[Pkg-nagios-changes] [pkg-nagios] r893 - in nagios/trunk/debian: . patches

Sean Finney seanius at costa.debian.org
Thu May 11 08:22:23 UTC 2006 

Author: seanius
Date: 2006-05-11 08:22:22 +0000 (Thu, 11 May 2006)
New Revision: 893

Removed:
   nagios/trunk/debian/patches/14_xdata_check-fulldisks.dpatch
Modified:
   nagios/trunk/debian/
   nagios/trunk/debian/changelog
   nagios/trunk/debian/patches/00list
Log:
resync with upstream and address CVE-2006-2162



Property changes on: nagios/trunk/debian
___________________________________________________________________
Name: mergeWithUpstream
   + 1

Modified: nagios/trunk/debian/changelog
===================================================================
--- nagios/trunk/debian/changelog	2006-05-11 08:07:31 UTC (rev 892)
+++ nagios/trunk/debian/changelog	2006-05-11 08:22:22 UTC (rev 893)
@@ -1,8 +1,13 @@
-nagios (2:1.3-cvs.20050402-14) UNRELEASED; urgency=low
+nagios (2:1.4-1) UNRELEASED; urgency=low
 
-  * NOT RELEASED YET
+  * not released yet... needs testing.
+  [sean finney]
+  * resynchronize with upstream source.
+    - upstream has incorporated 14_xdata_check-fulldisks.dpatch
+  * includes fix for Content-Length bounds/sanity checking mentioned
+    in CVE-2006-2162 (closes: #366682).
 
- -- sean finney <seanius at debian.org>  Fri, 31 Mar 2006 08:54:49 +0200
+ -- sean finney <seanius at debian.org>  Thu, 11 May 2006 10:13:33 +0200
 
 nagios (2:1.3-cvs.20050402-13) unstable; urgency=medium
 

Modified: nagios/trunk/debian/patches/00list
===================================================================
--- nagios/trunk/debian/patches/00list	2006-05-11 08:07:31 UTC (rev 892)
+++ nagios/trunk/debian/patches/00list	2006-05-11 08:22:22 UTC (rev 893)
@@ -13,5 +13,4 @@
 10000_no-password-disclosure.dpatch
 12_xrddb.c-errorhandling.dpatch
 13_config.h.in-traceroute_hardcoded.dpatch
-14_xdata_check-fulldisks.dpatch
 15_submit_check_result_via_nsca-nagioshost.dpatch

Deleted: nagios/trunk/debian/patches/14_xdata_check-fulldisks.dpatch
===================================================================
--- nagios/trunk/debian/patches/14_xdata_check-fulldisks.dpatch	2006-05-11 08:07:31 UTC (rev 892)
+++ nagios/trunk/debian/patches/14_xdata_check-fulldisks.dpatch	2006-05-11 08:22:22 UTC (rev 893)
@@ -1,62 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 14_xdata_check-fulldisks.dpatch by  <seanius at debian.org>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: perform error checks on writes to the status log
-## DP: backported by sean finney from the 2.0 cvs tree.
-
- at DPATCH@
-diff -urNad sid~/xdata/xsddefault.c sid/xdata/xsddefault.c
---- sid~/xdata/xsddefault.c	2002-02-26 05:04:11.000000000 +0100
-+++ sid/xdata/xsddefault.c	2005-12-02 08:44:38.000000000 +0100
-@@ -208,16 +208,26 @@
- /* start aggregated dump */
- int xsddefault_begin_aggregated_dump(void){
- 	char buffer[MAX_INPUT_BUFFER];
-+	char temp_buffer[MAX_INPUT_BUFFER];
- 
- 	/* open a safe temp file for output */
- 	snprintf(xsddefault_aggregate_temp_file,sizeof(xsddefault_aggregate_temp_file)-1,"%sXXXXXX",xsddefault_temp_file);
- 	xsddefault_aggregate_temp_file[sizeof(xsddefault_aggregate_temp_file)-1]='\x0';
--	if((xsddefault_aggregate_fd=mkstemp(xsddefault_aggregate_temp_file))==-1)
-+	if((xsddefault_aggregate_fd=mkstemp(xsddefault_aggregate_temp_file))==-1){
-+		/* log an error */
-+		snprintf(temp_buffer,sizeof(temp_buffer),"Error: Unable to create temp file for writing status data!\n");
-+		temp_buffer[sizeof(temp_buffer)-1]='\x0';
-+		write_to_logs_and_console(temp_buffer,NSLOG_RUNTIME_ERROR,TRUE);
- 		return ERROR;
-+	}
- 	xsddefault_aggregate_fp=fdopen(xsddefault_aggregate_fd,"w");
- 	if(xsddefault_aggregate_fp==NULL){
- 		close(xsddefault_aggregate_fd);
- 		unlink(xsddefault_aggregate_temp_file);
-+		/* log an error */
-+		snprintf(temp_buffer,sizeof(temp_buffer),"Error: Unable to open temp file '%s' for writing status data!\n",xsddefault_aggregate_temp_file);
-+		temp_buffer[sizeof(temp_buffer)-1]='\x0';
-+		write_to_logs_and_console(temp_buffer,NSLOG_RUNTIME_ERROR,TRUE);
- 		return ERROR;
- 	        }
- 
-@@ -232,6 +242,7 @@
- 
- /* finish aggregated dump */
- int xsddefault_end_aggregated_dump(void){
-+	char temp_buffer[MAX_INPUT_BUFFER];
- 
- 	/* reset file permissions */
- 	fchmod(xsddefault_aggregate_fd,S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH);
-@@ -241,8 +252,13 @@
- 	close(xsddefault_aggregate_fd);
- 
- 	/* move the temp file to the status log (overwrite the old status log) */
--	if(my_rename(xsddefault_aggregate_temp_file,xsddefault_status_log))
-+	if(my_rename(xsddefault_aggregate_temp_file,xsddefault_status_log)){
-+		/* log an error */
-+		snprintf(temp_buffer,sizeof(temp_buffer),"Error: Unable to update status data file '%s'!\n",xsddefault_status_log);
-+		temp_buffer[sizeof(temp_buffer)-1]='\x0';
-+		write_to_logs_and_console(temp_buffer,NSLOG_RUNTIME_ERROR,TRUE);
- 		return ERROR;
-+	}
- 
- 	return OK;
-         }

More information about the Pkg-nagios-changes mailing list