aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKris Kennaway <kris@FreeBSD.org>2001-03-11 07:21:52 +0000
committerKris Kennaway <kris@FreeBSD.org>2001-03-11 07:21:52 +0000
commit48edf818ee73951838cfa770c4edd73f7b5fb730 (patch)
tree3be8df660aac559fbc1ef5cabdef4b6a2fabc49e
parent0a2d029273f16230cc104357c8ed2747b67b6ee5 (diff)
downloadports-48edf818ee73951838cfa770c4edd73f7b5fb730.tar.gz
ports-48edf818ee73951838cfa770c4edd73f7b5fb730.zip
Notes
-rw-r--r--audio/icecast/Makefile7
-rw-r--r--audio/icecast/files/patch-aa67
-rw-r--r--audio/icecast/pkg-install9
-rw-r--r--audio/icecast2/Makefile7
-rw-r--r--audio/icecast2/files/patch-aa67
-rw-r--r--audio/icecast2/pkg-install9
6 files changed, 164 insertions, 2 deletions
diff --git a/audio/icecast/Makefile b/audio/icecast/Makefile
index 3cf961e96b50..7b5be0cac13f 100644
--- a/audio/icecast/Makefile
+++ b/audio/icecast/Makefile
@@ -7,15 +7,20 @@
PORTNAME= icecast
PORTVERSION= 1.3.7
+PORTREVISION= 1
CATEGORIES= audio net
MASTER_SITES= http://www.icecast.org/releases/
-FORBIDDEN= "Remotely exploitable buffer overflow"
MAINTAINER= chip@eboai.org
HAS_CONFIGURE= yes
CONFIGURE_ARGS=--with-libwrap
+pre-fetch:
+.if !defined(BATCH) && !defined(PACKAGE_BUILDING)
+ ${SH} pkg-install
+.endif
+
do-install:
${INSTALL_PROGRAM} ${WRKSRC}/src/icecast ${PREFIX}/sbin
${MKDIR} ${PREFIX}/etc/icecast/conf
diff --git a/audio/icecast/files/patch-aa b/audio/icecast/files/patch-aa
new file mode 100644
index 000000000000..bd3c746dfc71
--- /dev/null
+++ b/audio/icecast/files/patch-aa
@@ -0,0 +1,67 @@
+--- src/http.c.orig Wed Jul 5 10:41:27 2000
++++ src/http.c Sat Mar 10 23:03:45 2001
+@@ -710,7 +710,7 @@
+ if (fd < 0)
+ sock_write (clicon->sock, "%s", out);
+ else
+- fd_write (fd, out);
++ fd_write (fd, "%s", out);
+
+ return 1;
+ } else {
+--- src/utility.c.orig Wed Jul 5 12:52:40 2000
++++ src/utility.c Sat Mar 10 23:01:37 2001
+@@ -162,7 +162,7 @@
+
+ if (!param) {
+ fd_write (info.statsfile,
+- buf);
++ "%s", buf);
+ flags2string (admin, NULL);
+ fd_write (info.statsfile, "\n");
+ } else {
+@@ -198,7 +198,7 @@
+ nice_time (get_time () - con->connect_time, timebuf), type);
+
+ if (!param)
+- fd_write (info.statsfile, buf);
++ fd_write (info.statsfile, "%s", buf);
+ else
+ sock_write (*sock, "%s", buf);
+ }
+@@ -223,7 +223,7 @@
+ source->num_clients);
+
+ if (!param)
+- fd_write (info.statsfile, buf);
++ fd_write (info.statsfile, "%s", buf);
+ else
+ sock_write (*sock, "%s", buf);
+ }
+@@ -257,7 +257,7 @@
+ }
+
+ if (!param)
+- fd_write (info.statsfile, buf);
++ fd_write (info.statsfile, "%s", buf);
+ else
+ sock_write (*sock, "%s", buf);
+
+@@ -267,7 +267,7 @@
+ source->audiocast.mount, source->audiocast.description, source->audiocast.public);
+
+ if (!param)
+- fd_write (info.statsfile, buf);
++ fd_write (info.statsfile, "%s", buf);
+ else
+ sock_write (*sock, "%s", buf);
+
+@@ -330,7 +330,7 @@
+ get_user_agent (con), client->type == listener_e ? "listener" : "relay");
+
+ if (!param)
+- fd_write(info.statsfile, buf);
++ fd_write(info.statsfile, "%s", buf);
+ else
+ sock_write (*sock, "%s", buf);
+ }
diff --git a/audio/icecast/pkg-install b/audio/icecast/pkg-install
new file mode 100644
index 000000000000..df572c129f2f
--- /dev/null
+++ b/audio/icecast/pkg-install
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+if [ "$2" = "POST-INSTALL" -o -n "${PACKAGE_BUILDING}" ]; then
+ exit 0
+fi
+
+/usr/bin/dialog --yesno "SECURITY NOTE: The icecast software suffered from numerous format string vulnerabilities, which allowed remote attackers to execute arbitrary code as the user running icecast. Most of these have been fixed in the FreeBSD port, but a comprehensive audit has not been conducted, and there are several remaining suspicious cases which need to be carefully checked. It is possible that further security vulnerabilities exist in this software. Do you wish to proceed with the installation of icecast anyway?" 12 70 || /usr/bin/false
+
+
diff --git a/audio/icecast2/Makefile b/audio/icecast2/Makefile
index 3cf961e96b50..7b5be0cac13f 100644
--- a/audio/icecast2/Makefile
+++ b/audio/icecast2/Makefile
@@ -7,15 +7,20 @@
PORTNAME= icecast
PORTVERSION= 1.3.7
+PORTREVISION= 1
CATEGORIES= audio net
MASTER_SITES= http://www.icecast.org/releases/
-FORBIDDEN= "Remotely exploitable buffer overflow"
MAINTAINER= chip@eboai.org
HAS_CONFIGURE= yes
CONFIGURE_ARGS=--with-libwrap
+pre-fetch:
+.if !defined(BATCH) && !defined(PACKAGE_BUILDING)
+ ${SH} pkg-install
+.endif
+
do-install:
${INSTALL_PROGRAM} ${WRKSRC}/src/icecast ${PREFIX}/sbin
${MKDIR} ${PREFIX}/etc/icecast/conf
diff --git a/audio/icecast2/files/patch-aa b/audio/icecast2/files/patch-aa
new file mode 100644
index 000000000000..bd3c746dfc71
--- /dev/null
+++ b/audio/icecast2/files/patch-aa
@@ -0,0 +1,67 @@
+--- src/http.c.orig Wed Jul 5 10:41:27 2000
++++ src/http.c Sat Mar 10 23:03:45 2001
+@@ -710,7 +710,7 @@
+ if (fd < 0)
+ sock_write (clicon->sock, "%s", out);
+ else
+- fd_write (fd, out);
++ fd_write (fd, "%s", out);
+
+ return 1;
+ } else {
+--- src/utility.c.orig Wed Jul 5 12:52:40 2000
++++ src/utility.c Sat Mar 10 23:01:37 2001
+@@ -162,7 +162,7 @@
+
+ if (!param) {
+ fd_write (info.statsfile,
+- buf);
++ "%s", buf);
+ flags2string (admin, NULL);
+ fd_write (info.statsfile, "\n");
+ } else {
+@@ -198,7 +198,7 @@
+ nice_time (get_time () - con->connect_time, timebuf), type);
+
+ if (!param)
+- fd_write (info.statsfile, buf);
++ fd_write (info.statsfile, "%s", buf);
+ else
+ sock_write (*sock, "%s", buf);
+ }
+@@ -223,7 +223,7 @@
+ source->num_clients);
+
+ if (!param)
+- fd_write (info.statsfile, buf);
++ fd_write (info.statsfile, "%s", buf);
+ else
+ sock_write (*sock, "%s", buf);
+ }
+@@ -257,7 +257,7 @@
+ }
+
+ if (!param)
+- fd_write (info.statsfile, buf);
++ fd_write (info.statsfile, "%s", buf);
+ else
+ sock_write (*sock, "%s", buf);
+
+@@ -267,7 +267,7 @@
+ source->audiocast.mount, source->audiocast.description, source->audiocast.public);
+
+ if (!param)
+- fd_write (info.statsfile, buf);
++ fd_write (info.statsfile, "%s", buf);
+ else
+ sock_write (*sock, "%s", buf);
+
+@@ -330,7 +330,7 @@
+ get_user_agent (con), client->type == listener_e ? "listener" : "relay");
+
+ if (!param)
+- fd_write(info.statsfile, buf);
++ fd_write(info.statsfile, "%s", buf);
+ else
+ sock_write (*sock, "%s", buf);
+ }
diff --git a/audio/icecast2/pkg-install b/audio/icecast2/pkg-install
new file mode 100644
index 000000000000..df572c129f2f
--- /dev/null
+++ b/audio/icecast2/pkg-install
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+if [ "$2" = "POST-INSTALL" -o -n "${PACKAGE_BUILDING}" ]; then
+ exit 0
+fi
+
+/usr/bin/dialog --yesno "SECURITY NOTE: The icecast software suffered from numerous format string vulnerabilities, which allowed remote attackers to execute arbitrary code as the user running icecast. Most of these have been fixed in the FreeBSD port, but a comprehensive audit has not been conducted, and there are several remaining suspicious cases which need to be carefully checked. It is possible that further security vulnerabilities exist in this software. Do you wish to proceed with the installation of icecast anyway?" 12 70 || /usr/bin/false
+
+