rpms/ipsec-tools/F-8 ipsec-tools-0.7-contextsize.patch, NONE, 1.1 ipsec-tools.spec, 1.45, 1.46
Steve Conklin (sconklin)
fedora-extras-commits at redhat.com
Wed Dec 19 00:10:51 UTC 2007
- Previous message (by thread): rpms/gtksourceview-sharp/devel .cvsignore, 1.2, 1.3 gtksourceview-sharp.spec, 1.12, 1.13 sources, 1.2, 1.3
- Next message (by thread): rpms/sugar/OLPC-2 .cvsignore, 1.90, 1.91 sources, 1.99, 1.100 sugar.spec, 1.115, 1.116
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: sconklin
Update of /cvs/pkgs/rpms/ipsec-tools/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22386
Modified Files:
ipsec-tools.spec
Added Files:
ipsec-tools-0.7-contextsize.patch
Log Message:
Added patch to change context size.
See BZ 413331 racoon dies with buffer overflow in MCS/MLS loopback
ipsec-tools-0.7-contextsize.patch:
--- NEW FILE ipsec-tools-0.7-contextsize.patch ---
diff -Nurp ipsec-tools-0.7.orig/src/racoon/policy.h ipsec-tools-0.7/src/racoon/policy.h
--- ipsec-tools-0.7.orig/src/racoon/policy.h 2007-06-07 15:34:19.000000000 -0500
+++ ipsec-tools-0.7/src/racoon/policy.h 2007-12-05 22:19:51.000000000 -0600
@@ -38,7 +38,7 @@
#ifdef HAVE_SECCTX
-#define MAX_CTXSTR_SIZE 50
+#define MAX_CTXSTR_SIZE 3344 /* (6 * 512) + 256 + 16 */
struct security_ctx {
u_int8_t ctx_doi; /* Security Context DOI */
u_int8_t ctx_alg; /* Security Context Algorithm */
Index: ipsec-tools.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ipsec-tools/F-8/ipsec-tools.spec,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -r1.45 -r1.46
--- ipsec-tools.spec 20 Sep 2007 16:42:06 -0000 1.45
+++ ipsec-tools.spec 19 Dec 2007 00:10:18 -0000 1.46
@@ -1,6 +1,6 @@
Name: ipsec-tools
Version: 0.7
-Release: 3%{?dist}
+Release: 4%{?dist}
Summary: Tools for configuring and using IPSEC
License: BSD
Group: System Environment/Base
@@ -17,6 +17,8 @@
# the following three patches were also submitted upstream:
Patch5: ipsec-tools-0.7-iface.patch
Patch6: ipsec-tools-0.7-dupsplit.patch
+# and this one
+Patch7: ipsec-tools-0.7-contextsize.patch
BuildRequires: openssl-devel, krb5-devel, bison, flex, automake, libtool
BuildRequires: libselinux-devel >= 1.30.28-2
@@ -40,6 +42,7 @@
%patch4 -p1 -b .loopback
%patch5 -p1 -b .iface
%patch6 -p1 -b .dupsplit
+%patch7 -p1 -b .ctxsize
./bootstrap
@@ -116,6 +119,10 @@
%config(noreplace) /etc/racoon/racoon.conf
%changelog
+* Tue Dec 18 2007 Steve Conklin <sconklin at redhat.com> - 0.7-4
+- Added context size patch
+- Resolves: #413331 racoon dies with buffer overflow in MCS/MLS loopback
+
* Thu Sep 20 2007 Steve Conklin <sconklin at redhat.com> - 0.7-3
- Applied the following patches from Gabriel Somlo
- Patches for connecting to Cisco ASA in remote-access (road-warrior) mode
- Previous message (by thread): rpms/gtksourceview-sharp/devel .cvsignore, 1.2, 1.3 gtksourceview-sharp.spec, 1.12, 1.13 sources, 1.2, 1.3
- Next message (by thread): rpms/sugar/OLPC-2 .cvsignore, 1.90, 1.91 sources, 1.99, 1.100 sugar.spec, 1.115, 1.116
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list