diff options
| author |   Rajiv Aaron Manglani <rajiv@gentoo.org> | 2009-07-27 00:45:06 +0000 |
|---|---|---|
| committer | Rajiv Aaron Manglani <rajiv@gentoo.org> | 2009-07-27 00:45:06 +0000 |
| commit | 6a4c9604d2dbbc5c5931d2c1ba74a5839f4e7d99 (patch) | |
| tree | 02dca81ebdf69390b52d530b3efae4a85094d105 /net-misc | |
| parent | Version bump. (diff) | |
| download | gentoo-2-6a4c9604d2dbbc5c5931d2c1ba74a5839f4e7d99.tar.gz gentoo-2-6a4c9604d2dbbc5c5931d2c1ba74a5839f4e7d99.tar.bz2 gentoo-2-6a4c9604d2dbbc5c5931d2c1ba74a5839f4e7d99.zip | |
security bug #251324.
(Portage version: 2.1.6.13/cvs/Linux i686)
Diffstat (limited to 'net-misc')
| -rw-r--r-- | net-misc/zaptel/ChangeLog | 11 | ||||
| -rw-r--r-- | net-misc/zaptel/files/zaptel-1.2.27-CVE-2008-5396.patch | 64 | ||||
| -rw-r--r-- | net-misc/zaptel/zaptel-1.2.27-r1.ebuild (renamed from net-misc/zaptel/zaptel-1.2.27.ebuild) | 3 |
3 files changed, 75 insertions, 3 deletions
diff --git a/net-misc/zaptel/ChangeLog b/net-misc/zaptel/ChangeLog index 99c1cf9570f6..54def75b65f2 100644 --- a/net-misc/zaptel/ChangeLog +++ b/net-misc/zaptel/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for net-misc/zaptel -# Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/zaptel/ChangeLog,v 1.115 2009/04/06 14:59:26 chainsaw Exp $ +# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/net-misc/zaptel/ChangeLog,v 1.116 2009/07/27 00:45:06 rajiv Exp $ + +*zaptel-1.2.27-r1 (26 Jul 2009) + + 26 Jul 2009; Rajiv Aaron Manglani <rajiv@gentoo.org> + -zaptel-1.2.27.ebuild, +zaptel-1.2.27-r1.ebuild, + +files/zaptel-1.2.27-CVE-2008-5396.patch: + security bug #251324. 06 Apr 2009; <chainsaw@gentoo.org> +files/zaptel-1.2.27-hrtimer.patch, zaptel-1.2.18.ebuild, zaptel-1.2.18-r1.ebuild, zaptel-1.2.27.ebuild: diff --git a/net-misc/zaptel/files/zaptel-1.2.27-CVE-2008-5396.patch b/net-misc/zaptel/files/zaptel-1.2.27-CVE-2008-5396.patch new file mode 100644 index 000000000000..6c26d8aa84b0 --- /dev/null +++ b/net-misc/zaptel/files/zaptel-1.2.27-CVE-2008-5396.patch @@ -0,0 +1,64 @@ +svn diff -c 4587 http://svn.digium.com/svn/zaptel/branches/1.2/ +see https://issues.asterisk.org/view.php?id=13954 +Index: wcte11xp.c +=================================================================== +--- wcte11xp.c (revision 4586) ++++ wcte11xp.c (revision 4587) +@@ -932,7 +932,7 @@ + span->txlevel = lc->lbo; + span->rxlevel = 0; + /* Do we want to SYNC on receive or not */ +- wc->sync = lc->sync; ++ wc->sync = (lc->sync) ? 1 : 0; + /* If already running, apply changes immediately */ + if (span->flags & ZT_FLAG_RUNNING) + return t1xxp_startup(span); +Index: tor2.c +=================================================================== +--- tor2.c (revision 4586) ++++ tor2.c (revision 4587) +@@ -203,6 +203,13 @@ + + if (debug) + printk("Tor2: Configuring span %d\n", span->spanno); ++ ++ if ((lc->sync < 0) || (lc->sync >= SPANS_PER_CARD)) { ++ printk(KERN_WARNING "%s %d: invalid span timing value %d.\n", ++ THIS_MODULE->name, span->spanno, lc->sync); ++ return -EINVAL; ++ } ++ + /* XXX We assume lineconfig is okay and shouldn't XXX */ + span->lineconfig = lc->lineconfig; + span->txlevel = lc->lbo; +Index: torisa.c +=================================================================== +--- torisa.c (revision 4586) ++++ torisa.c (revision 4587) +@@ -602,6 +602,13 @@ + { + if (debug) + printk("TorISA: Configuring span %d\n", span->spanno); ++ ++ if ((lc->sync < 0) || (lc->sync >= 2)) { ++ printk(KERN_WARNING "%s %d: invalid span timing value %d.\n", ++ THIS_MODULE->name, span->spanno, lc->sync); ++ return -EINVAL; ++ } ++ + /* XXX We assume lineconfig is okay and shouldn't XXX */ + span->lineconfig = lc->lineconfig; + span->txlevel = lc->lbo; +Index: wct1xxp.c +=================================================================== +--- wct1xxp.c (revision 4586) ++++ wct1xxp.c (revision 4587) +@@ -738,7 +738,7 @@ + span->txlevel = lc->lbo; + span->rxlevel = 0; + /* Do we want to SYNC on receive or not */ +- wc->sync = lc->sync; ++ wc->sync = (lc->sync) ? 1 : 0; + /* If already running, apply changes immediately */ + if (span->flags & ZT_FLAG_RUNNING) + return t1xxp_startup(span); diff --git a/net-misc/zaptel/zaptel-1.2.27.ebuild b/net-misc/zaptel/zaptel-1.2.27-r1.ebuild index 95eb33e4879e..9479345cbe15 100644 --- a/net-misc/zaptel/zaptel-1.2.27.ebuild +++ b/net-misc/zaptel/zaptel-1.2.27-r1.ebuild @@ -1,6 +1,6 @@ # Copyright 1999-2009 Gentoo Foundation # Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/zaptel/zaptel-1.2.27.ebuild,v 1.3 2009/04/06 14:59:26 chainsaw Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/zaptel/zaptel-1.2.27-r1.ebuild,v 1.1 2009/07/27 00:45:06 rajiv Exp $ inherit toolchain-funcs eutils linux-mod flag-o-matic multilib @@ -176,6 +176,7 @@ src_unpack() { epatch "${FILESDIR}"/zaptel-1.2.27-kernel.patch epatch "${FILESDIR}"/zaptel-1.2.27-semaphore.patch epatch "${FILESDIR}"/zaptel-1.2.27-hrtimer.patch + epatch "${FILESDIR}"/zaptel-1.2.27-CVE-2008-5396.patch # try to apply bristuff patch if use bri; then |