See URL for a detailed ChangeLog. Reproducible: Always Steps to Reproduce:
Reassigning to net-irc herd.
Notable improvement is upgrading of the packaged c-ares. Even though it's still bad that it compiles c-ares in, it isn't the c-ares-1.4.* addressed in bug 254966 and bug 251464. So I think this bug deserves security-prompted promotion.
Please note that the latest version is now 3.2.8.1 due to a security issue.
Created attachment 188420 [details] unrealircd-3.2.8.1.ebuild - added both patches that linking the binary against the tre and c-ares system libary - added more use flags that are available through ./configure # topicisnuhost Display nick!user@host as the topic setter # shunnotices Notify a user when he/she is no longer shunned # no-operoverride Disable OperOverride # disableusermod Disable /set* and /chg* # operoverride-verify Require opers to invite themselves to +s/+p channels # nospoof Enable spoofing protection - planned the "static" use flag - minor updates of function using in the ebuild (e.g.: use_enable, use_with) - cleanup RDEPEND and DEPEND variables - mark as unstable on all platforms
Created attachment 188422 [details, diff] unrealircd-system-tre.patch
Created attachment 188424 [details, diff] unrealircd-system-cares.patch
Created attachment 188426 [details] unrealircd-3.2.8.1.ebuild Sry. Forgot to save the file in the editor before uploading them here. So some minor changes was missing (e.g.: mark unstable on all platforms)
(In reply to comment #3) > Please note that the latest version is now 3.2.8.1 due to a security issue. Please also note that all versions of UnrealIRCD from ``3.2beta11'' through 3.2.8 are affected. This includes net-irc/unrealircd-3.2.7 in Portage now. When the server runs with the allow::options::noident flag, anyone with an overlong username can SEGFAULT the IRCD by having an overlong IRC username. See http://forums.unrealircd.com/viewtopic.php?t=6204 for the UnrealIRCD project's security announcement. I think this is a compelling reason to bump unrealircd and ``punt'' the old versions.
Created attachment 188507 [details] hopefully improved unrealircd-3.2.8.1.ebuild (In reply to comment #7) > Created an attachment (id=188426) [edit] > unrealircd-3.2.8.1.ebuild > > Sry. Forgot to save the file in the editor before uploading them here. So some > minor changes was missing (e.g.: mark unstable on all platforms) > When the user builds without USE="curl", --disable-curl is passed to ./configure. UnrealIRCD's buildscripts can't handle that: ``./configure: line 12962: no/bin/curl-config: No such file or directory ./configure: line 12963: no/bin/curl-config: No such file or directory'' This problem effects almost every configurable part of UnrealIRCD. For all other features where there is an --enable-feature, passing configure --disable-feature acts the same as passing --disable-feature. My ebuild doesn't use --disable-* (reverting back to the style of unrealircd-3.2.7). It also fixes some of the other problems I think exist. sed was removed from RDEPEND because it's not a runtime dependency -- it should only be in DEPEND. UnrealIRCD runs fine for me with >=net-dns/c-ares-1.5.3. I don't think there are changes in c-ares's API that would require stabilizing c-ares-1.6.0 just for unrealircd. See http://cool.haxx.se/cvs.cgi/curl/ares/RELEASE-NOTES?rev=1.24&only_with_tag=cares-1_6_0&content-type=text/vnd.viewcvs-markup I upgraded the ebuild to EAPI="2" so that it can depend on useflag for "net-misc/curl[ares,-ipv6]". However, I'm not sure if curl needs the ares useflag set for unrealircd to run - it seems to compile fine on my machine though I don't use the remote includes feature. I also set some defaults in IUSE to match the defaults of UnrealIRCD's ./Config script.
(In reply to comment #9) > Created an attachment (id=188507) [edit] I'm sorry for the mistakes in my previous comment. > When the user builds without USE="curl", --disable-curl is passed to I should have said ``with USE="-curl"'' > ./configure. UnrealIRCD's buildscripts can't handle that: > ``./configure: line 12962: no/bin/curl-config: No such file or directory > ./configure: line 12963: no/bin/curl-config: No such file or directory'' > This problem effects almost every configurable part of UnrealIRCD. For all > other features where there is an --enable-feature, passing configure > --disable-feature acts the same as passing --disable-feature. My ebuild doesn't I should have said ``--disable-feature acts the same as passing --enable-feature''. Thus, the ebuild should only pass --enable-feature and never --disable-feature > use --disable-* (reverting back to the style of unrealircd-3.2.7). It also > fixes some of the other problems I think exist. > > sed was removed from RDEPEND because it's not a runtime dependency -- it should > only be in DEPEND. > > I upgraded the ebuild to EAPI="2" so that it can depend on useflag for > "net-misc/curl[ares,-ipv6]". However, I'm not sure if curl needs the ares > useflag set for unrealircd to run - it seems to compile fine on my machine > though I don't use the remote includes feature. I also set some defaults in > IUSE to match the defaults of UnrealIRCD's ./Config script. > I am running an unrealircd linked to a libcurl that doesn't have ares support (AFAIK), so I think the RDEPEND="net-misc/curl[ares,-ipv6]" could just be DEPEND="net-misc/curl"
please, add RESTRICT="mirror" in ebuild.
(In reply to comment #11) > please, add RESTRICT="mirror" in ebuild. Why is this needed?
Created attachment 188632 [details] suggested metadata.xml describing new useflags
Created attachment 188703 [details, diff] unrealircd-3.2.8.1.ebuild.patch Hi, this is a patch for attachment http://bugs.gentoo.org/attachment.cgi?id=188507. This is the unrealircd-3.2.8.1.ebuild file from Nathan Brink. The patch fix the configure arguments for the two use flags.
Created attachment 188705 [details] updated unrealircd-3.2.8.1.ebuild Thanks for pointing out my incorrect --enable- flags, j0inty. This applies j0inty's patch and also removes the dependence on libcurl's cares useflag, as adding cares to libcurl doesn't change curl's API.
3.2.8.1 with required QA touches added to main tree. Removed the old affected version. Security please procedd. As sidenote this is pure QA non-maintainer commit, since we try to lower QA breakages in main tree. Cheers
Thanks everyone for your work. Arches, please test and mark stable: =net-irc/unrealircd-3.2.8.1 Target keywords : "ppc sparc x86" Please proceed quickly, the old ebuild with stable keywords has accidentally been removed.
16 Nov 2009; Robert Buchholz <rbu@gentoo.org> +unrealircd-3.2.7-r2.ebuild: Re-add old stable until the new one is stable
Hi, We are using the unrealircd-3.2.8.1 for month now, without any problems yet. We had it installed on serveral x86 and x86-64 machines here for our irc network with ssl and zip support for the server communication and ssl client support. If you need more informations about system configuration let it me know. regards j0inty
x86 stable
I should add: Thanks Steffen for the feedback.
Created attachment 210745 [details, diff] unrealircd.rc-correct-pidfile-handling.patch Hi, In the past I noticed that the init script doesn't work very well and everytime you try to restart the daemon you have to stop, zap and start them. So today I modified the old initscript to working with the pidfile, setted by the installation process through the ebuild, and handling the start/stop/reload and restart processes correctly. Please check the patch for errors or QA missings and add the new init.d script to the tree. regards j0inty
ppc stable
sparc stable
GLSA together with bug 323965. CVE is requested on oss-sec. GLSA will be sent w/o reference and updated later due to the severity of the #323965 issue.
(In reply to comment #25) > GLSA together with bug 323965. Correction: bug 323691
GLSA 201006-21
*** Bug 325547 has been marked as a duplicate of this bug. ***