Hi, psad includes a full version of whois 4.6.23 client it does not includes the gentoo-security patch ( see bug #24860 ) the gentoo patch fails whith "1 out of 13 hunks FAILED" probably not a big deal but it makes no sense to me to have two versions of whois installed psad might just depend on net-misc/whois, it does not seem to be patched specifically for psad if whois is removed from psad the ebuild just needs to remove the cd whois; make lines and add something like sed -i 's:whoisCmd /usr/bin/whois_psad;:whoisCmd /usr/bin/whois;:' psad.conf which makes psad use the right version. as a side note psad fails to build on uclibc beacause of the embedded whois client thanks Aur
Hi, psad includes a full version of whois 4.6.23 client it does not includes the gentoo-security patch ( see bug #24860 ) the gentoo patch fails whith "1 out of 13 hunks FAILED" probably not a big deal but it makes no sense to me to have two versions of whois installed psad might just depend on net-misc/whois, it does not seem to be patched specifically for psad if whois is removed from psad the ebuild just needs to remove the cd whois; make lines and add something like sed -i 's:whoisCmd /usr/bin/whois_psad;:whoisCmd /usr/bin/whois;:' psad.conf which makes psad use the right version. as a side note psad fails to build on uclibc beacause of the embedded whois client thanks Aurélien
battousai might be MIA according to solar/!seen and commits on cia can someone quickly verify this issue? if nobody has interest in this package, it could also just be p.masked in a while for now
(In reply to comment #1) > if nobody has interest in this package, it could also just be p.masked in a > while for now app-admin/bastille depends on it, it's a bit harsh to p.mask it ... it's easy to verify the issue (if it's the kind of verification you mean): ebuild /usr/portage/net-firewall/psad/psad-1.4.2.ebuild unpack ebuild /usr/portage/net-misc/whois/whois-4.7.19.ebuild diff /var/tmp/portage/psad-1.4.2/work/psad-1.4.2/whois/whois.c /var/tmp/portage/whois-4.7.12/work/whois-4.7.12/whois.c compare the diff to /usr/portage/net-misc/whois/files/whois-4.7.2-gentoo-security.patch you see that plenty of the < temp = malloc(strlen(query) + 5 + 2 + 1); --- > temp = xmalloc(strlen(query) + 5 + 2 + 1); and < strcat(qstring, " "); --- > strncat(qstring, " ", qslen-1); and more stuff from to the security patch are missing in the version embeded in psad. I think the best solution is to remove whois from the psad package. There is no point to keep duplicated code /functionnality ... Aurelien
Created attachment 103463 [details] psad-1.4.8.ebuild (I don't personaly use this software) I noticed our version was also lacking behind a few revisions from the upstream one. Please let me know if this solves the problem w/ respects to whois and still functions properly.
(In reply to comment #3) > Created an attachment (id=103463) [edit] > psad-1.4.8.ebuild > > (I don't personaly use this software) > i'm not really an user of this software either. It was a dependency of bastille that i just wanted to try quickly ... I have tried psad only in command line, not daemon mode. > one. Please let me know if this solves the problem w/ respects to whois and > still functions properly. it installs witout problem but it probably needs sed -i 's:whoisCmd /usr/bin/whois_psad;:whoisCmd /usr/bin/whois;:' psad.conf || die "fix_psad_conf failed" in the function fix_psad_conf() in the ebuild, although it seems to find it and produce correct alert messages without this fix ... a dependency to net-misc/whois is needed, it doesn't work witout it. Aur
(In reply to comment #3) > Created an attachment (id=103463) [edit] > psad-1.4.8.ebuild > > (I don't personaly use this software) > i'm not really an user of this software either. It was a dependency of bastille that i just wanted to try quickly ... I have tried psad only in command line, not daemon mode. > one. Please let me know if this solves the problem w/ respects to whois and > still functions properly. it installs witout problem but it probably needs sed -i 's:whoisCmd /usr/bin/whois_psad;:whoisCmd /usr/bin/whois;:' psad.conf || die "fix_psad_conf failed" in the function fix_psad_conf() in the ebuild, although it seems to find it and produce correct alert messages without this fix ... a dependency to net-misc/whois is needed, it doesn't work witout it. Aurélien
Created attachment 103498 [details] psad-1.4.8.ebuild updated ebuild including - dependency on net-misc/whois - fix pasd.conf to reflect the location of whois
Aur
Aurélien, Please attach an updated ebuild.
Skip the request for an updated ebuild.. You included one that I overlooked. 1.4.8 has uploaded to the tree.
Is this one ready for stable marking?
(In reply to comment #8) > Is this one ready for stable marking? No idea if it's ready to be marked stable or not (again I dont use this software).. But you probably want to have arch maintainers test it now.
Arches please test and mark psad-1.4.8 stable. Target keywords are: psad-1.4.8.ebuild:KEYWORDS="x86 amd64 ppc alpha ~sparc"
net-firewall/psad-1.4.8 1. emerges on x86 2. fails test suite: BEGIN failed--compilation aborted at /var/tmp/portage/psad-1.4.8/work/psad-1.4.8/IPTables-ChainMgr/blib/lib/IPTables/ChainMgr.pm line 24. Compilation failed in require at t/IPTables-ChainMgr.t line 5. BEGIN failed--compilation aborted at t/IPTables-ChainMgr.t line 5. dubious Test returned status 2 (wstat 512, 0x200) DIED. FAILED test 1 Failed 1/1 tests, 0.00% okay Failed Test Stat Wstat Total Fail Failed List of Failed ------------------------------------------------------------------------------- t/IPTables-ChainMgr.t 2 512 1 2 200.00% 1 Failed 1/1 test scripts, 0.00% okay. 1/1 subtests failed, 0.00% okay. make: *** [test_dynamic] Error 2 /usr/bin/gcc -Wall -O kmsgsd.c psad_funcs.c strlcpy.c strlcat.c -o kmsgsd /usr/bin/gcc -Wall -O psadwatchd.c psad_funcs.c strlcpy.c strlcat.c -o psadwatchd >>> Source compiled. 3. passes collision test 4. works Portage 2.1.1-r2 (default-linux/x86/2006.1/desktop, gcc-4.1.1, glibc-2.4-r4, 2.6.18.3 i686) ================================================================= System uname: 2.6.18.3 i686 Genuine Intel(R) CPU T2300 @ 1.66GHz Gentoo Base System version 1.12.6 Last Sync: Thu, 07 Dec 2006 17:30:01 +0000 ccache version 2.3 [disabled] app-admin/eselect-compiler: [Not Present] dev-java/java-config: 1.3.7, 2.0.30 dev-lang/python: 2.3.5-r3, 2.4.3-r4 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.3 dev-util/confcache: [Not Present] sys-apps/sandbox: 1.2.17 sys-devel/autoconf: 2.13, 2.60 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2 sys-devel/binutils: 2.16.1-r3 sys-devel/gcc-config: 1.3.13-r4 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17-r2 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O2 -march=prescott -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config /var/qmail/alias /var/qmail/control" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c" CXXFLAGS="-O2 -march=prescott -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" EMERGE_DEFAULT_OPTS="--nospinner" FEATURES="autoconfig collision-protect distlocks metadata-transfer parallel-fetch sandbox sfperms strict test userfetch userpriv usersandbox" GENTOO_MIRRORS="http://mirror.switch.ch/mirror/gentoo/ http://gentoo.inode.at/" LINGUAS="en de en_GB de_CH" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="x86 X a52 aac acpi alsa apache2 asf berkdb bitmap-fonts cairo cdr cdrom cli cracklib crypt cups dbus divx dlloader dri dts dvd dvdr dvdread eds elibc_glibc emboss encode fam ffmpeg firefox flac fortran gdbm gif gnome gpm gstreamer gtk hal iconv input_devices_keyboard input_devices_mouse ipv6 isdnlog java jpeg kde kdeenablefinal kernel_linux ldap libg++ linguas_de linguas_de_CH linguas_en linguas_en_GB mad mikmod mmx mono mp3 mpeg ncurses nls nptl nptlonly ogg opengl oss pam pcre perl png ppds pppd python qt3 qt4 quicktime readline reflection rtsp ruby samba sdl session smp spell spl sse sse2 sse3 ssl svg tcpd test tetex theora threads truetype truetype-fonts type1-fonts udev unicode userland_GNU vcd video_cards_fbdev video_cards_i810 video_cards_vesa vorbis win32codecs wxwindows x264 xine xml xorg xprint xv xvid zlib" Unset: CTARGET, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
* checking 93 files for package collisions existing file /usr/lib/perl5/5.8.8/i686-linux/perllocal.pod is not owned by this package [...] luna / # equery belongs /usr/lib/perl5/5.8.8/i686-linux/perllocal.pod [ Searching for file(s) /usr/lib/perl5/5.8.8/i686-linux/perllocal.pod in *... ] dev-perl/PerlQt-3.009_beta2 (/usr/lib/perl5/5.8.8/i686-linux/perllocal.pod)
Failing tests: Security is important, so this has to wait. File collision: phreak promised me to cope with it, so I stable on x86
(In reply to comment #13) > Failing tests: > Security is important, so this has to wait. > File collision: > phreak promised me to cope with it, so I stable on x86 Ned, you either need mcummings to add a fixlocalpod to the perl-app.eclass or inherit the perl-module eclass and add it yourself in src_install.
(In reply to comment #14) > Ned, you either need mcummings to add a fixlocalpod to the perl-app.eclass or > inherit the perl-module eclass and add it yourself in src_install. Added it to src_install for the time being, until I can get a hold of mcummings.
Modification added to perl-module.eclass and perl-app.eclass.
Bubye AMD64.. :'( *sob*
ppc stable
Alpha stable.
This one is ready for GLSA decision.
no reaction? I tend to vote No. This software is rarely used and the vulnerability is waayy old.
I vote NO.
Very few votes, but closing. Feel free to reopen if you disagree.
