From nobody Sun Jan 23 23:01:53 2022 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 89D65195DC62; Sun, 23 Jan 2022 23:01:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JhpXK2m3lz587p; Sun, 23 Jan 2022 23:01:53 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642978913; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=F8ZDiQGRwdHYZcm+Z9+VZverCiXP4iB2QE8hE6s+WtY=; b=f/Jm/+LXbg+LiYvGq1AcF0VVRxFwb+b9iGcjSo8qvs+eufVQHsJ6yfjuVR837O25xnHdug Iolq2dNXjSWP65UABpygp4Ofx6auHA3DlUxnm+/nUwgcacKulv7nXMN1yUuQQlzDJGEszL pVYFoP02npm/ee2820uquBlWKesiDGzUKrGJ1bqWja0nkl6No6/K6WPh3Jr092LaGvPk4r /5gw7pUF8xgxqaxHGg6SFjoWhkXpe8vFcXc32R1CVAxzNWReAl2m8oaPXU/ePqZjc516jx thCCfU4HXYCHA3VZfwTLKPzoJM5u700KA4sHB6HB9Sk9TTgCq/WNowo2fgWgMw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 351CC2D64; Sun, 23 Jan 2022 23:01:53 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 20NN1r6r018710; Sun, 23 Jan 2022 23:01:53 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 20NN1rkD018709; Sun, 23 Jan 2022 23:01:53 GMT (envelope-from git) Date: Sun, 23 Jan 2022 23:01:53 GMT Message-Id: <202201232301.20NN1rkD018709@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Cy Schubert Subject: git: 8fbfc5f93128 - main - security/aide: Update to 0.17.4 List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 8fbfc5f93128b55b1ca8748cde645fe443c31c10 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642978913; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=F8ZDiQGRwdHYZcm+Z9+VZverCiXP4iB2QE8hE6s+WtY=; b=mwEDOOwXmCvkdqdFxniJIdoavgCBQKyLhHIJQuD9om/suX109fxEWsVMdwwM8cpzF63O19 wULLz+oQLF/NAZrSlWk8KtU72XBZhHM52T6mXX95dnsS/0wdURPQ7pYEYAVzrEAbCHI8aj aMkxPMfYgp+PV7L0dNRK0PQklAUkRuReL5wTJ6Bc0WDroVXyv4gT/ZoRgln3x2hDTz0Kh+ VoMY//O99TY/xQMrioMKheV+obMORjo1p0BbRarM/f8XJyW5dL7tf9T0Ukucwr5h/Bfi53 s42FxPsIX3YcqXolQWv/EWQJRZ1SqZcK2VFIQcDDm64shcvoweMA65Tj0JMG3w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1642978913; a=rsa-sha256; cv=none; b=REHvvS+nsA99yvpntcbYbL5OIqybIrFknSP54j4axlEDKlMaNKoKe45ct5VDCtuiGKz9zc BTxmP4l66ZYXd0XD0zr98bs4wRvYlTVLWEJwQZJJ3zmuX/kbUPR+m3AZG1cJQ1V7fap1Z2 tC3bK6bICxAyJ660+JXKt8/jG1PEblEWciho2UKnAL1WtoL1CSvcVFR+h6ncxqNv49oVe6 JcCl7eSf4Cks+F/KH+1xLs5kLDF9KXfmIJtgMp0lNWBD7XbzvnOTJR3SAkcolP9bC6lt/m 8NyeWTBwvUnYJgdh+x7yGkLtYmNhNmmoVC4gv8JmOnjj+YRnql37vA/MTW2lTA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=8fbfc5f93128b55b1ca8748cde645fe443c31c10 commit 8fbfc5f93128b55b1ca8748cde645fe443c31c10 Author: Cy Schubert AuthorDate: 2022-01-23 22:51:09 +0000 Commit: Cy Schubert CommitDate: 2022-01-23 23:01:46 +0000 security/aide: Update to 0.17.4 Update aide to 0.17.4, fixing CVE-2021-45417. PR: 261407 Reported by: Yonas Yanfa MFH: 2022Q1 Security: CVE-2021-45417 --- security/aide/Makefile | 2 +- security/aide/distinfo | 6 +++--- security/aide/files/patch-doc_aide.1 | 14 -------------- security/aide/files/patch-include_util.h | 10 ++++++++++ security/aide/files/patch-src_commandconf.c | 13 +++++++++++++ 5 files changed, 27 insertions(+), 18 deletions(-) diff --git a/security/aide/Makefile b/security/aide/Makefile index 20a64c443422..fbf829de0469 100644 --- a/security/aide/Makefile +++ b/security/aide/Makefile @@ -1,7 +1,7 @@ # Created by: Cy Schubert (Cy.Schubert@uumail.gov.bc.ca) PORTNAME= aide -PORTVERSION= 0.16.1 +PORTVERSION= 0.17.4 CATEGORIES= security MASTER_SITES= https://github.com/aide/aide/releases/download/v${PORTVERSION}/ diff --git a/security/aide/distinfo b/security/aide/distinfo index 05b3dba1c573..73ae932bb832 100644 --- a/security/aide/distinfo +++ b/security/aide/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1555181364 -SHA256 (aide-0.16.1.tar.gz) = 0f2b7cecc70c1a27d35c06c98804fcdb9f326630de5d035afc447122186010b7 -SIZE (aide-0.16.1.tar.gz) = 391531 +TIMESTAMP = 1642975384 +SHA256 (aide-0.17.4.tar.gz) = c81505246f3ffc2e76036d43a77212ae82895b5881d9b9e25c1361b1a9b7a846 +SIZE (aide-0.17.4.tar.gz) = 331783 diff --git a/security/aide/files/patch-doc_aide.1 b/security/aide/files/patch-doc_aide.1 deleted file mode 100644 index 2dacc0a93438..000000000000 --- a/security/aide/files/patch-doc_aide.1 +++ /dev/null @@ -1,14 +0,0 @@ ---- doc/aide.1.orig 2016-07-25 14:09:52.000000000 -0700 -+++ doc/aide.1 2016-07-26 12:35:55.894637000 -0700 -@@ -103,9 +103,9 @@ - .SH FILES - .IP \fB${prefix}/etc/aide.conf\fR - Default aide configuration file. --.IP \fB${prefix}/etc/aide.db\fR -+.IP \fB/var/db/aide/aide.db\fR - Default aide database. --.IP \fB${prefix}/etc/aide.db.new\fR -+.IP \fB/var/db/aide/aide.db.new\fR - Default aide output database. - .SH SEE ALSO - .BR aide.conf (5) diff --git a/security/aide/files/patch-include_util.h b/security/aide/files/patch-include_util.h new file mode 100644 index 000000000000..100a2541214e --- /dev/null +++ b/security/aide/files/patch-include_util.h @@ -0,0 +1,10 @@ +--- include/util.h.orig 2022-01-19 12:03:06.000000000 -0800 ++++ include/util.h 2022-01-23 14:44:04.712694000 -0800 +@@ -24,6 +24,7 @@ + #include + #include + #include ++#include "config.h" + #include "url.h" + + #define HEXD2ASC(x) (((x) < 10) ? ((x) + '0') : ((x) - 10 + 'A')) diff --git a/security/aide/files/patch-src_commandconf.c b/security/aide/files/patch-src_commandconf.c new file mode 100644 index 000000000000..d9c980015ee2 --- /dev/null +++ b/security/aide/files/patch-src_commandconf.c @@ -0,0 +1,13 @@ +--- src/commandconf.c.orig 2022-01-19 12:03:06.000000000 -0800 ++++ src/commandconf.c 2022-01-23 14:49:37.915576000 -0800 +@@ -226,8 +226,8 @@ + c=fgetc(db->fp); + if(c==(unsigned char)'\213'){ + log_msg(LOG_LEVEL_DEBUG,"db_input_wrapper(): handle gzip header"); +- lseek(fileno(db->fp),0L,SEEK_SET); +- db->gzp=gzdopen(fileno(db->fp),"rb"); ++ lseek(fileno((FILE *)(db->fp)),0L,SEEK_SET); ++ db->gzp=gzdopen(fileno((FILE *)(db->fp)),"rb"); + c=gzgetc(db->gzp); + log_msg(LOG_LEVEL_DEBUG, "db_input_wrapper(): first character after gzip header is: %c(%#X)\n",c,c); + if(c==-1) {