3eefe3f23635dbbda5a063be'
+ 'e319ae8842cf24bdaf3f9ffd9ffe792c18d6b115590174ea930b9a3518834d7f952e2dc4f6061406957d49d9c740f91bb3becfeb6f9c8feb77c2c66eb1e9c58e'
'86b13a9f02cc44c5ba16d404fdb54459fcda22fb5f4c4e12b2101e47e2650b62576d6315cd41f30f103ea61fb6f86b7aa2e7d40336f849f45061f7ad9c5119fe'
'bdaaac792dd448ff31da6da2749d8c2f9c4e0311b1d4639de7c68038fcaa333cc28e25f5a6308de0ecb24b60b2e7284a811482df990da5f54d5581a746964f3c'
'92f3a5e383f2c888938e891ba831042e7f8c026b0ddf5ce8c3523d06ac32fa81742e638a4c665975cbc79868b98806d92574ee2ee8e034e33b065a90ee3ab28b'
@@ -36,21 +35,16 @@
'1b8dc6300f746607c0cce835e69ed444f24ba81874ba061b2b0377f0b9c1cb41a383d6845b364dfabb249a461422972ba5010bacf55c5f85f5eb0d3c0f4c71cd'
'5b92a05bcf3ad4b7a88434546884e088069ce7c16a10c472589ca5ecc648f86ca02c2f608fb856ac6cb6ef14b508c2e0dec146c953128693bfb6c988f1963de8'
'b9978c4038fb764a1bbe9dea92850673e14978450c0dcd7a1b0b24c4ebd515fcc4c5cc82cd4b97d826d483261e96945208b9fe97d6fea09a7a5c7910541db24c'
- '68b5f9a1b6724b0d1164a9317920f1c0dfc7a61201233febf9bdde2b3f9779dc874703d5b8464160dccaef6d19107c2b0b9257b6e9b029c5b980585ab8c078cc'
'242915cfdeefd629287890876e233b83582b3e6094f0ad58c96027b4dc8275fa18809d68b4ff63e77ca444767ed2b4f376f5501ed4a9247a6bbb50970e9b342a'
- '3c17faf7e18f936115ea8669354859963f66e4247f02e282ee8e026942534a40511ed862fc43d9044dcf0b72d0fe03dc90ec02f7e09c804f9aecb39a9645435d'
- 'fc012971a062456fa4e253f5b4a5e2ce56ae1852293d0245ecfd165ba162fa76ec2c28e1035dd89de3e9d43941d528e2d95a40552eb8037a5ba084c1717c20d1'
'ab3acd0387a7966ac3d220f2b0b6880302f827125d978991f83dd3f1a30340c2a98ca5aedf0b81ec6a9e5eb49b0b0a0a5356419f3b8415c892c2df8b52d3994a')
-validpgpkeys=('631E179E370CD727A7F2A33A9E4295D605F66CE9') # Paul Mackerras (Signing key) <paulus at samba.org>
+validpgpkeys=('631E179E370CD727A7F2A33A9E4295D605F66CE9' # Paul Mackerras (Signing key) <paulus at samba.org>
+ 'DE8E01561D8276A4DBFAEFCC040F1D49EC9DBB8C') # Paul Mackerras <paulus at ozlabs.org>
prepare() {
cd $pkgname-$pkgver
patch -p1 -i "$srcdir"/ppp-2.4.6-makefiles.patch
- patch -p1 -i "$srcdir"/CVE-2015-3310.patch
patch -p1 -i "$srcdir"/CVE-2020-8597.patch
- patch -p1 -i "$srcdir"/ppp-build-fix.patch
- patch -p1 -i "$srcdir"/ppp-openssl.patch
# enable active filter
sed -i "s:^#FILTER=y:FILTER=y:" pppd/Makefile.linux
Modified: ppp-2.4.6-makefiles.patch
===================================================================
--- ppp-2.4.6-makefiles.patch 2021-01-25 20:40:14 UTC (rev 406746)
+++ ppp-2.4.6-makefiles.patch 2021-01-25 21:44:39 UTC (rev 406747)
@@ -86,8 +86,7 @@
-COPTS = -O2 -g
+COPTS = @CFLAGS@
CFLAGS = $(COPTS) -I.. -I../../include -fPIC
--LDFLAGS = -shared
-+LDFLAGS = @LDFLAGS@ -shared
+ LDFLAGS_SHARED = -shared
INSTALL = install
DESTDIR = $(INSTROOT)@DESTDIR@
@@ -104,20 +103,10 @@
-COPTS = -O2 -g
+COPTS = @CFLAGS@
CFLAGS = $(COPTS) -I../.. -I../../../include -fPIC
--LDFLAGS = -shared
-+LDFLAGS = @LDFLAGS@
+ LDFLAGS_SHARED = -shared
INSTALL = install
#***********************************************************************
-@@ -33,7 +33,7 @@
- all: $(PLUGIN)
-
- $(PLUGIN): $(PLUGIN_OBJS)
-- $(CC) $(CFLAGS) -o $@ -shared $^ $(LIBS)
-+ $(CC) $(CFLAGS) -o $@ $(LDFLAGS) -shared $^ $(LIBS)
-
- install: all
- $(INSTALL) -d -m 755 $(LIBDIR)
diff -Nur ppp-2.4.6.orig/pppd/plugins/pppol2tp/Makefile.linux ppp-2.4.6/pppd/plugins/pppol2tp/Makefile.linux
--- ppp-2.4.6.orig/pppd/plugins/pppol2tp/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
+++ ppp-2.4.6/pppd/plugins/pppol2tp/Makefile.linux 2014-02-24 09:01:06.325349425 +0100
@@ -126,8 +115,7 @@
-COPTS = -O2 -g
+COPTS = @CFLAGS@
CFLAGS = $(COPTS) -I. -I../.. -I../../../include -fPIC
--LDFLAGS = -shared
-+LDFLAGS = @LDFLAGS@
+ LDFLAGS_SHARED = -shared
INSTALL = install
#***********************************************************************
@@ -137,15 +125,6 @@
LIBDIR = $(DESTDIR)/lib/pppd/$(VERSION)
VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
-@@ -16,7 +16,7 @@
- all: $(PLUGINS)
-
- %.so: %.o
-- $(CC) $(CFLAGS) -o $@ -shared $^ $(LIBS)
-+ $(CC) $(CFLAGS) -o $@ $(LDFLAGS) -shared $^ $(LIBS)
-
- install: all
- $(INSTALL) -d -m 755 $(LIBDIR)
diff -Nur ppp-2.4.6.orig/pppd/plugins/radius/Makefile.linux ppp-2.4.6/pppd/plugins/radius/Makefile.linux
--- ppp-2.4.6.orig/pppd/plugins/radius/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
+++ ppp-2.4.6/pppd/plugins/radius/Makefile.linux 2014-02-24 09:00:16.809907637 +0100
@@ -159,23 +138,6 @@
# Uncomment the next line to include support for Microsoft's
# MS-CHAP authentication protocol.
-@@ -43,13 +44,13 @@
- $(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)
-
- radius.so: radius.o libradiusclient.a
-- $(CC) -o radius.so -shared radius.o libradiusclient.a
-+ $(CC) -o radius.so -shared $(LDFLAGS) radius.o libradiusclient.a
-
- radattr.so: radattr.o
-- $(CC) -o radattr.so -shared radattr.o
-+ $(CC) -o radattr.so -shared $(LDFLAGS) radattr.o
-
- radrealms.so: radrealms.o
-- $(CC) -o radrealms.so -shared radrealms.o
-+ $(CC) -o radrealms.so -shared $(LDFLAGS) radrealms.o
-
- CLIENTOBJS = avpair.o buildreq.o config.o dict.o ip_util.o \
- clientid.o sendserver.o lock.o util.o md5.o
diff -Nur ppp-2.4.6.orig/pppd/plugins/rp-pppoe/Makefile.linux ppp-2.4.6/pppd/plugins/rp-pppoe/Makefile.linux
--- ppp-2.4.6.orig/pppd/plugins/rp-pppoe/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
+++ ppp-2.4.6/pppd/plugins/rp-pppoe/Makefile.linux 2014-02-24 09:00:16.809907637 +0100
@@ -188,7 +150,7 @@
LIBDIR = $(DESTDIR)/lib/pppd/$(PPPDVERSION)
PPPDVERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../../patchlevel.h)
-@@ -25,12 +25,14 @@
+@@ -25,7 +25,9 @@
# Version is set ONLY IN THE MAKEFILE! Don't delete this!
RP_VERSION=3.8p
@@ -200,20 +162,6 @@
all: rp-pppoe.so pppoe-discovery
pppoe-discovery: pppoe-discovery.o debug.o
-- $(CC) -o pppoe-discovery pppoe-discovery.o debug.o
-+ $(CC) -o pppoe-discovery $(LDFLAGS) pppoe-discovery.o debug.o
-
- pppoe-discovery.o: pppoe-discovery.c
- $(CC) $(CFLAGS) -c -o pppoe-discovery.o pppoe-discovery.c
-@@ -39,7 +41,7 @@
- $(CC) $(CFLAGS) -c -o debug.o debug.c
-
- rp-pppoe.so: plugin.o discovery.o if.o common.o
-- $(CC) -o rp-pppoe.so -shared plugin.o discovery.o if.o common.o
-+ $(CC) -o rp-pppoe.so -shared $(LDFLAGS) plugin.o discovery.o if.o common.o
-
- install: all
- $(INSTALL) -d -m 755 $(LIBDIR)
diff -Nur ppp-2.4.6.orig/pppdump/Makefile.linux ppp-2.4.6/pppdump/Makefile.linux
--- ppp-2.4.6.orig/pppdump/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
+++ ppp-2.4.6/pppdump/Makefile.linux 2014-02-24 09:00:16.809907637 +0100
@@ -229,15 +177,6 @@
OBJS = pppdump.o bsd-comp.o deflate.o zlib.o
INSTALL= install
-@@ -10,7 +11,7 @@
- all: pppdump
-
- pppdump: $(OBJS)
-- $(CC) -o pppdump $(OBJS)
-+ $(CC) $(LDFLAGS) -o pppdump $(OBJS)
-
- clean:
- rm -f pppdump $(OBJS) *~
diff -Nur ppp-2.4.6.orig/pppstats/Makefile.linux ppp-2.4.6/pppstats/Makefile.linux
--- ppp-2.4.6.orig/pppstats/Makefile.linux 2014-01-02 05:42:08.000000000 +0100
+++ ppp-2.4.6/pppstats/Makefile.linux 2014-02-24 09:00:16.809907637 +0100
@@ -258,13 +197,4 @@
+LDFLAGS = @LDFLAGS@
COMPILE_FLAGS = -I../include
LIBS =
-
-@@ -26,7 +27,7 @@
- $(INSTALL) -c -m 444 pppstats.8 $(MANDIR)
-
- pppstats: $(PPPSTATSRCS)
-- $(CC) $(CFLAGS) -o pppstats pppstats.c $(LIBS)
-+ $(CC) $(CFLAGS) $(LDFLAGS) -o pppstats pppstats.c $(LIBS)
-
- clean:
- rm -f pppstats *~ #* core
+
\ No newline at end of file
More information about the arch-commits
mailing list