rpms/ntop/F-10 ntop-http_c.patch,NONE,1.1 ntop.spec,1.3,1.4

Rakesh Pandit rakesh at fedoraproject.org
Tue Mar 17 08:59:47 UTC 2009 

Author: rakesh

Update of /cvs/pkgs/rpms/ntop/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv2357

Modified Files:
	ntop.spec 
Added Files:
	ntop-http_c.patch 
Log Message:
Fixed world writable accesslog (#490561) - security bug

ntop-http_c.patch:

--- NEW FILE ntop-http_c.patch ---
--- ntop-3.3.9.org/http.c	2009-03-16 23:58:33.000000000 +0530
+++ ntop-3.3.9/http.c	2009-03-16 23:59:39.000000000 +0530
@@ -1341,6 +1341,7 @@
 void initAccessLog(void) {
 
   if(myGlobals.runningPref.accessLogFile) {
+    umask(0137);
     myGlobals.accessLogFd = fopen(myGlobals.runningPref.accessLogFile, "a");
     if(myGlobals.accessLogFd == NULL) {
       traceEvent(CONST_TRACE_ERROR, "Unable to create file %s. Access log is disabled.",


Index: ntop.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ntop/F-10/ntop.spec,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- ntop.spec	3 Mar 2009 09:19:44 -0000	1.3
+++ ntop.spec	17 Mar 2009 08:59:17 -0000	1.4
@@ -1,6 +1,6 @@
 Name:           ntop
 Version:        3.3.8
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        A network traffic probe similar to the UNIX top command
 Group:          Applications/Internet
 License:        GPLv2
@@ -12,6 +12,7 @@
 Patch2:         ntop-running-user.patch
 Patch3:         ntop-dbfile-default-dir.patch
 Patch4:         ntop-enable-sslv3.patch
+Patch5:         ntop-http_c.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:  autoconf, automake, pkgconfig, libtool, groff, libpcap-devel
 BuildRequires:  gdbm-devel, gd-devel, rrdtool-devel, openssl-devel
@@ -58,6 +59,7 @@
 %patch2 -p1 -b .user
 %patch3 -p1 -b .dbfile-default-dir
 %patch4 -p1 -b .sslv3
+%patch5 -p1 -b .http_c
 
 
 %build
@@ -176,6 +178,9 @@
 %{_localstatedir}/lib/ntop/rrd
 
 %changelog
+* Tue Mar 17 2009 Rakesh Pandit <rakesh at fedoraproject.org> - 3.3.8-3
+- Fixed world writable accesslog (#490561) - security bug
+
 * Tue Mar 03 2009 Peter Vrabec <pvrabec at redhat.com> - 3.3.8-2
 - invalid certificate fix (#486725)

More information about the fedora-extras-commits mailing list