summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Volkov <pva@gentoo.org>2008-12-13 18:55:14 +0000
committerPeter Volkov <pva@gentoo.org>2008-12-13 18:55:14 +0000
commit4f127e0a53433963a19e54d2ddd88141b5ab03b6 (patch)
tree28cc7421df7528e7474a392388a3bab624112f12
parentx86 stable (diff)
downloadhistorical-4f127e0a53433963a19e54d2ddd88141b5ab03b6.tar.gz
historical-4f127e0a53433963a19e54d2ddd88141b5ab03b6.tar.bz2
historical-4f127e0a53433963a19e54d2ddd88141b5ab03b6.zip
Version bump, fixes security issue #248425, thank Steven Susbauer for report.
Package-Manager: portage-2.1.6.1/cvs/Linux 2.6.26-gentoo-r4 x86_64
-rw-r--r--net-analyzer/wireshark/ChangeLog8
-rw-r--r--net-analyzer/wireshark/Manifest5
-rw-r--r--net-analyzer/wireshark/files/wireshark-1.0.5-glib-1-build.patch22
-rw-r--r--net-analyzer/wireshark/wireshark-1.0.5.ebuild165
4 files changed, 198 insertions, 2 deletions
diff --git a/net-analyzer/wireshark/ChangeLog b/net-analyzer/wireshark/ChangeLog
index d88480bafba5..aa5b6c82a429 100644
--- a/net-analyzer/wireshark/ChangeLog
+++ b/net-analyzer/wireshark/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for net-analyzer/wireshark
# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/ChangeLog,v 1.134 2008/11/22 15:30:31 pva Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/ChangeLog,v 1.135 2008/12/13 18:55:14 pva Exp $
+
+*wireshark-1.0.5 (13 Dec 2008)
+
+ 13 Dec 2008; Peter Volkov <pva@gentoo.org>
+ +files/wireshark-1.0.5-glib-1-build.patch, +wireshark-1.0.5.ebuild:
+ Version bump, fixes security issue #248425, thank Steven Susbauer for report.
22 Nov 2008; Peter Volkov <pva@gentoo.org>
files/wireshark-1.1.1-misc-warnings.patch, -wireshark-1.0.3.ebuild:
diff --git a/net-analyzer/wireshark/Manifest b/net-analyzer/wireshark/Manifest
index e90df9f69186..8d1fa97e7e55 100644
--- a/net-analyzer/wireshark/Manifest
+++ b/net-analyzer/wireshark/Manifest
@@ -1,12 +1,15 @@
AUX wireshark-0.99.7-asneeded.patch 339 RMD160 faa516dd3dfd8bd6218f66d3bedb5490b0896f5b SHA1 ec2b8952f8fe55471e923c086a6e9b48e06ce7a8 SHA256 9fc8b3ec3fcf1cca714c78c28c1883503abfcfce4fe175e43c6d7ec14ddc9478
AUX wireshark-0.99.8-as-needed.patch 395 RMD160 2e06f641e9789db717544bfd1568e4bf6e85855c SHA1 a18b6fcc85b40c00fc1d30bcdfc81d13dc33e904 SHA256 d2f996a79fa3117296b25c10a1d4a3f0f8027a678de4e37e6c60bfb47a4754b9
AUX wireshark-1.0.4-zlib-build.patch 370 RMD160 f3403f6813460c9630d782fddd1478db60a87363 SHA1 83aa0694fc836b89a1ce5cf2748510daeb0ec108 SHA256 21ca38ec05e3e6b4fddf196c038d39b748b59256a40333b3623eff59715aff00
+AUX wireshark-1.0.5-glib-1-build.patch 721 RMD160 d4de28a4e8b45e2b2243b0d113a7f767a0d2f7f1 SHA1 89caa207c6d4e74c3b3a2f47cd62304ff58b341b SHA256 536c1e3bdfc609fa0867c7d37e4f4b88b24d4525a1687992ee7606c365eaef0a
AUX wireshark-1.1.1--as-needed.patch 314 RMD160 5a9af8d8c1c2a6d2109413201659bd00f04a7bcd SHA1 87015021390434032716f244bc5432993c37f00f SHA256 f01cb55439c550c337f76354edd6f837e242544971a1f2dd3b45e911e75b42a7
AUX wireshark-1.1.1-misc-warnings.patch 5519 RMD160 24b02a98a96861621f3ebd14534bc16ab162b4a6 SHA1 2110476f7079b15982c384fa9e0c0754162a6b52 SHA256 ff335d097283d3d32a47952c33684e2485e7f506f26088957deb3c4a06121d30
AUX wireshark-except-double-free.diff 664 RMD160 2b61f03f5148975f6438351c11de18a500deabc5 SHA1 0239e19ba0ebd2cfb4ab4987a8a4c56646cd9250 SHA256 dc02a5f3e4bdbd128a2ba08f38880358f747661a93ca0b3fe1918c67b255c369
DIST wireshark-1.0.4.tar.bz2 13126757 RMD160 741b6618ba34b55079f15d5725a1e9a22a4fc351 SHA1 8e75a6d909a1da803db77f6f86fdd5096e5bbac8 SHA256 20a37f018a4e2644fdb373f2d9c5d43d4f43e41f1fa29ac6edb53045c0a70e3a
+DIST wireshark-1.0.5.tar.bz2 13144320 RMD160 72b1ac2e78a02e84525b6ecd6563698b5b7474fc SHA1 593aaf3a7527e8ca74e4982caeb5a77831b121db SHA256 4f923e24d674ac62ded3da402a4de6d402886d80e3d7cac91cf026921f32fcf7
DIST wireshark-1.1.1.tar.gz 17856811 RMD160 522a717e9163b844e452cb3d50376f113335aca9 SHA1 5d6d57a6e67b30fbbd8241c9305002d410a3e920 SHA256 e55f72b7910a4556411bace181e9ecdb3c7da6b8510ade7a632a5144cee4a94a
EBUILD wireshark-1.0.4.ebuild 5023 RMD160 fe695d6eb4d09a78775c50259012f93cf821ac92 SHA1 52fd64fd410b4aaf5bd42afa2c658b63d5b42f9d SHA256 2003524940e631e83ce4d5fbd3029c2a96eeb0438655f86066b1bf75338bf29f
+EBUILD wireshark-1.0.5.ebuild 4900 RMD160 cf85972927df7c068864f22ddf16fb4488f7b566 SHA1 7c6b1e49583ce5e2934b3f2c377274a9b1bc05f4 SHA256 b523dcdffe7ce43c3263ad9dc29e5dc4893400db96a95974a03819ed1a453d23
EBUILD wireshark-1.1.1.ebuild 4877 RMD160 41554c22880caec66f8cd7bb4f6166e77a4f17e8 SHA1 7fdd83bed14bebbda885a73f21d75b96edbf33d7 SHA256 743847dde1635d343813d1b7a0a9c2cb4e0f63ad0c2c7719ef7ae454da812823
-MISC ChangeLog 20835 RMD160 5a33643760d2cd3862e90f9d3ebc369797bbac05 SHA1 ebf0d757ae68c5951ed83a31073d2cbc5a324d4d SHA256 b2632fa53367e1426882bf13c690671fa0c03ba55d4049a632aee2b8cd1e3816
+MISC ChangeLog 21063 RMD160 f558892b59fe63acda2eb79130a76be38af7f4b6 SHA1 6ef5c49b882b29fee0d15393b35a1937dd61c63b SHA256 4e0ee0e20a800e1b839890c1158bc2a61eab59e908616bad9002b79b9d393e3b
MISC metadata.xml 2154 RMD160 01af8905d25e6c387902d30766daedcd37d94e0e SHA1 d68e79d413654ce72c553d508d7aa96f27fe85b5 SHA256 48c540fcec9cf1e5eebe132d7f90e8330b413f4eb6469761a88720eaa6a2233a
diff --git a/net-analyzer/wireshark/files/wireshark-1.0.5-glib-1-build.patch b/net-analyzer/wireshark/files/wireshark-1.0.5-glib-1-build.patch
new file mode 100644
index 000000000000..3d54d9f1f490
--- /dev/null
+++ b/net-analyzer/wireshark/files/wireshark-1.0.5-glib-1-build.patch
@@ -0,0 +1,22 @@
+--- trunk-1.0/epan/to_str.c 2008/12/12 20:16:43 26973
++++ trunk-1.0/epan/to_str.c 2008/12/12 20:28:21 26974
+@@ -344,6 +344,19 @@
+ #define COMMA(do_it) ((do_it) ? ", " : "")
+
+ /*
++ * GLib 1.2[.x] doesn't define G_MAXINT32 or G_MININT32; if they're not
++ * defined, we define them as the maximum and minimum 32-bit signed
++ * 2's-complement number.
++ * Copied from epan/dfilter/scanner.l
++ */
++#ifndef G_MAXINT32
++#define G_MAXINT32 ((gint32)0x7FFFFFFF)
++#endif
++#ifndef G_MININT32
++#define G_MININT32 ((gint32)0x80000000)
++#endif
++
++/*
+ * Maximum length of a string showing days/hours/minutes/seconds.
+ * (Does not include the terminating '\0'.)
+ * Includes space for a '-' sign for any negative components.
diff --git a/net-analyzer/wireshark/wireshark-1.0.5.ebuild b/net-analyzer/wireshark/wireshark-1.0.5.ebuild
new file mode 100644
index 000000000000..eff3291ff165
--- /dev/null
+++ b/net-analyzer/wireshark/wireshark-1.0.5.ebuild
@@ -0,0 +1,165 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/wireshark/wireshark-1.0.5.ebuild,v 1.1 2008/12/13 18:55:14 pva Exp $
+
+EAPI=1
+WANT_AUTOMAKE="1.9"
+inherit autotools libtool flag-o-matic eutils toolchain-funcs
+
+DESCRIPTION="A network protocol analyzer formerly known as ethereal"
+HOMEPAGE="http://www.wireshark.org/"
+
+# _rc versions has different download location.
+[[ -n ${PV#*_rc} && ${PV#*_rc} != ${PV} ]] && {
+SRC_URI="http://www.wireshark.org/download/prerelease/${PN}-${PV/_rc/pre}.tar.gz";
+S=${WORKDIR}/${PN}-${PV/_rc/pre} ; } || \
+SRC_URI="http://www.wireshark.org/download/src/all-versions/${P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
+IUSE="adns gtk ipv6 lua portaudio gnutls gcrypt zlib kerberos threads profile smi +pcap pcre +caps selinux"
+
+RDEPEND="zlib? ( sys-libs/zlib )
+ smi? ( net-libs/libsmi )
+ gtk? ( >=dev-libs/glib-2.0.4
+ =x11-libs/gtk+-2*
+ x11-libs/pango
+ dev-libs/atk )
+ !gtk? ( =dev-libs/glib-1.2* )
+ gnutls? ( net-libs/gnutls )
+ gcrypt? ( dev-libs/libgcrypt )
+ pcap? ( net-libs/libpcap )
+ pcre? ( dev-libs/libpcre )
+ caps? ( sys-libs/libcap )
+ adns? ( net-libs/adns )
+ kerberos? ( virtual/krb5 )
+ portaudio? ( media-libs/portaudio )
+ lua? ( >=dev-lang/lua-5.1 )
+ selinux? ( sec-policy/selinux-wireshark )"
+
+DEPEND="${RDEPEND}
+ >=dev-util/pkgconfig-0.15.0
+ dev-lang/perl
+ sys-devel/bison
+ sys-devel/flex"
+
+pkg_setup() {
+ if ! use gtk; then
+ ewarn "USE=-gtk will mean no gui called wireshark will be created and"
+ ewarn "only command line utils are available"
+ fi
+
+ # Add group for users allowed to sniff.
+ enewgroup wireshark || die "Failed to create wireshark group"
+}
+
+src_unpack() {
+ unpack ${A}
+
+ cd "${S}"
+ epatch "${FILESDIR}/${PN}-0.99.7-asneeded.patch"
+ epatch "${FILESDIR}/${PN}-0.99.8-as-needed.patch"
+ epatch "${FILESDIR}/${P}-glib-1-build.patch"
+
+ cd "${S}/epan"
+ epatch "${FILESDIR}/wireshark-except-double-free.diff"
+
+ cd "${S}"
+ eautoreconf
+}
+
+src_compile() {
+ # optimization bug, see bug #165340, bug #40660
+ if [[ $(gcc-version) == 3.4 ]] ; then
+ elog "Found gcc 3.4, forcing -O3 into CFLAGS"
+ replace-flags -O? -O3
+ elif [[ $(gcc-version) == 3.3 || $(gcc-version) == 3.2 ]] ; then
+ elog "Found <=gcc-3.3, forcing -O into CFLAGS"
+ replace-flags -O? -O
+ fi
+
+ # see bug #133092; bugs.wireshark.org/bugzilla/show_bug.cgi?id=1001
+ # our hardened toolchain bug
+ filter-flags -fstack-protector
+
+ # profile and -fomit-frame-pointer are incompatible, bug #215806
+ use profile && filter-flags -fomit-frame-pointer
+
+ local myconf
+ if use gtk; then
+ einfo "Building with gtk support"
+ else
+ einfo "Building without gtk support"
+ myconf="${myconf} --disable-wireshark"
+ fi
+
+ # Workaround bug #213705. If krb5-config --libs has -lcrypto then pass
+ # --with-ssl to ./configure. (Mimics code from acinclude.m4).
+ if use kerberos; then
+ case `krb5-config --libs` in
+ *-lcrypto*) myconf="${myconf} --with-ssl" ;;
+ esac
+ fi
+
+ # dumpcap requires libcap, setuid-install requires dumpcap
+ econf $(use_enable gtk gtk2) \
+ $(use_enable profile profile-build) \
+ $(use_with gnutls) \
+ $(use_with gcrypt) \
+ $(use_enable gtk wireshark) \
+ $(use_enable ipv6) \
+ $(use_enable threads) \
+ $(use_with lua) \
+ $(use_with adns) \
+ $(use_with kerberos krb5) \
+ $(use_with smi libsmi) \
+ $(use_with pcap) \
+ $(use_with zlib) \
+ $(use_with pcre) \
+ $(use_with portaudio) \
+ $(use_with caps libcap) \
+ $(use_enable pcap setuid-install) \
+ --sysconfdir=/etc/wireshark \
+ ${myconf}
+
+ emake || die "emake failed"
+}
+
+src_install() {
+ emake DESTDIR="${D}" install || die "emake install failed"
+
+ fowners 0:wireshark /usr/bin/tshark
+ fperms 6550 /usr/bin/tshark
+ use pcap && fowners 0:wireshark /usr/bin/dumpcap
+ use pcap && fperms 6550 /usr/bin/dumpcap
+
+ insinto /usr/include/wiretap
+ doins wiretap/wtap.h
+
+ # FAQ is not required as is installed from help/faq.txt
+ dodoc AUTHORS ChangeLog NEWS README{,bsd,linux,macos,vmware} doc/randpkt.txt
+
+ if use gtk ; then
+ insinto /usr/share/icons/hicolor/16x16/apps
+ newins image/hi16-app-wireshark.png wireshark.png
+ insinto /usr/share/icons/hicolor/32x32/apps
+ newins image/hi32-app-wireshark.png wireshark.png
+ insinto /usr/share/icons/hicolor/48x48/apps
+ newins image/hi48-app-wireshark.png wireshark.png
+ insinto /usr/share/applications
+ doins wireshark.desktop
+ fi
+}
+
+pkg_postinst() {
+ echo
+ ewarn "With version 0.99.7, all function calls that require elevated privileges"
+ ewarn "have been moved out of the GUI to dumpcap. WIRESHARK CONTAINS OVER ONE"
+ ewarn "POINT FIVE MILLION LINES OF SOURCE CODE. DO NOT RUN THEM AS ROOT."
+ ewarn
+ ewarn "NOTE: To run wireshark as normal user you have to add yourself into"
+ ewarn "wireshark group. This security measure ensures that only trusted"
+ ewarn "users allowed to sniff your traffic."
+ echo
+}