Changes - j0ke.net Open Build Service

Changes of Revision 10

[-] [+]	Changed	pimd.spec
@@ -1,5 +1,5 @@ Name: pimd -Version: 2.1.6 +Version: 2.1.7 Release: 1 Url: http://github.com/troglobit/pimd License: see LICENSE file @@ -34,6 +34,9 @@ %{_mandir}/man8/pimd.8* %changelog +* Sun Jan 09 2011 Carsten Schoene <cs@linux-administrator.com> - 2.1.7-1 +- dupate to release 2.1.7 + * Sun Jan 09 2011 Carsten Schoene <cs@linux-administrator.com> - 2.1.6-1 - update to release 2.1.6
[-] [+]	Changed	pimd-2.1.7.tar.bz2/ChangeLog ^
@@ -1,6 +1,29 @@ #+TITLE: pimd \| Change Log #+AUTHOR: Ahmed Helmy, George Edmond Eddy, Pavlin Ivanov Radoslavov +* Version 2.1.7: January 9, 2011 +** Changes & New Features + - The previous move of runtime dump files to /var/lib/misc have been changed to + /var/run/pimd instead. This to accomodate BSD systems that do not have the + /var/lib tree, and also recommended in the Filesystem Hierarchy Standard, + http://www.pathname.com/fhs/pub/fhs-2.3.html#VARRUNRUNTIMEVARIABLEDATA + + Version 2.1.6: January 8, 2011 + Changes & New Features + - Debian package now conflicts with smcroute, in addition to mrouted. It is only + possible to run one multicast routing daemon at a time, kernel limitation. + + - The location of the dump file(s) have been moved from /var/tmp to /var/lib/misc + due to the insecure nature of /var/tmp. See more below. + + Bug Fixes + - kern.c:k_del_vif(): Fix build error on GNU/kFreeBSD + + - CVE-2011-0007: Insecure file creation in /var/tmp. "On USR1, pimd will write to + /var/tmp/pimd.dump a dump of the multicast route table. Since /var/tmp is + writable by any user, a user can create a symlink to any file he wants to destroy + with the content of the multicast routing table." + * Version 2.1.5: November 21, 2010 ** Changes & New Features - Improved error messages in kern.c
[-] [+]	Changed	pimd-2.1.7.tar.bz2/Makefile ^
@@ -17,7 +17,7 @@ # # VERSION ?= $(shell git tag -l \| tail -1) -VERSION ?= 2.1.6 +VERSION ?= 2.1.7 EXEC = pimd CONFIG = $(EXEC).conf PKG = $(EXEC)-$(VERSION)
[-] [+]	Changed	pimd-2.1.7.tar.bz2/debian/changelog ^
@@ -1,3 +1,10 @@ +pimd (2.1.6-1) unstable; urgency=low + + * New upstream version changing location of dump file(s) to + /var/lib/misc, CVE-2011-0007, Closes: Bug#609304 + + -- Antonin Kral <A.Kral@sh.cvut.cz> Sat, 08 Jan 2011 23:54:41 +0100 + pimd (2.1.5-4) unstable; urgency=low * Added oknodo to s-s-d in init.d script for stop action
[-] [+]	Changed	pimd-2.1.7.tar.bz2/main.c ^
@@ -44,7 +44,8 @@ #include "defs.h" #include <err.h> #include <getopt.h> -#include <paths.h> +#include <sys/stat.h> + #ifdef SNMP #include "snmp.h" #endif @@ -251,7 +252,7 @@ size_t i, j, k; struct debugname d; - fprintf(stderr, "Usage: %s [-fhN] [-c FILE] [-d [LEVEL][,LEVEL...]]\n\n", __progname); + fprintf(stderr, "Usage: %s [-fhlNqrv] [-c FILE] [-d [LEVEL][,LEVEL...]]\n\n", __progname); fputs(" -c, --config=FILE Configuration file to use, default /etc/pimd.conf\n", stderr); fputs(" -d, --debug[=LEVEL] Debug level, see below for valid levels\n", stderr); fputs(" -f, --foreground Run in foreground, do not detach from calling terminal\n", stderr); @@ -430,6 +431,14 @@ fprintf(stderr, ")\n"); } + / + * Create directory for runtime files + / + mkdir(_PATH_PIMD_RUNDIR, 0755); + + / + * Setup logging + / #ifdef LOG_DAEMON (void)openlog("pimd", LOG_PID, LOG_DAEMON); (void)setlogmask(LOG_UPTO(LOG_NOTICE)); @@ -521,7 +530,7 @@ #endif / SYSV / } / End of child process code */ - if (pidfile (NULL)) { + if (pidfile(NULL)) { warn("Cannot create pidfile"); }
[-] [+]	Changed	pimd-2.1.7.tar.bz2/pathnames.h ^
@@ -39,8 +39,11 @@ #ifndef __PIMD_PATHNAMES_H__ #define __PIMD_PATHNAMES_H__ +#include <paths.h> + #define _PATH_PIMD_CONF "/etc/pimd.conf" -#define _PATH_PIMD_DUMP "/var/lib/misc/pimd.dump" -#define _PATH_PIMD_CACHE "/var/lib/misc/pimd.cache" +#define _PATH_PIMD_RUNDIR _PATH_VARRUN "pimd" +#define _PATH_PIMD_DUMP _PATH_PIMD_RUNDIR "/pimd.dump" +#define _PATH_PIMD_CACHE _PATH_PIMD_RUNDIR "/pimd.cache" #endif /* __PIMD_PATHNAMES_H__ */
[-] [+]	Changed	pimd-2.1.7.tar.bz2/pimd.8 ^
@@ -327,12 +327,12 @@ The same as TERM. .It USR1 Dumps the internal state of VIFs and multicast routing tables to -.Pa /var/lib/misc/pimd.dump . +.Pa /var/run/pimd/pimd.dump . See also the --show-routes option above. .\" Not implemented yet, still TODO .\" .It USR2 .\" Dumps the internal cache tables to -.\" .Pa /var/lib/misc/pimd.cache . +.\" .Pa /var/run/pimd/pimd.cache . .\" Also not implemented yet, TODO .\" .It QUIT .\" Dumps the internal routing tables to stderr (only if @@ -346,10 +346,10 @@ .Pa /var/run/pimd.pid upon startup. .Sh FILES -.Bl -tag -width /var/lib/misc/pimd.cache -compact +.Bl -tag -width /var/run/pimd/pimd.cache -compact .It Pa /etc/pimd.conf -.\" .It Pa /var/lib/misc/pimd.cache -.It Pa /var/lib/misc/pimd.dump +.\" .It Pa /var/run/pimd/pimd.cache +.It Pa /var/run/pimd/pimd.dump .It Pa /var/run/pimd.pid .El .Sh SEE ALSO