projects / buildroot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d1058c2)
sysklogd: security bump to version 1.5.1
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Wed, 8 Oct 2014 13:19:49 +0000 (10:19 -0300)
committerPeter Korsgaard <peter@korsgaard.com>
Wed, 8 Oct 2014 17:33:02 +0000 (19:33 +0200)
Fixes CVE-2014-3634 - invalid priority values between 192 and 1023
(directly or arrived at via overflow wraparound) can propagate through
code causing out-of-bounds access to the f_pmask array within the
'filed' structure by up to 104 bytes past its end.

Switch to vanilla since Debian hasn't handled this yet and add hash
file.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/sysklogd/Config.in patch | blob | history
package/sysklogd/sysklogd.hash [new file with mode: 0644] patch | blob
package/sysklogd/sysklogd.mk patch | blob | history

diff --git a/package/sysklogd/Config.in b/package/sysklogd/Config.in
index 6339d762e5a2fcdfda7c71885326f37384a4d82e..4a0ac135313bc52448d961af6537eb6729af6fa9 100644 (file)
--- a/package/sysklogd/Config.in
+++ b/package/sysklogd/Config.in
@@ -5,7 +5,7 @@ config BR2_PACKAGE_SYSKLOGD
        help
          System log daemons syslogd and klogd.
 
-         http://www.infodrom.org/products/sysklogd/
+         http://www.infodrom.org/projects/sysklogd/
 
 comment "syslogd needs a toolchain w/ largefile"
        depends on !BR2_LARGEFILE
diff --git a/package/sysklogd/sysklogd.hash b/package/sysklogd/sysklogd.hash
new file mode 100644 (file)
index 0000000..dd5b89a
--- /dev/null
+++ b/package/sysklogd/sysklogd.hash
@@ -0,0 +1,2 @@
+# Locally calculated from download (no sig, hash)
+sha256 5166c185ae23c92e8b9feee66a6e3d0bc944bf673112f53e3ecf62e08ce7c201        sysklogd-1.5.1.tar.gz
diff --git a/package/sysklogd/sysklogd.mk b/package/sysklogd/sysklogd.mk
index 37293dafcf865cda74c0c10fd620fd9ff7a160e5..efc5a4d7da44d56b7d8201da91dd3925c9fb75c1 100644 (file)
--- a/package/sysklogd/sysklogd.mk
+++ b/package/sysklogd/sysklogd.mk
@@ -4,10 +4,8 @@
 #
 ################################################################################
 
-SYSKLOGD_VERSION = 1.5
-SYSKLOGD_SOURCE = sysklogd_$(SYSKLOGD_VERSION).orig.tar.gz
-SYSKLOGD_PATCH = sysklogd_$(SYSKLOGD_VERSION)-6.diff.gz
-SYSKLOGD_SITE = $(BR2_DEBIAN_MIRROR)/debian/pool/main/s/sysklogd
+SYSKLOGD_VERSION = 1.5.1
+SYSKLOGD_SITE = http://www.infodrom.org/projects/sysklogd/download
 SYSKLOGD_LICENSE = GPLv2+
 SYSKLOGD_LICENSE_FILES = COPYING
 
@@ -16,14 +14,6 @@ ifeq ($(BR2_PACKAGE_BUSYBOX),y)
 SYSKLOGD_DEPENDENCIES = busybox
 endif
 
-define SYSKLOGD_DEBIAN_PATCHES
-       if [ -d $(@D)/debian/patches ]; then \
-               support/scripts/apply-patches.sh $(@D) $(@D)/debian/patches \*.patch; \
-       fi
-endef
-
-SYSKLOGD_POST_PATCH_HOOKS = SYSKLOGD_DEBIAN_PATCHES
-
 define SYSKLOGD_BUILD_CMDS
        $(MAKE) $(TARGET_CONFIGURE_OPTS) -C $(@D)
 endef