diff options
author | 2012-06-02 18:04:48 +0000 | |
---|---|---|
committer | 2012-06-02 18:04:48 +0000 | |
commit | edb727e36c8aab7c39658e6ed4c0da56b5181f71 (patch) | |
tree | bdb4033b587eb5faa7443d3a3dec706646112416 /sys-power | |
parent | Version bump (diff) | |
download | historical-edb727e36c8aab7c39658e6ed4c0da56b5181f71.tar.gz historical-edb727e36c8aab7c39658e6ed4c0da56b5181f71.tar.bz2 historical-edb727e36c8aab7c39658e6ed4c0da56b5181f71.zip |
Version bump (bug 406099, thanks Matthew Stapleton and Guillaume Castagnino). Include ubuntus CVE-2012-2944.patch to fix bug 419377.
Package-Manager: portage-2.1.10.63/cvs/Linux x86_64
Diffstat (limited to 'sys-power')
-rw-r--r-- | sys-power/nut/ChangeLog | 9 | ||||
-rw-r--r-- | sys-power/nut/Manifest | 25 | ||||
-rw-r--r-- | sys-power/nut/files/nut-2.6.3-CVE-2012-2944.patch | 21 | ||||
-rw-r--r-- | sys-power/nut/nut-2.6.3.ebuild | 221 |
4 files changed, 259 insertions, 17 deletions
diff --git a/sys-power/nut/ChangeLog b/sys-power/nut/ChangeLog index 7c61ef37e668..cd094df67bda 100644 --- a/sys-power/nut/ChangeLog +++ b/sys-power/nut/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for sys-power/nut # Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-power/nut/ChangeLog,v 1.97 2012/05/24 05:46:03 vapier Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-power/nut/ChangeLog,v 1.98 2012/06/02 18:04:48 xmw Exp $ + +*nut-2.6.3 (02 Jun 2012) + + 02 Jun 2012; Michael Weber <xmw@gentoo.org> +nut-2.6.3.ebuild, + +files/nut-2.6.3-CVE-2012-2944.patch: + Version bump (bug 406099, thanks Matthew Stapleton and Guillaume Castagnino). + Include ubuntus CVE-2012-2944.patch to fix bug 419377. 24 May 2012; Mike Frysinger <vapier@gentoo.org> nut-2.6.0-r1.ebuild, nut-2.6.2.ebuild: diff --git a/sys-power/nut/Manifest b/sys-power/nut/Manifest index e1bddc150c73..f8d5de18100f 100644 --- a/sys-power/nut/Manifest +++ b/sys-power/nut/Manifest @@ -1,5 +1,5 @@ -----BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 +Hash: SHA256 AUX lighttpd_nut.conf-2.2.0 971 RMD160 745f65fac2b33e0f2baef7213c2d745c4ebb3dd5 SHA1 62f0bc9d331728023382befb3fc395dc71db032d SHA256 f0b1b3e574766557dbf92704eb4cf81b166bb4db68ddecee581cb8b0b6638f65 AUX nut-2.2.2-init.d-upsd 790 RMD160 10e977b7dc2593ddef022397d2e0d8d69d899c38 SHA1 f6a7ebc55107e85c997b8c726488c44cb82430ab SHA256 81b0b82850d528d682544b452599159510dd93ba43e2c6133d0c9aab0b4c0210 @@ -8,27 +8,20 @@ AUX nut-2.2.2-init.d-upsmon 675 RMD160 bb8d89daeaf0f4ee7debf05756162a9c14663878 AUX nut-2.4.1-no-libdummy.patch 791 RMD160 2a8ed4c000b3bd2a271e1e169486a0cd1cbdb809 SHA1 a48e71e06bb590cb296b7deead51b7b31420d68b SHA256 c9cf34980e79a4b9f07c338d10bc4ef4e90608ee7543cbc483898ee4f3f4f2a4 AUX nut-2.4.3-lowspeed-buffer-size.patch 725 RMD160 ac7a5dbe8e65dc7fe1376eb8c695a66c260be68c SHA1 d71e49841f023812bf3c5934b65dad016aaa97ef SHA256 74ed963e039413472907ebdbba07dd59ebf8e721214f32ce0fabe169597dc9b7 AUX nut-2.6.2-lowspeed-buffer-size.patch 534 RMD160 f9b61a7bd309d2516729cd060a39dc227893be7e SHA1 af3b47519f338a5d7a95e9d81ca932023d4ed490 SHA256 77bc0f996d2eb9c3d7d0cf68f5053108df54a6ce6baf2d7b3edfd1f2cfafd41b +AUX nut-2.6.3-CVE-2012-2944.patch 736 RMD160 89d87f054401be18f2bcb654f000433378e17a64 SHA1 1e8f107a58d694feb355a17fc24a56a6b8a0e17d SHA256 47101a0827cd3cb0eb119a79d58c26b2f065af2f44eaeae5139a85ef8cc83993 AUX nut.powerfail.initd 1395 RMD160 46b06189163777fc7f944efe8647b11df90f01db SHA1 a0f776ed02cf733dcdc566e58e63ccfe88352d37 SHA256 3ef933724169dbe08645fed19674a1576ced5f54a88985b5b32baf2a9c178ae7 DIST nut-2.6.0.tar.gz 1703273 RMD160 d42ef82eec3ee40fa841d92bf400c7f76eb9cdfe SHA1 4ab7b220f50a088a65e59831c217a7be714a198c SHA256 febaa230b6b5f0ad27d780851047527d36c8c7a34e557b3832d6d55174d7a0d5 DIST nut-2.6.2.tar.gz 1897691 RMD160 68acb21b0671d753fb0c5d5cc3d5c86376f36fed SHA1 f6ebf1a1835b1ad5a0e5de498451d22e48479943 SHA256 343554add0713348f8b09bca8d83eee2eb2ae8bad9cdad9a39e0f0e2d0f5d375 +DIST nut-2.6.3.tar.gz 1952115 RMD160 c9067d68b3fb3347fa058933af0cd9a327a2083f SHA1 d97aea279bea65714a0c492d13fb6b2d4b5b43df SHA256 34913b729d2032faaf6f31e800a400bcd874f1f4daacae6fe0d388bd235b633a EBUILD nut-2.6.0-r1.ebuild 6863 RMD160 403f9864401e43fec3820c379a02871815009e0f SHA1 bfc6d493e172f2b0a850b5629360e44569a8b88f SHA256 18089a0b398ee35e7c4f8bd85cd5b235fd1e797e20146776cbdeb774f087a0eb EBUILD nut-2.6.2.ebuild 6866 RMD160 c522d1f7026c9ccdc60e01d7dcf2c4a4e9a231d7 SHA1 2c4a04319082d16ecc12f889468d2cf8ea431e32 SHA256 63dcc77625439577ac8a48fde290db2a175bc834791fc36361c1dd6958143032 -MISC ChangeLog 21233 RMD160 e154691cf6404c8293dbd5d2b716376283455851 SHA1 f0b222a550951a8ba6eeda37cdbcf475a4e2f79f SHA256 74cd5076cb1a3acda17db0dcba8c3a84edb892ab31f1367c3fa34505fc205965 +EBUILD nut-2.6.3.ebuild 6971 RMD160 e42390b72546597c85baaf9f6b1b2151affc8610 SHA1 32277bf5816d3097fe3c90e531738110f2bb795d SHA256 25a8a34da536d387973d9302006083a5d9e4ebb32069e96ac26c39ed44c55936 +MISC ChangeLog 21499 RMD160 7ff81271dd7d0dbde92371f51aa8ce2a0ce409ca SHA1 01055aeba330bcaf62cbcc0f4d7c4f4af0498b4e SHA256 103c963fc8822b6c3291ab8ccc15be32da27b83c231b90cc25bc209612b1b68b MISC metadata.xml 242 RMD160 a29da25198f8b2a4ab073a371a3562c331c1fe56 SHA1 45059b47e69d8b5313ccfede532e6729fb6d428a SHA256 e82b2cc8fc830e2925c899d4b88c444b0b52e2de9f1bc28d5e08b545a195854f -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.19 (GNU/Linux) +Version: GnuPG v2.0.17 (GNU/Linux) -iQIcBAEBAgAGBQJPvctvAAoJELEHsLL7fEFW66kQAMJ8fbtV3ygDMB4IA6kwBwZq -mcvR62SS+WnTmaoGpVYUDf8LquXkdtFH4rJ4lPPMAtrYlDV5lVFL5hgpZARm4nML -IkWqmCFKrwfQsZaTB3j1ii0e3oIxCTBqML7UJl/FqMGEiLiPE/LnLkxtrhmIMht/ -eIt9NSXsE1u5htkFVkLn5ABLqa98pEdhk1U7ky/hTYfsNrSVyn4jFgj12mcNZ2rz -yugm/ik4Kvyq2vLDJ2axBtT5GgD8Y/5EJsPhOsancPwSPNC/xkyX3Tlx6kB1E1Zx -IZtw8t4iDnQshU4kga7Kkofh2XPRgIDcc9V4gTgEl0SHMi2p74FcKYEFaB0YMSXj -mMelrZs1L6HO6OK5k4VSDKHPnt5HuWzPRRSOkgHhvb/P6Z89azzbINDIrS1uA7Hx -eCK/Xny8RWaI/dIPjNWgfXBf6TdHLSTS3Mnzy6xS3XzpjjaxVUTQ+rU9uPVAVOSr -Xm5STz1jiXw8rL/PGiT5eE7HJIxG/xZnYXtGON3Qe21z1m82UYo7eR4vyOtV1qdN -ziqZLZn7DXMcuCm8O5lJfxtBywNzX2cBVyVaTmExpEX+JeLj91idnVbJsDCp1FkB -y0RVOO6A9SFFbWH40wKrP8fnSl5YOJ0fJsTjiNzugz3ow8GsYPu5RXrOcC27/mNT -8cUEX16UQOdCeWWz9q66 -=q/YY +iF4EAREIAAYFAk/KVakACgkQknrdDGLu8JDtMwD7BMj6VXLSZcrkMheMYSRupqNm +RN07dHLRJnxZ2/qOawsA+gN7H5Qw1DUyoczJl/2AG8DFkoD2Nl/cr2zv4VGNyMrO +=StqI -----END PGP SIGNATURE----- diff --git a/sys-power/nut/files/nut-2.6.3-CVE-2012-2944.patch b/sys-power/nut/files/nut-2.6.3-CVE-2012-2944.patch new file mode 100644 index 000000000000..9debd3b9da3f --- /dev/null +++ b/sys-power/nut/files/nut-2.6.3-CVE-2012-2944.patch @@ -0,0 +1,21 @@ +Origin: http://trac.networkupstools.org/projects/nut/changeset/3633 +Description: Fix CVE-2012-2944: upsd can be remotely crashed + +Index: nut-2.6.3/common/parseconf.c +=================================================================== +--- nut-2.6.3.orig/common/parseconf.c 2011-10-04 02:06:25.000000000 -0500 ++++ nut-2.6.3/common/parseconf.c 2012-05-30 13:29:41.000000000 -0500 +@@ -171,6 +171,13 @@ + + wbuflen = strlen(ctx->wordbuf); + ++ /* CVE-2012-2944: only allow the subset Ascii charset from Space to ~ */ ++ if ((ctx->ch < 0x20) || (ctx->ch > 0x7f)) { ++ fprintf(stderr, "addchar: discarding invalid character (0x%02x)!\n", ++ ctx->ch); ++ return; ++ } ++ + if (ctx->wordlen_limit != 0) { + if (wbuflen >= ctx->wordlen_limit) { + diff --git a/sys-power/nut/nut-2.6.3.ebuild b/sys-power/nut/nut-2.6.3.ebuild new file mode 100644 index 000000000000..e2ca69500a99 --- /dev/null +++ b/sys-power/nut/nut-2.6.3.ebuild @@ -0,0 +1,221 @@ +# Copyright 1999-2012 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-power/nut/nut-2.6.3.ebuild,v 1.1 2012/06/02 18:04:48 xmw Exp $ + +EAPI=2 +inherit autotools bash-completion eutils fixheadtails multilib user + +MY_P=${P/_/-} + +DESCRIPTION="Network-UPS Tools" +HOMEPAGE="http://www.networkupstools.org/" +# Nut mirrors are presently broken +SRC_URI="http://random.networkupstools.org/source/${PV%.*}/${MY_P}.tar.gz + http://www.networkupstools.org/source/${PV%.*}/${MY_P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE="avahi cgi snmp usb ssl tcpd xml" + +RDEPEND="avahi? ( net-dns/avahi ) + cgi? ( >=media-libs/gd-2[png] ) + snmp? ( net-analyzer/net-snmp ) + usb? ( virtual/libusb:0 ) + ssl? ( >=dev-libs/openssl-1 ) + tcpd? ( sys-apps/tcp-wrappers ) + xml? ( >=net-libs/neon-0.25.0 ) + >=sys-fs/udev-114" +DEPEND="$RDEPEND + >=sys-apps/sed-4 + virtual/pkgconfig" + +S=${WORKDIR}/${MY_P} + +# public files should be 644 root:root +NUT_PUBLIC_FILES="/etc/nut/{ups,upssched}.conf" +# private files should be 640 root:nut - readable by nut, writeable by root, +NUT_PRIVATE_FILES="/etc/nut/{upsd.conf,upsd.users,upsmon.conf}" +# public files should be 644 root:root, only installed if USE=cgi +NUT_CGI_FILES="/etc/nut/{{hosts,upsset}.conf,upsstats{,-single}.html}" + +pkg_setup() { + enewgroup nut 84 + enewuser nut 84 -1 /var/lib/nut nut,uucp + # As of udev-104, NUT must be in uucp and NOT in tty. + gpasswd -d nut tty 2>/dev/null + gpasswd -a nut uucp 2>/dev/null + # in some cases on old systems it wasn't in the nut group either! + gpasswd -a nut nut 2>/dev/null + warningmsg ewarn +} + +src_prepare() { + ht_fix_file configure.in + + epatch "${FILESDIR}"/${PN}-2.4.1-no-libdummy.patch + epatch "${FILESDIR}"/${PN}-2.6.2-lowspeed-buffer-size.patch + epatch "${FILESDIR}"/${PN}-2.6.3-CVE-2012-2944.patch + + sed -e "s:GD_LIBS.*=.*-L/usr/X11R6/lib \(.*\) -lXpm -lX11:GD_LIBS=\"\1:" \ + -i configure.in || die + + sed -e "s:52.nut-usbups.rules:70-nut-usbups.rules:" \ + -i scripts/udev/Makefile.am || die + + rm -f ltmain.sh m4/lt* m4/libtool.m4 + + sed -i \ + -e 's:@LIBSSL_LDFLAGS@:@LIBSSL_LIBS@:' \ + lib/libupsclient{.pc,-config}.in || die #361685 + + eautoreconf +} + +src_configure() { + local myconf + + if [ -n "${NUT_DRIVERS}" ]; then + myconf="${myconf} --with-drivers=${NUT_DRIVERS// /,}" + fi + + use cgi && myconf="${myconf} --with-cgipath=/usr/share/nut/cgi" + + # TODO: USE flag for sys-power/powerman + econf \ + --sysconfdir=/etc/nut \ + --datarootdir=/usr/share/nut \ + --datadir=/usr/share/nut \ + --disable-static \ + --with-dev \ + $(use_with usb) \ + --without-hal \ + $(use_with snmp) \ + $(use_with xml neon) \ + --without-powerman \ + $(use_with ssl) \ + $(use_with tcpd wrap) \ + $(use_with cgi) \ + $(use_with avahi) \ + --with-statepath=/var/lib/nut \ + --with-drvpath=/$(get_libdir)/nut \ + --with-htmlpath=/usr/share/nut/html \ + --with-user=nut \ + --with-group=nut \ + --with-logfacility=LOG_DAEMON \ + ${myconf} +} + +src_install() { + emake DESTDIR="${D}" install || die + + find "${D}" -name '*.la' -exec rm -f {} + + + dodir /sbin + dosym /$(get_libdir)/nut/upsdrvctl /sbin/upsdrvctl + # This needs to exist for the scripts + dosym /$(get_libdir)/nut/upsdrvctl /usr/sbin/upsdrvctl + + if use cgi; then + elog "CGI monitoring scripts are installed in /usr/share/nut/cgi." + elog "copy them to your web server's ScriptPath to activate (this is a" + elog "change from the old location)." + elog "If you use lighttpd, see lighttpd_nut.conf in the documentation." + fi + + # this must be done after all of the install phases + for i in "${D}"/etc/nut/*.sample ; do + mv "${i}" "${i/.sample/}" + done + + dodoc AUTHORS ChangeLog docs/*.txt MAINTAINERS NEWS README TODO UPGRADING || die + + newdoc lib/README README.lib || die + newdoc "${FILESDIR}"/lighttpd_nut.conf-2.2.0 lighttpd_nut.conf || die + + docinto cables + dodoc docs/cables/* || die + + newinitd "${FILESDIR}"/nut-2.2.2-init.d-upsd upsd || die + newinitd "${FILESDIR}"/nut-2.2.2-init.d-upsdrv upsdrv || die + newinitd "${FILESDIR}"/nut-2.2.2-init.d-upsmon upsmon || die + newinitd "${FILESDIR}"/nut.powerfail.initd nut.powerfail || die + + keepdir /var/lib/nut + + einfo "Setting up permissions on files and directories" + fperms 0700 /var/lib/nut + fowners nut:nut /var/lib/nut + + # Do not remove eval here, because the variables contain shell expansions. + eval fperms 0640 ${NUT_PRIVATE_FILES} + eval fowners root:nut ${NUT_PRIVATE_FILES} + + # Do not remove eval here, because the variables contain shell expansions. + eval fperms 0644 ${NUT_PUBLIC_FILES} + eval fowners root:root ${NUT_PUBLIC_FILES} + + # Do not remove eval here, because the variables contain shell expansions. + if use cgi; then + eval fperms 0644 ${NUT_CGI_FILES} + eval fowners root:root ${NUT_CGI_FILES} + fi + + # this is installed for 2.4 and fbsd guys + if ! has_version sys-fs/udev; then + einfo "Installing non-udev hotplug support" + insinto /etc/hotplug/usb + insopts -m 755 + doins scripts/hotplug/nut-usbups.hotplug + fi + + dobashcompletion "${S}"/scripts/misc/nut.bash_completion +} + +pkg_postinst() { + # this is to ensure that everybody that installed old versions still has + # correct permissions + + chown nut:nut "${ROOT}"/var/lib/nut 2>/dev/null + chmod 0700 "${ROOT}"/var/lib/nut 2>/dev/null + + # Do not remove eval here, because the variables contain shell expansions. + eval chown root:nut "${ROOT}"${NUT_PRIVATE_FILES} 2>/dev/null + eval chmod 0640 "${ROOT}"${NUT_PRIVATE_FILES} 2>/dev/null + + # Do not remove eval here, because the variables contain shell expansions. + eval chown root:root "${ROOT}"${NUT_PUBLIC_FILES} 2>/dev/null + eval chmod 0644 "${ROOT}"${NUT_PUBLIC_FILES} 2>/dev/null + + # Do not remove eval here, because the variables contain shell expansions. + if use cgi; then + eval chown root:root "${ROOT}"${NUT_CGI_FILES} 2>/dev/null + eval chmod 0644 "${ROOT}"${NUT_CGI_FILES} 2>/dev/null + fi + + warningmsg elog +} + +warningmsg() { + msgfunc="$1" + [ -z "$msgfunc" ] && die "msgfunc not specified in call to warningmsg!" + ${msgfunc} "Please note that NUT now runs under the 'nut' user." + ${msgfunc} "NUT is in the uucp group for access to RS-232 UPS." + ${msgfunc} "However if you use a USB UPS you may need to look at the udev or" + ${msgfunc} "hotplug rules that are installed, and alter them suitably." + ${msgfunc} '' + ${msgfunc} "You are strongly advised to read the UPGRADING file provided by upstream." + ${msgfunc} '' + ${msgfunc} "Please note that upsdrv is NOT automatically started by upsd anymore." + ${msgfunc} "If you have multiple UPS units, you can use their NUT names to" + ${msgfunc} "have a service per UPS:" + ${msgfunc} "ln -s /etc/init.d/upsdrv /etc/init.d/upsdrv.\$UPSNAME" + ${msgfunc} '' + ${msgfunc} 'If you want apcupsd to power off your UPS when it' + ${msgfunc} 'shuts down your system in a power failure, you must' + ${msgfunc} 'add nut.powerfail to your shutdown runlevel:' + ${msgfunc} '' + ${msgfunc} 'rc-update add nut.powerfail shutdown' + ${msgfunc} '' + +} |