SECURITY UPDATE of collectd to 4.10.2, among the regular bugfixes is a fix

for SA42393, collectd "cu_rrd_create_file()" Denial of Service Vulnerability. ok landry@
2010-11-29 20:20:41 +00:00 · 2010-11-29 20:20:41 +00:00 · 5b965fc5da
commit 5b965fc5da
parent 464510bce3
4 changed files with 16 additions and 16 deletions
--- a/sysutils/collectd/Makefile
+++ b/sysutils/collectd/Makefile
@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.8 2010/11/20 17:22:40 espie Exp $
+# $OpenBSD: Makefile,v 1.9 2010/11/29 20:20:41 jasper Exp $

 COMMENT-main =		system metrics collection engine
 COMMENT-mysql =		collectd mysql plugin
@ -6,7 +6,7 @@ COMMENT-pgsql =		collectd postgresql plugin
 COMMENT-rrdtool =	collectd rrdtool plugin
 COMMENT-snmp =		collectd snmp plugin

-V =			4.10.1
+V =			4.10.2
 DISTNAME =		collectd-$V
 PKGNAME-main =		collectd-$V
 PKGNAME-mysql =		collectd-mysql-$V
--- a/sysutils/collectd/distinfo
+++ b/sysutils/collectd/distinfo
@ -1,5 +1,5 @@
-MD5 (collectd-4.10.1.tar.gz) = r1ErAHh6ZYl8lRl2QdGkyw==
-RMD160 (collectd-4.10.1.tar.gz) = tJusYPcKlKsO9OvzO9JN5MLa1Fo=
-SHA1 (collectd-4.10.1.tar.gz) = 5RZ7mtNJ3ld4xGVvislCcUYaW8Y=
-SHA256 (collectd-4.10.1.tar.gz) = 2SPGI9Gg3sJwrrbYlFe9uyMtxz+F5C6JVnDiWmFuPB8=
-SIZE (collectd-4.10.1.tar.gz) = 1732940
+MD5 (collectd-4.10.2.tar.gz) = EJHvuQ5NWTfjpzb8kwncBw==
+RMD160 (collectd-4.10.2.tar.gz) = dDs8tBuZ3lUeuVrll9Eb7rNsrBI=
+SHA1 (collectd-4.10.2.tar.gz) = QWO+PeT19yNOykOiOyIFx5Mbpvc=
+SHA256 (collectd-4.10.2.tar.gz) = N9bE3kP7dbcbiXV00YciocNlg7ep4X6+X7Fagm8vj+4=
+SIZE (collectd-4.10.2.tar.gz) = 1736547
--- a/sysutils/collectd/patches/patch-configure
+++ b/sysutils/collectd/patches/patch-configure
@ -1,7 +1,7 @@
-$OpenBSD: patch-configure,v 1.2 2010/09/07 11:12:05 landry Exp $
--- configure.orig	Fri Jul  9 12:02:17 2010
-+++ configure	Thu Aug  5 13:07:16 2010
-@@ -11709,7 +11709,7 @@ LTDLOPEN=`eval "\\$ECHO \"$libname_spec\""`
+$OpenBSD: patch-configure,v 1.3 2010/11/29 20:20:41 jasper Exp $
+--- configure.orig	Sat Nov 27 11:10:52 2010
+++ configure	Mon Nov 29 20:20:38 2010
+@@ -11718,7 +11718,7 @@ LTDLOPEN=`eval "\\$ECHO \"$libname_spec\""`
 
 
 
@ -10,7 +10,7 @@ $OpenBSD: patch-configure,v 1.2 2010/09/07 11:12:05 landry Exp $
 
 
 
-@@ -15451,7 +15451,7 @@ SAVE_CFLAGS="$CFLAGS"
+@@ -15457,7 +15457,7 @@ SAVE_CFLAGS="$CFLAGS"
 # Emulate behavior of src/Makefile.am
 if test "x$GCC" = "xyes"
 then
@ -19,7 +19,7 @@ $OpenBSD: patch-configure,v 1.2 2010/09/07 11:12:05 landry Exp $
 fi
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking for strtok_r" >&5
-@@ -20750,7 +20750,7 @@ then
+@@ -20752,7 +20752,7 @@ then
 	SAVE_LDFLAGS="$LDFLAGS"
 	# trigger an error if Perl_load_module*() uses __attribute__nonnull__(3)
 	# (see issues #41 and #42)
--- a/sysutils/collectd/pkg/PLIST-main
+++ b/sysutils/collectd/pkg/PLIST-main
@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST-main,v 1.3 2010/06/29 20:17:18 landry Exp $
+@comment $OpenBSD: PLIST-main,v 1.4 2010/11/29 20:20:41 jasper Exp $
@newgroup _collectd:652
@newuser _collectd:652:652:daemon:Collectd Daemon:/var/empty:/sbin/nologin
@bin bin/collectd-nagios
@ -102,8 +102,8 @@ lib/collectd/write_http.so
@lib lib/libcollectdclient.so.${LIBcollectdclient_VERSION}
 lib/pkgconfig/libcollectdclient.pc
@comment libdata/perl5/${MACHINE_ARCH}-openbsd/
-@comment libdata/perl5/${MACHINE_ARCH}-openbsd/5.10.1/
-@comment libdata/perl5/${MACHINE_ARCH}-openbsd/5.10.1/perllocal.pod
+@comment libdata/perl5/${MACHINE_ARCH}-openbsd/5.12.2/
+@comment libdata/perl5/${MACHINE_ARCH}-openbsd/5.12.2/perllocal.pod
 libdata/perl5/site_perl/Collectd/
 libdata/perl5/site_perl/Collectd.pm
 libdata/perl5/site_perl/Collectd/Plugins/