diff options
author | Aaron Walker <ka0ttic@gentoo.org> | 2005-05-18 15:30:42 +0000 |
---|---|---|
committer | Aaron Walker <ka0ttic@gentoo.org> | 2005-05-18 15:30:42 +0000 |
commit | 7c36ff0351ce6eaf5177f744302eb806f8136c19 (patch) | |
tree | e5dbd9ac62f6622af62eeb550df7e8c1275dff7e /net-analyzer/net-snmp/files | |
parent | Quick mxml dep update. (diff) | |
download | gentoo-2-7c36ff0351ce6eaf5177f744302eb806f8136c19.tar.gz gentoo-2-7c36ff0351ce6eaf5177f744302eb806f8136c19.tar.bz2 gentoo-2-7c36ff0351ce6eaf5177f744302eb806f8136c19.zip |
Revision bump; added patch to fix fixproc insecure tmpfile handling, sec bug 91792.
Diffstat (limited to 'net-analyzer/net-snmp/files')
-rw-r--r-- | net-analyzer/net-snmp/files/digest-net-snmp-5.2.1-r1 | 1 | ||||
-rw-r--r-- | net-analyzer/net-snmp/files/net-snmp-5.2.1-fix-insecure-fixproc.diff | 52 |
2 files changed, 53 insertions, 0 deletions
diff --git a/net-analyzer/net-snmp/files/digest-net-snmp-5.2.1-r1 b/net-analyzer/net-snmp/files/digest-net-snmp-5.2.1-r1 new file mode 100644 index 000000000000..ea1106d64bfd --- /dev/null +++ b/net-analyzer/net-snmp/files/digest-net-snmp-5.2.1-r1 @@ -0,0 +1 @@ +MD5 4c38451b1f5914789da370b79dc06124 net-snmp-5.2.1.tar.gz 3971320 diff --git a/net-analyzer/net-snmp/files/net-snmp-5.2.1-fix-insecure-fixproc.diff b/net-analyzer/net-snmp/files/net-snmp-5.2.1-fix-insecure-fixproc.diff new file mode 100644 index 000000000000..cad67929e5be --- /dev/null +++ b/net-analyzer/net-snmp/files/net-snmp-5.2.1-fix-insecure-fixproc.diff @@ -0,0 +1,52 @@ +--- local/fixproc.orig 2005-05-18 09:57:16.000000000 -0400 ++++ local/fixproc 2005-05-18 11:00:38.000000000 -0400 +@@ -129,6 +129,9 @@ + # + # Timothy Kong 3/1995 + ++require File::Temp; ++use File::Temp(); ++ + $database_file = '/local/etc/fixproc.conf'; + + $debug = 0; # specify debug level using -dN +@@ -196,7 +199,6 @@ + printf (stderr "create_sh_script\n") if ($debug > 0); + + $! = $fixproc_error; +- open (file, ">"."$file") || die "$0: cannot open $file\n"; + while ( $shell_lines[$i] ne $shell_end_marker ) + { + printf (file "%s", $shell_lines[$i]); +@@ -231,13 +233,13 @@ + { + # it must be "shell", so execute the shell script defined in database + +- local ($tmpfile) = "/tmp/fix_$$"; ++ local ($tmpfile) = new File::Temp(TEMPLATE => 'fix_XXXXX', ++ DIR => '/tmp'); + + &create_sh_script ($fix{$proc}, $tmpfile); + + # return code is number divided by 256 + $error_code = (system "$tmpfile") / 256; +- system "rm $tmpfile"; + return ($fix_failed_error) if ($error_code != 0); + # sleep needed here? + return &do_exist ($proc); +@@ -262,13 +264,13 @@ + # if not "exist", then it must be "shell", so execute the shell script + # defined in database + +- local ($tmpfile) = "/tmp/check_$$"; ++ local ($tmpfile) = new File::Temp(TEMPLATE => 'check_XXXXXX', ++ DIR => '/tmp'); + + &create_sh_script ($check{$proc}, $tmpfile); + + # return code is number divided by 256 + $error_code = (system "$tmpfile") / 256; +- system "rm $tmpfile"; + return ($check_failed_error) if ($error_code != 0); + + # check passed, continue |