--- tcpreen-1.4.3.orig/debian/watch +++ tcpreen-1.4.3/debian/watch @@ -0,0 +1,2 @@ +version=3 +http://sf.net/tcpreen/tcpreen-(.*)\.tar\.bz2 --- tcpreen-1.4.3.orig/debian/rules +++ tcpreen-1.4.3/debian/rules @@ -1,107 +1,7 @@ #!/usr/bin/make -f -# -*- makefile -*- -# Sample debian/rules that uses debhelper. -# GNU copyright 1997 to 1999 by Joey Hess. + +include /usr/share/cdbs/1/rules/debhelper.mk +include /usr/share/cdbs/1/class/autotools.mk +include /usr/share/cdbs/1/rules/patchsys-quilt.mk -# Uncomment this to turn on verbose mode. -#export DH_VERBOSE=1 - - -# These are used for cross-compiling and for saving the configure script -# from having to guess our platform (since we know it already) -DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) -DEB_BUILD_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_BUILD_GNU_TYPE) - - -CFLAGS = -Wall -g - -ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) - CFLAGS += -O0 -else - CFLAGS += -O2 -endif -ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) - INSTALL_PROGRAM += -s -endif - -config.status: configure - dh_testdir - # Add here commands to configure the package. - CFLAGS="$(CFLAGS)" ./configure --host=$(DEB_HOST_GNU_TYPE) --build=$(DEB_BUILD_GNU_TYPE) --prefix=/usr --mandir=\$${prefix}/share/man --infodir=\$${prefix}/share/info - - -build: build-stamp - -build-stamp: config.status - dh_testdir - - # Add here commands to compile the package. - $(MAKE) - #/usr/bin/docbook-to-man debian/tcpreen.sgml > tcpreen.1 - - touch build-stamp - -clean: - dh_testdir - dh_testroot - rm -f build-stamp - - # Add here commands to clean up after the build process. - -$(MAKE) distclean -ifneq "$(wildcard /usr/share/misc/config.sub)" "" - cp -f /usr/share/misc/config.sub config.sub -endif -ifneq "$(wildcard /usr/share/misc/config.guess)" "" - cp -f /usr/share/misc/config.guess config.guess -endif - - - dh_clean - -install: build - dh_testdir - dh_testroot - dh_clean -k - dh_installdirs - - # Add here commands to install the package into debian/tcpreen. - $(MAKE) install DESTDIR=$(CURDIR)/debian/tcpreen - - -# Build architecture-independent files here. -binary-indep: build install -# We have nothing to do by default. - -# Build architecture-dependent files here. -binary-arch: build install - dh_testdir - dh_testroot - dh_installchangelogs ChangeLog - dh_installdocs - dh_installexamples -# dh_install -# dh_installmenu -# dh_installdebconf -# dh_installlogrotate -# dh_installemacsen -# dh_installpam -# dh_installmime -# dh_installinit -# dh_installcron -# dh_installinfo - dh_installman - dh_link - dh_strip - dh_compress - dh_fixperms -# dh_perl -# dh_python -# dh_makeshlibs - dh_installdeb - dh_shlibdeps - dh_gencontrol - dh_md5sums - dh_builddeb - -binary: binary-indep binary-arch -.PHONY: build clean binary-indep binary-arch binary install +# Add here any variable or target overrides you need. --- tcpreen-1.4.3.orig/debian/dirs +++ tcpreen-1.4.3/debian/dirs @@ -0,0 +1 @@ +usr/bin --- tcpreen-1.4.3.orig/debian/compat +++ tcpreen-1.4.3/debian/compat @@ -1 +1 @@ -4 +5 --- tcpreen-1.4.3.orig/debian/copyright +++ tcpreen-1.4.3/debian/copyright @@ -1,20 +1,38 @@ -This package was debianized by Rémi Denis-Courmont on -Sun, 16 May 2004 11:34:15 +0200. +This package was debianized by Oliver Kurth on +Thu, 1 Aug 2002 12:25:47 +0200. -It was downloaded from: http://www.simphalempin.com/dev/tcpreen/ +It was downloaded from http://www.remlab.net/tcpreen/ -Upstream Author: Rémi Denis-Courmont +Upstream Author: + Rémi D. -Copyright (C) 2002-2004 Rémi Denis-Courmont. -This program is free software; you can redistribute and/or modify -it under the terms of the GNU General Public License as published -by the Free Software Foundation; version 2 of the license. +Copyright: + Copyright (C) 2002 Rémi Denis-Courmont. + +License: + + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this package; if not, write to the Free Software + Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + + You are highly encouraged to submit your modifications to + remi@simphalempin.com for possible inclusion in the official + distribution. By doing so, and unless otherwise stated, you give + Rémi Denis-Courmont an unlimited, non-exclusive right to modify, + reuse and/or relicense the code. -This program is distributed in the hope that it will be useful, -but WITHOUT ANY WARRANTY; without even the implied warranty of -MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. -See the GNU General Public License for more details. - -On Debian systems, the complete text of the GNU General Public -License can be found in the file `/usr/share/common-licenses/GPL'. +On Debian systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. +The Debian packaging is (C) 2007, Jose Carlos Medeiros and +is licensed under the GPL, see above. --- tcpreen-1.4.3.orig/debian/changelog +++ tcpreen-1.4.3/debian/changelog @@ -1,24 +1,69 @@ -tcpreen (1.4.3-1) unstable; urgency=low +tcpreen (1.4.3-3) unstable; urgency=low - * Sync with upstream. + * Converted patches to use quilt. + * Added quilt as build-dependence. + * Recreated lost 1.4.3-0.2 and 1.4.3-0.3 changelog information. - -- Rémi Denis-Courmont Fri, 17 Jun 2005 11:47:00 +0200 + -- Jose Carlos Medeiros Tue, 15 Jan 2008 16:20:18 -0200 -tcpreen (1.4.2-1) unstable; urgency=low +tcpreen (1.4.3-2) unstable; urgency=low - * Sync with upstream. + * New mantainer. (closes: #452191) + * Package updated to cdbs. + * debian/control: + - Build-Depends: cdbs, autotools-dev + - Standards-Version: 3.7.3 + - Added pseudo header "Homepage:" + * debian/copyright: Updated link download. + * debian/watch: Added. - -- Rémi Denis-Courmont Tue, 05 Jun 2004 19:43:15 +0200 + -- Jose Carlos Medeiros Tue, 18 Dec 2007 11:15:17 -0200 -tcpreen (1.4.1-1) unstable; urgency=low +tcpreen (1.4.3-0.3) unstable; urgency=high - * Sync with upstream. + * Non-maintainer upload by security team. + * Add missing part of the previous security fix in + sockprot.cpp (Closes: #457781). - -- Rémi Denis-Courmont Tue, 05 Jun 2004 19:43:15 +0200 + -- Nico Golde Tue, 25 Dec 2007 23:22:57 +0100 -tcpreen (1.4.0-1) unstable; urgency=low +tcpreen (1.4.3-0.2) unstable; urgency=low + + * Non-maintainer upload by security team. + * This update addresses the following security issue: + - remote buffer-overflow vulnerability in bridge.cpp because + tcpreen fails to check user supplied data passed to + the monitor_bridge function (Closes: #457781). + + -- Nico Golde Tue, 25 Dec 2007 17:32:38 +0100 + +tcpreen (1.4.3-0.1) unstable; urgency=low + + * NMU, with permission from maintainer. + * New upstream release (Closes: #269639, #211956) + * Standards version 3.7.0.0 + * Use debhelper v5 + + -- Bastian Kleineidam Tue, 2 May 2006 21:24:00 +0200 + +tcpreen (1.2.2-1) unstable; urgency=low + + * new upstream version + * changed maintainer address to oku@debian.org + + -- Oliver Kurth Tue, 4 Mar 2003 23:19:35 +0100 + +tcpreen (1.0.2-1) unstable; urgency=low + + * new upstream version + * upstream now provides a man page + * ask for sponsor now, hopefully closes: #155032 (ITP) + + -- Oliver Kurth Thu, 5 Sep 2002 23:49:58 +0200 + +tcpreen (0.8.1-1) unstable; urgency=low * Initial Release. - -- Rémi Denis-Courmont Sun, 16 May 2004 11:34:15 +0200 + -- Oliver Kurth Thu, 1 Aug 2002 12:25:47 +0200 --- tcpreen-1.4.3.orig/debian/docs +++ tcpreen-1.4.3/debian/docs @@ -1,5 +1,4 @@ NEWS README -TODO -AUTHORS THANKS +TODO --- tcpreen-1.4.3.orig/debian/control +++ tcpreen-1.4.3/debian/control @@ -1,18 +1,22 @@ Source: tcpreen Section: net Priority: optional -Maintainer: Rémi Denis-Courmont -Build-Depends: debhelper (>= 4.0.0), gettext -Standards-Version: 3.6.1 +Maintainer: Jose Carlos Medeiros +Uploaders: Ola Lundqvist +Build-Depends: debhelper (>= 5), gettext, cdbs, autotools-dev, quilt +Standards-Version: 3.7.3 +Homepage: http://www.remlab.net/tcpreen/ Package: tcpreen Architecture: any -Depends: ${shlibs:Depends}, ${misc:Depends} -Description: TCP re-engineering tool - TCPreen is a command line tool used to monitor connection-oriented - network transmission, such as TCP/IP streams. - It acts as a bridge between the server and the client in a connection, - displays any data that is sent either way, and optionnaly logs - everything to a file. - It can be useful for debugging, monitoring or reverse-engineering - purposes. +Depends: ${shlibs:Depends} +Description: Simple TCP re-engineering tool + TCPreen is a small tool for monitoring a TCP connection. + It works like a bridge between the server and the client in a TCP + connection, displays any data that is sent either way, and optionally + logs everything to a file. + . + It is mainly useful if you want to understand what informations a + client and a server exchanges during a TCP session. It was originally + meant to help reverse engineer proprietary TCP-based protocols or + protocol extensions. --- tcpreen-1.4.3.orig/debian/patches/fix_buffer_overflows_CVE-2007-6562.patch +++ tcpreen-1.4.3/debian/patches/fix_buffer_overflows_CVE-2007-6562.patch @@ -0,0 +1,67 @@ +fixed remote buffer-overflow vulnerability in bridge.cpp because tcpreen +fails to check user supplied data passed to the monitor_bridge function +(CVE-2007-6562) +Index: tcpreen-1.4.3/src/bridge.cpp +=================================================================== +--- tcpreen-1.4.3.orig/src/bridge.cpp 2008-01-15 12:01:07.000000000 -0200 ++++ tcpreen-1.4.3/src/bridge.cpp 2008-01-15 12:02:40.000000000 -0200 +@@ -23,6 +23,7 @@ + # include + #endif + ++#include + #include // memmove() + #include // LONG_MAX + #include +@@ -115,6 +116,14 @@ + long totalcount = 0; + bridge b[2]; + ++#ifndef WIN32 ++ if ((fds[0] >= FD_SETSIZE) || (fds[1] >= FD_SETSIZE)) ++ { ++ errno = EINVAL; ++ return -1; ++ } ++#endif ++ + b[0].outfd = b[1].infd = fds[0]; + b[0].infd = b[1].outfd = fds[1]; + b[0].buflen = b[1].buflen = 0; +Index: tcpreen-1.4.3/libsolve/sockprot.cpp +=================================================================== +--- tcpreen-1.4.3.orig/libsolve/sockprot.cpp 2008-01-15 12:02:59.000000000 -0200 ++++ tcpreen-1.4.3/libsolve/sockprot.cpp 2008-01-15 12:06:21.000000000 -0200 +@@ -229,14 +229,19 @@ + if (nonblock) + return fd; + ++#ifndef WIN32 ++ if (fd >= FD_SETSIZE) ++ { ++ close (fd); ++ errno = EMFILE; ++ } ++#endif ++ + /* Waits until connection is established */ + fd_set s; + FD_ZERO (&s); + FD_SET (fd, &s); + +- int err = 0; +- socklen_t len = sizeof (err); +- + if (select (fd + 1, NULL, &s, NULL, NULL) != 1) + { + SetError (); +@@ -248,6 +253,9 @@ + continue; + } + ++ int err = 0; ++ socklen_t len = sizeof (err); ++ + if (getsockopt (fd, SOL_SOCKET, SO_ERROR, &err, &len)) + { + SetError (); --- tcpreen-1.4.3.orig/debian/patches/series +++ tcpreen-1.4.3/debian/patches/series @@ -0,0 +1 @@ +fix_buffer_overflows_CVE-2007-6562.patch