This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via d536c178ec90fd95b7e793923a856b8dab8bcb52 (commit) via cc4816a1af40ee470fad90e0a7ec1655dc36367b (commit) from dcd60d274ef7245552ffd0c57c15995a220d13a2 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit d536c178ec90fd95b7e793923a856b8dab8bcb52 Author: Matthias Fischer matthias.fischer@ipfire.org Date: Wed Mar 7 19:19:04 2018 +0100
ntp: Update to 4.2.8p11
For details see: http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
"This release addresses five security issues in ntpd:
LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU#961909: Sybil vulnerability: ephemeral association attack While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. Reported by Matt Van Gundy of Cisco. INFO/MEDIUM: Sec 3412 / CVE-2018-7182 / VU#961909: ctl_getitem(): buffer read overrun leads to undefined behavior and information leak Reported by Yihan Lian of Qihoo 360. LOW: Sec 3415 / CVE-2018-7170 / VU#961909: Multiple authenticated ephemeral associations Reported on the questions@ list. LOW: Sec 3453 / CVE-2018-7184 / VU#961909: Interleaved symmetric mode cannot recover from bad state Reported by Miroslav Lichvar of Red Hat. LOW/MEDIUM: Sec 3454 / CVE-2018-7185 / VU#961909: Unauthenticated packet can reset authenticated interleaved association Reported by Miroslav Lichvar of Red Hat.
one security issue in ntpq:
MEDIUM: Sec 3414 / CVE-2018-7183 / VU#961909: ntpq:decodearr() can write beyond its buffer limit Reported by Michael Macnair of Thales-esecurity.com.
and provides over 33 bugfixes and 32 other improvements."
Best, Matthias
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
commit cc4816a1af40ee470fad90e0a7ec1655dc36367b Author: Matthias Fischer matthias.fischer@ipfire.org Date: Wed Mar 7 19:26:53 2018 +0100
clamav 0.99.4: removed gcc patch
Signed-off-by: Matthias Fischer matthias.fischer@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: lfs/clamav | 1 - lfs/ntp | 6 +- src/patches/clamav/clamav-0.99.3-gcc-6.patch | 84 ---------------------------- 3 files changed, 3 insertions(+), 88 deletions(-) delete mode 100644 src/patches/clamav/clamav-0.99.3-gcc-6.patch
Difference in files: diff --git a/lfs/clamav b/lfs/clamav index 957788aa0..748c2c371 100644 --- a/lfs/clamav +++ b/lfs/clamav @@ -82,7 +82,6 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/clamav/llvm-glibc.patch - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/clamav/clamav-0.99.3-gcc-6.patch cd $(DIR_APP) && ./configure \ --prefix=/usr \ --disable-zlib-vcheck \ diff --git a/lfs/ntp b/lfs/ntp index 1f1c5244d..9c5e772ac 100644 --- a/lfs/ntp +++ b/lfs/ntp @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2017 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2018 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@
include Config
-VER = 4.2.8p10 +VER = 4.2.8p11
THISAPP = ntp-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -40,7 +40,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 745384ed0dedb3f66b33fe84d66466f9 +$(DL_FILE)_MD5 = 00950ca2855579541896513e78295361
install : $(TARGET)
diff --git a/src/patches/clamav/clamav-0.99.3-gcc-6.patch b/src/patches/clamav/clamav-0.99.3-gcc-6.patch deleted file mode 100644 index 2031edbd3..000000000 --- a/src/patches/clamav/clamav-0.99.3-gcc-6.patch +++ /dev/null @@ -1,84 +0,0 @@ -diff --git a/libclamav/c++/llvm/include/llvm/ADT/StringMap.h b/libclamav/c++/llvm/include/llvm/ADT/StringMap.h -index 59ff6aa..1325394 100644 ---- a/libclamav/c++/llvm/include/llvm/ADT/StringMap.h -+++ b/libclamav/c++/llvm/include/llvm/ADT/StringMap.h -@@ -169,3 +169,3 @@ public: - KeyLength+1; -- unsigned Alignment = alignof<StringMapEntry>(); -+ unsigned Alignment = alignOf<StringMapEntry>(); - -diff --git a/libclamav/c++/llvm/include/llvm/CodeGen/SlotIndexes.h b/libclamav/c++/llvm/include/llvm/CodeGen/SlotIndexes.h -index 88044c7..86b0f40 100644 ---- a/libclamav/c++/llvm/include/llvm/CodeGen/SlotIndexes.h -+++ b/libclamav/c++/llvm/include/llvm/CodeGen/SlotIndexes.h -@@ -417,3 +417,3 @@ namespace llvm { - ileAllocator.Allocate(sizeof(IndexListEntry), -- alignof<IndexListEntry>())); -+ alignOf<IndexListEntry>())); - -diff --git a/libclamav/c++/llvm/include/llvm/Support/AlignOf.h b/libclamav/c++/llvm/include/llvm/Support/AlignOf.h -index 6a7a1a6..979e597 100644 ---- a/libclamav/c++/llvm/include/llvm/Support/AlignOf.h -+++ b/libclamav/c++/llvm/include/llvm/Support/AlignOf.h -@@ -51,8 +51,8 @@ struct AlignOf { - --/// alignof - A templated function that returns the mininum alignment of -+/// alignOf - A templated function that returns the mininum alignment of - /// of a type. This provides no extra functionality beyond the AlignOf - /// class besides some cosmetic cleanliness. Example usage: --/// alignof<int>() returns the alignment of an int. -+/// alignOf<int>() returns the alignment of an int. - template <typename T> --static inline unsigned alignof() { return AlignOf<T>::Alignment; } -+static inline unsigned alignOf() { return AlignOf<T>::Alignment; } - -diff --git a/libclamav/c++/llvm/include/llvm/Support/Allocator.h b/libclamav/c++/llvm/include/llvm/Support/Allocator.h -index 4a7251f..17caf5e 100644 ---- a/libclamav/c++/llvm/include/llvm/Support/Allocator.h -+++ b/libclamav/c++/llvm/include/llvm/Support/Allocator.h -@@ -203,3 +203,3 @@ public: - for (char *Ptr = (char*)(Slab+1); Ptr < End; Ptr += sizeof(T)) { -- Ptr = Allocator.AlignPtr(Ptr, alignof<T>()); -+ Ptr = Allocator.AlignPtr(Ptr, alignOf<T>()); - if (Ptr + sizeof(T) <= End) -diff --git a/libclamav/c++/llvm/lib/Analysis/ScalarEvolution.cpp b/libclamav/c++/llvm/lib/Analysis/ScalarEvolution.cpp -index b892d85..dc72346 100644 ---- a/libclamav/c++/llvm/lib/Analysis/ScalarEvolution.cpp -+++ b/libclamav/c++/llvm/lib/Analysis/ScalarEvolution.cpp -@@ -495,3 +495,3 @@ void SCEVUnknown::print(raw_ostream &OS) const { - if (isAlignOf(AllocTy)) { -- OS << "alignof(" << *AllocTy << ")"; -+ OS << "alignOf(" << *AllocTy << ")"; - return; -diff --git a/libclamav/c++/llvm/lib/Target/X86/X86CodeEmitter.cpp b/libclamav/c++/llvm/lib/Target/X86/X86CodeEmitter.cpp -index 824021c..757ca50 100644 ---- a/libclamav/c++/llvm/lib/Target/X86/X86CodeEmitter.cpp -+++ b/libclamav/c++/llvm/lib/Target/X86/X86CodeEmitter.cpp -@@ -569,3 +569,3 @@ void Emitter<CodeEmitter>::emitMemModRMByte(const MachineInstr &MI, - // Calculate what the SS field value should be... -- static const unsigned SSTable[] = { ~0, 0, 1, ~0, 2, ~0, ~0, ~0, 3 }; -+ static const unsigned SSTable[] = { ~0u, 0u, 1u, ~0u, 2u, ~0u, ~0u, ~0u, 3u }; - unsigned SS = SSTable[Scale.getImm()]; -diff --git a/libclamav/c++/llvm/lib/Target/X86/X86MCCodeEmitter.cpp b/libclamav/c++/llvm/lib/Target/X86/X86MCCodeEmitter.cpp -index 9564fe0..b2b7986 100644 ---- a/libclamav/c++/llvm/lib/Target/X86/X86MCCodeEmitter.cpp -+++ b/libclamav/c++/llvm/lib/Target/X86/X86MCCodeEmitter.cpp -@@ -332,3 +332,3 @@ void X86MCCodeEmitter::EmitMemModRMByte(const MCInst &MI, unsigned Op, - // Calculate what the SS field value should be... -- static const unsigned SSTable[] = { ~0, 0, 1, ~0, 2, ~0, ~0, ~0, 3 }; -+ static const unsigned SSTable[] = { ~0u, 0u, 1u, ~0u, 2u, ~0u, ~0u, ~0u, 3u }; - unsigned SS = SSTable[Scale.getImm()]; -diff --git a/libclamav/mpool.c b/libclamav/mpool.c -index cd38e15..b5e537d 100644 ---- a/libclamav/mpool.c -+++ b/libclamav/mpool.c -@@ -417,3 +417,3 @@ static size_t from_bits(unsigned int bits) { - --static inline unsigned int alignof(size_t size) -+static inline unsigned int alignOf(size_t size) - { -@@ -609,3 +609,3 @@ static void* allocate_aligned(struct MPMAP *mpm, size_t size, unsigned align, co - void *mpool_malloc(struct MP *mp, size_t size) { -- size_t align = alignof(size); -+ size_t align = alignOf(size); - size_t i, needed = align_increase(size+FRAG_OVERHEAD, align);
hooks/post-receive -- IPFire 2.x development tree