diff options
| -rw-r--r-- | net-mgmt/nagios/Makefile | 5 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-Makefile.in | 21 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-base__Makefile.in (renamed from net-mgmt/nagios/files/patch-base-Makefile.in) | 15 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-cgi__Makefile.in (renamed from net-mgmt/nagios/files/patch-cgi-Makefile.in) | 15 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-configure.in | 6 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-contrib__Makefile.in (renamed from net-mgmt/nagios/files/patch-contrib-Makefile.in) | 14 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-d97e03f32741a7d851826b03ed73ff4c9612a866 | 175 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-html__Makefile.in (renamed from net-mgmt/nagios/files/patch-html-Makefile.in) | 15 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-html__index.php (renamed from net-mgmt/nagios/files/patch-html-index.php) | 6 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-html__main.php (renamed from net-mgmt/nagios/files/patch-html-main.php) | 4 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-include__locations.h.in (renamed from net-mgmt/nagios/files/patch-include-locations.h.in) | 4 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-sample-config__cgi.cfg.in (renamed from net-mgmt/nagios/files/patch-sample-config-cgi.cfg.in) | 6 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-sample-config__nagios.cfg.in (renamed from net-mgmt/nagios/files/patch-sample-config-nagios.cfg.in) | 4 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-sample-config__template-object__localhost.cfg.in (renamed from net-mgmt/nagios/files/patch-sample-config-template-object-localhost.cfg.in) | 4 | ||||
| -rw-r--r-- | net-mgmt/nagios/files/patch-sample-config__template-object__templates.cfg.in (renamed from net-mgmt/nagios/files/patch-sample-config-template-object-templates.cfg.in) | 4 |
15 files changed, 258 insertions, 40 deletions
diff --git a/net-mgmt/nagios/Makefile b/net-mgmt/nagios/Makefile index 00fd0194e861..86ead9b09051 100644 --- a/net-mgmt/nagios/Makefile +++ b/net-mgmt/nagios/Makefile @@ -3,12 +3,12 @@ PORTNAME= nagios PORTVERSION= 3.5.1 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= net-mgmt MASTER_SITES= SF/${PORTNAME}/${PORTNAME}-3.x/${PORTNAME}-${PORTVERSION} MAINTAINER= mat@FreeBSD.org -COMMENT= Extremely powerful network monitoring system +COMMENT= Powerful network monitoring system LICENSE= GPLv2 @@ -98,7 +98,6 @@ post-extract: .include <bsd.port.options.mk> post-patch: - @${REINPLACE_CMD} -e '/^INSTALL_OPTS=/d;/^COMMAND_OPTS=/d' `${FIND} ${WRKSRC} -name Makefile.in` .if ${PORT_OPTIONS:MUNHANDLED_HACK} @${REINPLACE_CMD} -e 's#;serviceprops=42\&#;serviceprops=10\&#g' \ -e 's#;hostprops=42\"#;hostprops=10\"#g' ${WRKSRC}/html/side.php diff --git a/net-mgmt/nagios/files/patch-Makefile.in b/net-mgmt/nagios/files/patch-Makefile.in index 2cff77df03d0..44a22ea1a21f 100644 --- a/net-mgmt/nagios/files/patch-Makefile.in +++ b/net-mgmt/nagios/files/patch-Makefile.in @@ -1,6 +1,15 @@ ---- Makefile.in.orig Sun Aug 5 08:43:17 2007 -+++ Makefile.in Thu Aug 30 18:12:04 2007 -@@ -185,12 +185,12 @@ +--- ./Makefile.in.orig 2013-08-30 19:46:14.000000000 +0200 ++++ ./Makefile.in 2014-01-14 13:57:06.000000000 +0100 +@@ -30,8 +30,6 @@ + LIBEXECDIR=@libexecdir@ + HTMLDIR=@datadir@ + INSTALL=@INSTALL@ +-INSTALL_OPTS=@INSTALL_OPTS@ +-COMMAND_OPTS=@COMMAND_OPTS@ + HTTPD_CONF=@HTTPD_CONF@ + INIT_DIR=@init_dir@ + INIT_OPTS=-o root -g root +@@ -234,12 +232,12 @@ $(MAKE) install-basic install-basic: @@ -15,7 +24,7 @@ fi; @echo "" -@@ -212,19 +212,18 @@ +@@ -261,19 +259,18 @@ install-config: @@ -46,8 +55,8 @@ + $(INSTALL) -m 644 $(INSTALL_OPTS) sample-config/template-object/switch.cfg $(DESTDIR)$(CFGDIR)/objects/switch.cfg-sample @echo "" - @echo "*** Sample config files installed ***" -@@ -254,7 +253,6 @@ + @echo "*** Config files installed ***" +@@ -321,7 +318,6 @@ install-commandmode: $(INSTALL) -m 775 $(COMMAND_OPTS) -d $(DESTDIR)$(LOGDIR)/rw diff --git a/net-mgmt/nagios/files/patch-base-Makefile.in b/net-mgmt/nagios/files/patch-base__Makefile.in index ad02dffebc60..88f11121e1a0 100644 --- a/net-mgmt/nagios/files/patch-base-Makefile.in +++ b/net-mgmt/nagios/files/patch-base__Makefile.in @@ -1,6 +1,15 @@ ---- base/Makefile.in.orig Wed Jan 24 04:58:34 2007 -+++ base/Makefile.in Fri Jul 20 13:34:45 2007 -@@ -193,9 +193,9 @@ +--- ./base/Makefile.in.orig 2013-08-30 19:46:14.000000000 +0200 ++++ ./base/Makefile.in 2014-01-14 13:57:06.000000000 +0100 +@@ -39,8 +39,6 @@ + CGIDIR=@sbindir@ + HTMLDIR=@datarootdir@ + INSTALL=@INSTALL@ +-INSTALL_OPTS=@INSTALL_OPTS@ +-COMMAND_OPTS=@COMMAND_OPTS@ + STRIP=@STRIP@ + + CGIURL=@cgiurl@ +@@ -204,9 +202,9 @@ $(MAKE) install-basic install-basic: diff --git a/net-mgmt/nagios/files/patch-cgi-Makefile.in b/net-mgmt/nagios/files/patch-cgi__Makefile.in index 13a4564e6917..f43186539da3 100644 --- a/net-mgmt/nagios/files/patch-cgi-Makefile.in +++ b/net-mgmt/nagios/files/patch-cgi__Makefile.in @@ -1,6 +1,15 @@ ---- cgi/Makefile.in.orig Wed Dec 13 02:57:57 2006 -+++ cgi/Makefile.in Fri Jul 20 13:35:18 2007 -@@ -190,9 +190,9 @@ +--- ./cgi/Makefile.in.orig 2013-08-30 19:46:14.000000000 +0200 ++++ ./cgi/Makefile.in 2014-01-14 13:57:06.000000000 +0100 +@@ -18,8 +18,6 @@ + CGIDIR=@sbindir@ + HTMLDIR=@datarootdir@ + INSTALL=@INSTALL@ +-INSTALL_OPTS=@INSTALL_OPTS@ +-COMMAND_OPTS=@COMMAND_OPTS@ + STRIP=@STRIP@ + + CGIEXTRAS=@CGIEXTRAS@ +@@ -201,9 +199,9 @@ $(MAKE) install-basic install-basic: diff --git a/net-mgmt/nagios/files/patch-configure.in b/net-mgmt/nagios/files/patch-configure.in index 566a3b355de3..a9f0d7fc6a32 100644 --- a/net-mgmt/nagios/files/patch-configure.in +++ b/net-mgmt/nagios/files/patch-configure.in @@ -1,5 +1,5 @@ ---- configure.in.orig 2010-03-09 19:39:59.000000000 +0100 -+++ configure.in 2010-04-07 20:18:58.585012048 +0200 +--- ./configure.in.orig 2013-08-30 19:46:14.000000000 +0200 ++++ ./configure.in 2014-01-14 13:57:06.000000000 +0100 @@ -6,7 +6,6 @@ AC_INIT(base/nagios.c) @@ -7,7 +7,7 @@ -AC_PREFIX_DEFAULT(/usr/local/nagios) PKG_NAME=nagios - PKG_VERSION="3.2.1" + PKG_VERSION="3.5.1" @@ -125,7 +124,15 @@ dnl Test for pthreads support - taken from ICU FreeBSD Port configure script THREADLIBS="" diff --git a/net-mgmt/nagios/files/patch-contrib-Makefile.in b/net-mgmt/nagios/files/patch-contrib__Makefile.in index dd80e3019859..5a5cc61d742b 100644 --- a/net-mgmt/nagios/files/patch-contrib-Makefile.in +++ b/net-mgmt/nagios/files/patch-contrib__Makefile.in @@ -1,6 +1,14 @@ ---- contrib/Makefile.in.orig Tue Nov 15 12:19:36 2005 -+++ contrib/Makefile.in Wed Dec 28 17:49:25 2005 -@@ -46,10 +46,10 @@ +--- ./contrib/Makefile.in.orig 2013-08-30 19:46:14.000000000 +0200 ++++ ./contrib/Makefile.in 2014-01-14 13:57:06.000000000 +0100 +@@ -16,7 +16,6 @@ + # Generated automatically from configure script + SNPRINTF_O=@SNPRINTF_O@ + INSTALL=@INSTALL@ +-INSTALL_OPTS=@INSTALL_OPTS@ + + + prefix=@prefix@ +@@ -51,10 +50,10 @@ devclean: distclean install: diff --git a/net-mgmt/nagios/files/patch-d97e03f32741a7d851826b03ed73ff4c9612a866 b/net-mgmt/nagios/files/patch-d97e03f32741a7d851826b03ed73ff4c9612a866 new file mode 100644 index 000000000000..899807abf978 --- /dev/null +++ b/net-mgmt/nagios/files/patch-d97e03f32741a7d851826b03ed73ff4c9612a866 @@ -0,0 +1,175 @@ +commit d97e03f32741a7d851826b03ed73ff4c9612a866 +Author: Eric Stanley <estanley@nagios.com> +Date: 2013-12-20 13:14:30 -0600 + + CGIs: Fixed minor vulnerability where a custom query could crash the CGI. + + Most CGIs previously incremented the input variable counter twice when + it encountered a long key value. This could cause the CGI to read past + the end of the list of CGI variables. This commit removes the second + increment, removing the possibility of reading past the end of the list + of CGI variables. + +diff --git ./cgi/avail.c ./cgi/avail.c +index 76afd86..64eaadc 100644 +--- ./cgi/avail.c ++++ ./cgi/avail.c +@@ -1096,7 +1096,6 @@ int process_cgivars(void) { + + /* do some basic length checking on the variable identifier to prevent buffer overflows */ + if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) { +- x++; + continue; + } + +diff --git ./cgi/cmd.c ./cgi/cmd.c +index fa6cf5a..50504eb 100644 +--- ./cgi/cmd.c ++++ ./cgi/cmd.c +@@ -311,7 +311,6 @@ int process_cgivars(void) { + + /* do some basic length checking on the variable identifier to prevent buffer overflows */ + if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) { +- x++; + continue; + } + +diff --git ./cgi/config.c ./cgi/config.c +index f061b0f..3360e70 100644 +--- ./cgi/config.c ++++ ./cgi/config.c +@@ -344,7 +344,6 @@ int process_cgivars(void) { + + /* do some basic length checking on the variable identifier to prevent buffer overflows */ + if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) { +- x++; + continue; + } + +diff --git ./cgi/extinfo.c ./cgi/extinfo.c +index 62a1b18..5113df4 100644 +--- ./cgi/extinfo.c ++++ ./cgi/extinfo.c +@@ -591,7 +591,6 @@ int process_cgivars(void) { + + /* do some basic length checking on the variable identifier to prevent buffer overflows */ + if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) { +- x++; + continue; + } + +diff --git ./cgi/histogram.c ./cgi/histogram.c +index 4616541..f6934d0 100644 +--- ./cgi/histogram.c ++++ ./cgi/histogram.c +@@ -1060,7 +1060,6 @@ int process_cgivars(void) { + + /* do some basic length checking on the variable identifier to prevent buffer overflows */ + if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) { +- x++; + continue; + } + +diff --git ./cgi/notifications.c ./cgi/notifications.c +index 8ba11c1..461ae84 100644 +--- ./cgi/notifications.c ++++ ./cgi/notifications.c +@@ -327,7 +327,6 @@ int process_cgivars(void) { + + /* do some basic length checking on the variable identifier to prevent buffer overflows */ + if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) { +- x++; + continue; + } + +diff --git ./cgi/outages.c ./cgi/outages.c +index 426ede6..cb58dee 100644 +--- ./cgi/outages.c ++++ ./cgi/outages.c +@@ -225,7 +225,6 @@ int process_cgivars(void) { + + /* do some basic length checking on the variable identifier to prevent buffer overflows */ + if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) { +- x++; + continue; + } + +diff --git ./cgi/status.c ./cgi/status.c +index 3253340..4ec1c92 100644 +--- ./cgi/status.c ++++ ./cgi/status.c +@@ -567,7 +567,6 @@ int process_cgivars(void) { + + /* do some basic length checking on the variable identifier to prevent buffer overflows */ + if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) { +- x++; + continue; + } + +diff --git ./cgi/statusmap.c ./cgi/statusmap.c +index ea48368..2580ae5 100644 +--- ./cgi/statusmap.c ++++ ./cgi/statusmap.c +@@ -400,7 +400,6 @@ int process_cgivars(void) { + + /* do some basic length checking on the variable identifier to prevent buffer overflows */ + if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) { +- x++; + continue; + } + +diff --git ./cgi/statuswml.c ./cgi/statuswml.c +index bd8cea2..d25abef 100644 +--- ./cgi/statuswml.c ++++ ./cgi/statuswml.c +@@ -226,8 +226,13 @@ int process_cgivars(void) { + + for(x = 0; variables[x] != NULL; x++) { + ++ /* do some basic length checking on the variable identifier to prevent buffer overflows */ ++ if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) { ++ continue; ++ } ++ + /* we found the hostgroup argument */ +- if(!strcmp(variables[x], "hostgroup")) { ++ else if(!strcmp(variables[x], "hostgroup")) { + display_type = DISPLAY_HOSTGROUP; + x++; + if(variables[x] == NULL) { +diff --git ./cgi/summary.c ./cgi/summary.c +index 126ce5e..749a02c 100644 +--- ./cgi/summary.c ++++ ./cgi/summary.c +@@ -725,7 +725,6 @@ int process_cgivars(void) { + + /* do some basic length checking on the variable identifier to prevent buffer overflows */ + if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) { +- x++; + continue; + } + +diff --git ./cgi/trends.c ./cgi/trends.c +index b35c18e..895db01 100644 +--- ./cgi/trends.c ++++ ./cgi/trends.c +@@ -1263,7 +1263,6 @@ int process_cgivars(void) { + + /* do some basic length checking on the variable identifier to prevent buffer overflows */ + if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) { +- x++; + continue; + } + +diff --git ./contrib/daemonchk.c ./contrib/daemonchk.c +index 78716e5..9bb6c4b 100644 +--- ./contrib/daemonchk.c ++++ ./contrib/daemonchk.c +@@ -174,7 +174,6 @@ static int process_cgivars(void) { + + /* do some basic length checking on the variable identifier to prevent buffer overflows */ + if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) { +- x++; + continue; + } + } diff --git a/net-mgmt/nagios/files/patch-html-Makefile.in b/net-mgmt/nagios/files/patch-html__Makefile.in index 98c9c3f9c75d..c52e2a4c2379 100644 --- a/net-mgmt/nagios/files/patch-html-Makefile.in +++ b/net-mgmt/nagios/files/patch-html__Makefile.in @@ -1,6 +1,15 @@ ---- html/Makefile.in.orig 2012-02-14 07:10:42.000000000 +1030 -+++ html/Makefile.in 2012-05-21 21:34:09.000000000 +0930 -@@ -34,55 +34,55 @@ +--- ./html/Makefile.in.orig 2013-08-30 19:46:14.000000000 +0200 ++++ ./html/Makefile.in 2014-01-14 13:57:06.000000000 +0100 +@@ -10,8 +10,6 @@ + CGIDIR=@sbindir@ + HTMLDIR=@datadir@ + INSTALL=@INSTALL@ +-INSTALL_OPTS=@INSTALL_OPTS@ +-COMMAND_OPTS=@COMMAND_OPTS@ + + CP=@CP@ + +@@ -34,55 +32,55 @@ devclean: distclean install: diff --git a/net-mgmt/nagios/files/patch-html-index.php b/net-mgmt/nagios/files/patch-html__index.php index 9aabcad3923b..aed29849d62d 100644 --- a/net-mgmt/nagios/files/patch-html-index.php +++ b/net-mgmt/nagios/files/patch-html__index.php @@ -1,6 +1,6 @@ ---- html/index.php.orig 2013-08-30 21:46:14.000000000 +0400 -+++ html/index.php 2013-12-27 15:56:06.000000000 +0400 -@@ -8,6 +8,7 @@ +--- ./html/index.php.orig 2013-08-30 19:46:14.000000000 +0200 ++++ ./html/index.php 2014-01-14 13:57:06.000000000 +0100 +@@ -8,8 +8,9 @@ </head> <?php diff --git a/net-mgmt/nagios/files/patch-html-main.php b/net-mgmt/nagios/files/patch-html__main.php index dd84b74fa75d..167c411d3fe6 100644 --- a/net-mgmt/nagios/files/patch-html-main.php +++ b/net-mgmt/nagios/files/patch-html__main.php @@ -1,5 +1,5 @@ ---- html/main.php.orig 2013-08-30 21:46:14.000000000 +0400 -+++ html/main.php 2013-09-16 17:35:29.000000000 +0400 +--- ./html/main.php.orig 2013-08-30 19:46:14.000000000 +0200 ++++ ./html/main.php 2014-01-14 13:57:06.000000000 +0100 @@ -40,36 +40,10 @@ <div class="product">Nagios<sup><span style="font-size: small;">®</span></sup> Core<sup><span style="font-size: small;">™</span></sup></div> <div class="version">Version 3.5.1</div> diff --git a/net-mgmt/nagios/files/patch-include-locations.h.in b/net-mgmt/nagios/files/patch-include__locations.h.in index a8bffb11bcc0..048e909ded51 100644 --- a/net-mgmt/nagios/files/patch-include-locations.h.in +++ b/net-mgmt/nagios/files/patch-include__locations.h.in @@ -1,5 +1,5 @@ ---- include/locations.h.in.orig Tue May 1 08:15:57 2007 -+++ include/locations.h.in Fri Jul 20 15:52:49 2007 +--- ./include/locations.h.in.orig 2013-08-30 19:46:14.000000000 +0200 ++++ ./include/locations.h.in 2014-01-14 13:57:06.000000000 +0100 @@ -20,7 +20,7 @@ #define DEFAULT_TEMP_FILE "@localstatedir@/tempfile" diff --git a/net-mgmt/nagios/files/patch-sample-config-cgi.cfg.in b/net-mgmt/nagios/files/patch-sample-config__cgi.cfg.in index 771b6ddbb663..1e2bda2bfee6 100644 --- a/net-mgmt/nagios/files/patch-sample-config-cgi.cfg.in +++ b/net-mgmt/nagios/files/patch-sample-config__cgi.cfg.in @@ -1,6 +1,6 @@ ---- sample-config/cgi.cfg.in.orig 2007-10-08 05:12:52.000000000 +0930 -+++ sample-config/cgi.cfg.in 2008-10-23 10:31:31.000000000 +1030 -@@ -229,7 +229,7 @@ +--- ./sample-config/cgi.cfg.in.orig 2013-08-30 19:46:14.000000000 +0200 ++++ ./sample-config/cgi.cfg.in 2014-01-14 13:57:06.000000000 +0100 +@@ -264,7 +264,7 @@ # OS and distribution, so you may have to tweak this to # work on your system. diff --git a/net-mgmt/nagios/files/patch-sample-config-nagios.cfg.in b/net-mgmt/nagios/files/patch-sample-config__nagios.cfg.in index e2d462451438..fce7f008ea8a 100644 --- a/net-mgmt/nagios/files/patch-sample-config-nagios.cfg.in +++ b/net-mgmt/nagios/files/patch-sample-config__nagios.cfg.in @@ -1,5 +1,5 @@ ---- sample-config/nagios.cfg.in.orig 2008-11-03 05:21:30.000000000 +1030 -+++ sample-config/nagios.cfg.in 2008-11-05 15:17:25.000000000 +1030 +--- ./sample-config/nagios.cfg.in.orig 2013-08-30 19:46:14.000000000 +0200 ++++ ./sample-config/nagios.cfg.in 2014-01-14 13:57:06.000000000 +0100 @@ -32,7 +32,7 @@ cfg_file=@sysconfdir@/objects/timeperiods.cfg cfg_file=@sysconfdir@/objects/templates.cfg diff --git a/net-mgmt/nagios/files/patch-sample-config-template-object-localhost.cfg.in b/net-mgmt/nagios/files/patch-sample-config__template-object__localhost.cfg.in index 3a9a5b6cab7c..7d70490dc71e 100644 --- a/net-mgmt/nagios/files/patch-sample-config-template-object-localhost.cfg.in +++ b/net-mgmt/nagios/files/patch-sample-config__template-object__localhost.cfg.in @@ -1,5 +1,5 @@ ---- sample-config/template-object/localhost.cfg.in.orig Sun Jun 10 02:13:05 2007 -+++ sample-config/template-object/localhost.cfg.in Fri Jul 20 13:46:46 2007 +--- ./sample-config/template-object/localhost.cfg.in.orig 2013-08-30 19:46:14.000000000 +0200 ++++ ./sample-config/template-object/localhost.cfg.in 2014-01-14 13:57:06.000000000 +0100 @@ -5,7 +5,7 @@ # # NOTE: This config file is intended to serve as an *extremely* simple diff --git a/net-mgmt/nagios/files/patch-sample-config-template-object-templates.cfg.in b/net-mgmt/nagios/files/patch-sample-config__template-object__templates.cfg.in index 280be54aed9b..2408561796ae 100644 --- a/net-mgmt/nagios/files/patch-sample-config-template-object-templates.cfg.in +++ b/net-mgmt/nagios/files/patch-sample-config__template-object__templates.cfg.in @@ -1,5 +1,5 @@ ---- sample-config/template-object/templates.cfg.in.orig Fri Jul 20 13:46:57 2007 -+++ sample-config/template-object/templates.cfg.in Fri Jul 20 13:47:52 2007 +--- ./sample-config/template-object/templates.cfg.in.orig 2013-08-30 19:46:14.000000000 +0200 ++++ ./sample-config/template-object/templates.cfg.in 2014-01-14 13:57:06.000000000 +0100 @@ -63,17 +63,17 @@ } |