diff options
| author |   Alin Năstac <mrness@gentoo.org> | 2008-09-07 09:54:29 +0000 |
|---|---|---|
| committer | Alin Năstac <mrness@gentoo.org> | 2008-09-07 09:54:29 +0000 |
| commit | ad3783bd24f62899b602b0026ad1dc272b09a1ec (patch) | |
| tree | d11adbd2d7dcd32b9716ab397fa8b556e709fb9c /net-dialup | |
| parent | Version bump (diff) | |
| download | gentoo-2-ad3783bd24f62899b602b0026ad1dc272b09a1ec.tar.gz gentoo-2-ad3783bd24f62899b602b0026ad1dc272b09a1ec.tar.bz2 gentoo-2-ad3783bd24f62899b602b0026ad1dc272b09a1ec.zip | |
Fix insecure temporary file usage (#235806).
(Portage version: 2.1.4.4)
Diffstat (limited to 'net-dialup')
| -rw-r--r-- | net-dialup/mgetty/ChangeLog | 8 | ||||
| -rw-r--r-- | net-dialup/mgetty/files/mgetty-1.1.36-tmpfile.patch | 32 | ||||
| -rw-r--r-- | net-dialup/mgetty/mgetty-1.1.36-r2.ebuild | 156 |
3 files changed, 195 insertions, 1 deletions
diff --git a/net-dialup/mgetty/ChangeLog b/net-dialup/mgetty/ChangeLog index 087a7e54afad..cf456f0607cc 100644 --- a/net-dialup/mgetty/ChangeLog +++ b/net-dialup/mgetty/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-dialup/mgetty # Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-dialup/mgetty/ChangeLog,v 1.88 2008/08/23 03:08:01 cardoe Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-dialup/mgetty/ChangeLog,v 1.89 2008/09/07 09:54:28 mrness Exp $ + +*mgetty-1.1.36-r2 (07 Sep 2008) + + 07 Sep 2008; Alin Năstac <mrness@gentoo.org> + +files/mgetty-1.1.36-tmpfile.patch, +mgetty-1.1.36-r2.ebuild: + Fix insecure temporary file usage (#235806). 23 Aug 2008; Doug Goldstein <cardoe@gentoo.org> metadata.xml: add GLEP 56 USE flag desc from use.local.desc diff --git a/net-dialup/mgetty/files/mgetty-1.1.36-tmpfile.patch b/net-dialup/mgetty/files/mgetty-1.1.36-tmpfile.patch new file mode 100644 index 000000000000..e8f5c7e245f9 --- /dev/null +++ b/net-dialup/mgetty/files/mgetty-1.1.36-tmpfile.patch @@ -0,0 +1,32 @@ +diff -Nru mgetty-1.1.36.orig/fax/faxspool.in mgetty-1.1.36/fax/faxspool.in +--- mgetty-1.1.36.orig/fax/faxspool.in 2008-08-31 13:06:48.000000000 +0000 ++++ mgetty-1.1.36/fax/faxspool.in 2008-09-07 09:44:01.000000000 +0000 +@@ -675,9 +675,7 @@ + if [ x$file = x- ] + then + $echo "spooling $file (stdin)..." +- trap "rm /tmp/faxsp.$$" 0 +- cat - >/tmp/faxsp.$$ +- file=/tmp/faxsp.$$ ++ file=$spooldir/faxsp + else + $echo "spooling $file..." + fi +@@ -924,7 +922,7 @@ + then + $echo "\nnothing to do (no cover page, no data)." >&2 + cd $FAX_SPOOL_OUT +- rmdir $spooldir ++ rm -rf $spooldir + exit 52 + fi + +@@ -965,7 +963,7 @@ + # clean up + rm $job.q + cd .. +-rmdir $spooldir ++rm -rf $spooldir + + if [ -z "`find $LAST_RUN -ctime -1 -print 2>/dev/null`" ] + then diff --git a/net-dialup/mgetty/mgetty-1.1.36-r2.ebuild b/net-dialup/mgetty/mgetty-1.1.36-r2.ebuild new file mode 100644 index 000000000000..cb4a5257c436 --- /dev/null +++ b/net-dialup/mgetty/mgetty-1.1.36-r2.ebuild @@ -0,0 +1,156 @@ +# Copyright 1999-2008 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-dialup/mgetty/mgetty-1.1.36-r2.ebuild,v 1.1 2008/09/07 09:54:28 mrness Exp $ + +inherit toolchain-funcs flag-o-matic eutils + +DESCRIPTION="fax and voice modem programs" +SRC_URI="ftp://mgetty.greenie.net/pub/mgetty/source/1.1/${PN}${PV}-Jun15.tar.gz" +HOMEPAGE="http://mgetty.greenie.net/" + +DEPEND="doc? ( virtual/latex-base virtual/texi2dvi ) + >=sys-apps/sed-4 + sys-apps/gawk + sys-apps/groff + dev-lang/perl + sys-apps/texinfo + fax? ( !net-misc/hylafax )" +RDEPEND="${DEPEND} + fax? ( media-libs/netpbm virtual/ghostscript )" + +SLOT="0" +LICENSE="GPL-2" +KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86" +IUSE="doc fax fidonet" + +pkg_setup() { + enewgroup fax + enewuser fax -1 -1 /dev/null fax +} + +src_unpack() { + unpack ${A} + + cd "${S}" + epatch "${FILESDIR}/${P}-gentoo.patch" + epatch "${FILESDIR}/${P}-qa-fixes.patch" + epatch "${FILESDIR}/${P}-callback.patch" # add callback install to Makefile + epatch "${FILESDIR}/Lucent.c.patch" # Lucent modem CallerID patch - bug #80366 + use fax || epatch "${FILESDIR}/${P}-nofax.patch" # don't install fax related files - bug #195467 + epatch "${FILESDIR}/${P}-tmpfile.patch" # fix security bug 235806 + + sed -e 's:var/log/mgetty:var/log/mgetty/mgetty:' \ + -e 's:var/log/sendfax:var/log/mgetty/sendfax:' \ + -e 's:\/\* \(\#define CNDFILE "dialin.config"\) \*\/:\1:' \ + -e 's:\(\#define FAX_NOTIFY_PROGRAM\).*:\1 "/etc/mgetty+sendfax/new_fax":' \ + "${S}/policy.h-dist" > "${S}/policy.h" + + sed -i -e 's:/usr/local/lib/mgetty+sendfax:/etc/mgetty+sendfax:' faxrunq.config + sed -i -e 's:/usr/local/bin/g3cat:/usr/bin/g3cat:' faxrunq.config fax/faxspool.rules + + sed -e "/^doc-all:/s/mgetty.asc mgetty.info mgetty.dvi mgetty.ps/mgetty.info/" \ + -i "${S}/doc/Makefile" + if use doc; then + sed -e "s/^doc-all:/doc-all: mgetty.ps/" \ + -i "${S}/doc/Makefile" + fi +} + +src_compile() { + use fidonet && append-flags "-DFIDO" + append-flags "-DAUTO_PPP" + + # parallel make fix later - 'sedscript' issue + VARTEXFONTS="${T}"/fonts make prefix=/usr \ + CC="$(tc-getCC)" \ + CONFDIR=/etc/mgetty+sendfax \ + CFLAGS="${CFLAGS}" \ + LDFLAGS="${LDFLAGS}" \ + all vgetty || die "make failed." +} + +src_install () { + dodir /var/spool + keepdir /var/log/mgetty + dodir /usr/share/info + + make prefix="${D}/usr" \ + INFODIR="${D}/usr/share/info" \ + CONFDIR="${D}/etc/mgetty+sendfax" \ + MAN1DIR="${D}/usr/share/man/man1" \ + MAN4DIR="${D}/usr/share/man/man4" \ + MAN5DIR="${D}/usr/share/man/man5" \ + MAN8DIR="${D}/usr/share/man/man8" \ + SBINDIR="${D}/usr/sbin" \ + BINDIR="${D}/usr/bin" \ + VOICE_DIR="${D}/var/spool/voice" \ + PHONE_GROUP=fax \ + PHONE_PERMS=755 \ + spool="${D}/var/spool" \ + install vgetty-install install-callback || die "make install failed." + + #Install mgetty into /sbin (#119078) + dodir /sbin && \ + mv "${D}"/usr/sbin/mgetty "${D}"/sbin && \ + dosym /sbin/mgetty /usr/sbin/mgetty || die "failed to install /sbin/mgetty" + #Don't install ct (#106337) + rm "${D}"/usr/bin/ct || die "failed to remove useless ct program" + + cd "${S}" + dodoc BUGS ChangeLog README.1st Recommend THANKS TODO \ + doc/*.txt doc/modems.db || die "dodoc failed." + doinfo doc/mgetty.info || die "doinfo failed." + + docinto vgetty + dodoc voice/{Readme,Announce,ChangeLog,Credits} || die "vgetty voice failed." + + if use doc; then + dodoc doc/mgetty.ps || die "mgetty.ps failed" + fi + + docinto vgetty/doc + dodoc voice/doc/* + + if use fax; then + mv samples/new_fax.all samples_new_fax.all || die "move failed." + docinto samples + dodoc samples/* + + docinto samples/new_fax + dodoc samples_new_fax.all/* + fi + + if ! use fax; then + insinto /usr/share/${PN}/frontends + doins -r frontends/{voice,network} + else + insinto /usr/share/${PN} + doins -r frontends + fi + insinto /usr/share/${PN} + doins -r patches + insinto /usr/share/${PN}/voice + doins -r voice/{contrib,Perl,scripts} + + diropts -m 0750 -o fax -g fax + dodir /var/spool/voice + keepdir /var/spool/voice/incoming + keepdir /var/spool/voice/messages + if use fax; then + dodir /var/spool/fax + dodir /var/spool/fax/outgoing + keepdir /var/spool/fax/outgoing/locks + keepdir /var/spool/fax/incoming + fi +} + +pkg_postinst() { + elog "Users who wish to use the fax or voicemail capabilities must be members" + elog "of the group fax in order to access files" + elog + elog "If you want to grab voice messages from a remote location, you must save" + elog "the password in /var/spool/voice/.code file" + echo + ewarn "/var/spool/voice/.code and /var/spool/voice/messages/Index" + ewarn "are not longer created by this automatically!" +} |