Import patch for CVE-2009-3826 (#290623).

(Portage version: 2.1.6.13/cvs/Linux x86_64)
author: Alin Năstac <mrness@gentoo.org> 2009-11-28 08:45:28 +0000
committer: Alin Năstac <mrness@gentoo.org> 2009-11-28 08:45:28 +0000
commit: 7e47d6519757355b5a8c72f9d7bdbcdcd3151473 (patch)
tree: 405e780330e20ce6c62576df30b66fb039d8007a /net-proxy
parent: Fix wrong deps. Per bug #294726. (diff)
download: gentoo-2-7e47d6519757355b5a8c72f9d7bdbcdcd3151473.tar.gz
gentoo-2-7e47d6519757355b5a8c72f9d7bdbcdcd3151473.tar.bz2
gentoo-2-7e47d6519757355b5a8c72f9d7bdbcdcd3151473.zip
3 files changed, 100 insertions, 2 deletions
diff --git a/net-proxy/squidguard/ChangeLog b/net-proxy/squidguard/ChangeLog
index 2727c575de92..faffaeb23bfb 100644
--- a/net-proxy/squidguard/ChangeLog
+++ b/net-proxy/squidguard/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-proxy/squidguard
-# Copyright 2002-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-proxy/squidguard/ChangeLog,v 1.35 2009/04/26 12:47:15 mrness Exp $
+# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squidguard/ChangeLog,v 1.36 2009/11/28 08:45:27 mrness Exp $
+
+*squidguard-1.4-r4 (28 Nov 2009)
+
+  28 Nov 2009; Alin Năstac <mrness@gentoo.org> +squidguard-1.4-r4.ebuild,
+  +files/squidguard-1.4-upstream-fixes.patch:
+  Import patch for CVE-2009-3826 (#290623).
 
 *squidguard-1.4-r3 (26 Apr 2009)
 
diff --git a/net-proxy/squidguard/files/squidguard-1.4-upstream-fixes.patch b/net-proxy/squidguard/files/squidguard-1.4-upstream-fixes.patch
new file mode 100644
index 000000000000..007e6b4c36fb
--- /dev/null
+++ b/net-proxy/squidguard/files/squidguard-1.4-upstream-fixes.patch
@@ -0,0 +1,24 @@
+diff -Nru squidGuard-1.4.orig/src/sgDiv.c.in squidGuard-1.4/src/sgDiv.c.in
+--- squidGuard-1.4.orig/src/sgDiv.c.in	2008-07-14 18:02:43.000000000 +0200
++++ squidGuard-1.4/src/sgDiv.c.in	2009-11-28 09:33:05.000000000 +0100
+@@ -745,7 +745,7 @@
+       p++;
+       break;
+     case 'u': /* Requested URL */
+-      strcat(buf, req->orig);
++      strncat(buf, req->orig, 2048);
+       p++;
+       break;
+     default:
+diff -Nru squidGuard-1.4.orig/src/sg.h.in squidGuard-1.4/src/sg.h.in
+--- squidGuard-1.4.orig/src/sg.h.in	2007-11-16 17:58:32.000000000 +0100
++++ squidGuard-1.4/src/sg.h.in	2009-11-28 09:33:37.000000000 +0100
+@@ -73,7 +73,7 @@
+ #define REQUEST_TYPE_REDIRECT   2
+ #define REQUEST_TYPE_PASS       3
+ 
+-#define MAX_BUF 4096
++#define MAX_BUF 12288
+ 
+ #define DEFAULT_LOGFILE "squidGuard.log"
+ #define WARNING_LOGFILE "squidGuard.log"
diff --git a/net-proxy/squidguard/squidguard-1.4-r4.ebuild b/net-proxy/squidguard/squidguard-1.4-r4.ebuild
new file mode 100644
index 000000000000..c18a879f755a
--- /dev/null
+++ b/net-proxy/squidguard/squidguard-1.4-r4.ebuild
@@ -0,0 +1,68 @@
+# Copyright 1999-2009 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-proxy/squidguard/squidguard-1.4-r4.ebuild,v 1.1 2009/11/28 08:45:27 mrness Exp $
+
+WANT_AUTOMAKE=none
+EAPI="2"
+
+inherit eutils autotools
+
+DESCRIPTION="Combined filter, redirector and access controller plugin for Squid."
+HOMEPAGE="http://www.squidguard.org"
+SRC_URI="http://www.squidguard.org/Downloads/squidGuard-${PV}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~ppc64 ~x86"
+IUSE="ldap"
+
+RDEPEND=">=sys-libs/db-2
+	ldap? ( net-nds/openldap )"
+DEPEND="${RDEPEND}
+	sys-devel/bison
+	sys-devel/flex"
+
+S="${WORKDIR}/squidGuard-${PV}"
+
+src_prepare() {
+	epatch "${FILESDIR}/${P}-gentoo.patch"
+	epatch "${FILESDIR}/${P}-autoheader.patch"
+	epatch "${FILESDIR}/${P}-vsnprintf.patch"
+	epatch "${FILESDIR}/${P}-cross-compile.patch"
+	epatch "${FILESDIR}/${P}-upstream-fixes.patch"
+	eautoreconf
+}
+
+src_configure() {
+	econf \
+		$(use_with ldap) \
+		--with-sg-config=/etc/squidGuard/squidGuard.conf \
+		--with-sg-logdir=/var/log/squidGuard \
+		|| die "configure has failed"
+}
+
+src_install() {
+	emake prefix="/usr" INSTDIR="${D}" install || die "emake install has failed"
+
+	keepdir /var/log/squidGuard
+	fowners squid:squid /var/log/squidGuard
+
+	insinto /etc/squidGuard/sample
+	doins "${FILESDIR}"/squidGuard.conf.*
+	insinto /etc/squidGuard/sample/db
+	doins "${FILESDIR}"/blockedsites
+
+	dodoc ANNOUNCE CHANGELOG README
+	dohtml doc/*.html
+	docinto text
+	dodoc doc/*.txt
+}
+
+pkg_postinst() {
+	einfo "To enable squidGuard, add the following lines to /etc/squid/squid.conf:"
+	einfo "    url_rewrite_program /usr/bin/squidGuard"
+	einfo "    url_rewrite_children 10"
+	einfo ""
+	einfo "Remember to edit /etc/squidGuard/squidGuard.conf first!"
+	einfo "Examples can be found in /etc/squidGuard/sample/"
+}
author	Alin Năstac <mrness@gentoo.org>	2009-11-28 08:45:28 +0000
committer	Alin Năstac <mrness@gentoo.org>	2009-11-28 08:45:28 +0000
commit	7e47d6519757355b5a8c72f9d7bdbcdcd3151473 (patch)
tree	405e780330e20ce6c62576df30b66fb039d8007a /net-proxy
parent	Fix wrong deps. Per bug #294726. (diff)
download	gentoo-2-7e47d6519757355b5a8c72f9d7bdbcdcd3151473.tar.gz gentoo-2-7e47d6519757355b5a8c72f9d7bdbcdcd3151473.tar.bz2 gentoo-2-7e47d6519757355b5a8c72f9d7bdbcdcd3151473.zip