Simon Horman <ho...@verge.net.au> writes:
> On Sat, Oct 16, 2010 at 08:40:30PM +0300, jari.aa...@cante.net wrote:
>
>>
>> Dear maintainer,
>>
>> Here is the NMU diff according to DevRef 5.11.1[1][2] for bug: #598549.
>> See the debian/patches directory for the important fixes.
>>
>> Let me know if it's okay to proceed with the NMU.
>>
>> Thank you for maintaining the package,
>
> Hi Jari,
>
> Its unclear to me that this patch covers all cases.
>
> e.g
>
> $ DIR_EXECUTABLE=/abc
> $ LD_LIBRARY_PATH="::"
> $ /bin/echo "$DIR_EXECUTABLE${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
> /abc:::
>
> Am I missing something?
Nice catch. Here is an update that incorporates this:
Ldpath ()
{
# Vulnerability fix for insecure library loading
# Make sure "::", "^:" or ":$" is not in $LD_LIBRARY_PATH
local tmp
tmp=$(echo $LD_LIBRARY_PATH | sed -e 's/::\+// ; s/^:// ; s/:$//' )
[ "$tmp" ] && echo "$tmp"
}
( DIR_EXECUTABLE=/abc
LD_LIBRARY_PATH="::"
LD_LIBRARY_PATH="$DIR_EXECUTABLE${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
Ldpath
)
# => abc
Jari
diffstat for cluster-agents-1.0.3 cluster-agents-1.0.3
changelog | 9
patches/CVE-2010-3389--bug598549.patch | 53 +++
patches/debian-changes-1:1.0.3-3.1 | 553 +++++++++++++++++++++++++++++++++
patches/series | 2
4 files changed, 617 insertions(+)
diff -Nru cluster-agents-1.0.3/debian/changelog cluster-agents-1.0.3/debian/changelog
--- cluster-agents-1.0.3/debian/changelog 2010-05-04 16:04:18.000000000 +0300
+++ cluster-agents-1.0.3/debian/changelog 2010-10-17 00:59:07.000000000 +0300
@@ -1,3 +1,12 @@
+cluster-agents (1:1.0.3-3.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * debian/patches
+ - (CVE-2010-3389--bug598549): New. Correct LD_LIBRARY_PATH handling.
+ (important, security; Closes: #598549).
+
+ -- Jari Aalto <jari.aa...@cante.net> Sun, 17 Oct 2010 00:59:07 +0300
+
cluster-agents (1:1.0.3-3) unstable; urgency=low
* Add build dependency on docbook-xml. (Closes: #579623)
diff -Nru cluster-agents-1.0.3/debian/patches/CVE-2010-3389--bug598549.patch cluster-agents-1.0.3/debian/patches/CVE-2010-3389--bug598549.patch
--- cluster-agents-1.0.3/debian/patches/CVE-2010-3389--bug598549.patch 1970-01-01 02:00:00.000000000 +0200
+++ cluster-agents-1.0.3/debian/patches/CVE-2010-3389--bug598549.patch 2010-10-16 20:26:28.000000000 +0300
@@ -0,0 +1,53 @@
+From a4afa69fda9a375d7763e335c556231eaefe516d Mon Sep 17 00:00:00 2001
+From: Jari Aalto <jari.aa...@cante.net>
+Date: Sat, 16 Oct 2010 20:26:25 +0300
+Subject: [PATCH] CVE-2010-3389: insecure library loading
+Organization: Private
+Content-Type: text/plain; charset="utf-8"
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Jari Aalto <jari.aa...@cante.net>
+---
+ heartbeat/SAPDatabase | 7 +++++--
+ heartbeat/SAPInstance | 7 +++++--
+ 2 files changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/heartbeat/SAPDatabase b/heartbeat/SAPDatabase
+index 5e07046..e9574ea 100755
+--- a/heartbeat/SAPDatabase
++++ b/heartbeat/SAPDatabase
+@@ -966,8 +966,11 @@ else
+ fi
+
+ # as root user we need the library path to the SAP kernel to be able to call executables
+-if [ `echo $LD_LIBRARY_PATH | grep -c "^$DIR_EXECUTABLE\>"` -eq 0 ]; then
+- LD_LIBRARY_PATH=$DIR_EXECUTABLE:$LD_LIBRARY_PATH; export LD_LIBRARY_PATH
++if [ "$DIR_EXECUTABLE" ]; then
++ if [ `echo $LD_LIBRARY_PATH | grep -c "^$DIR_EXECUTABLE\>"` -eq 0 ]; then
++ LD_LIBRARY_PATH="$DIR_EXECUTABLE${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
++ export LD_LIBRARY_PATH
++ fi
+ fi
+ sidadm="`echo $SID | tr [:upper:] [:lower:]`adm"
+
+diff --git a/heartbeat/SAPInstance b/heartbeat/SAPInstance
+index 08f47f8..d7dea78 100755
+--- a/heartbeat/SAPInstance
++++ b/heartbeat/SAPInstance
+@@ -296,8 +296,11 @@ sapinstance_init() {
+ fi
+
+ # as root user we need the library path to the SAP kernel to be able to call sapcontrol
+- if [ `echo $LD_LIBRARY_PATH | grep -c "^$DIR_EXECUTABLE\>"` -eq 0 ]; then
+- LD_LIBRARY_PATH=$DIR_EXECUTABLE:$LD_LIBRARY_PATH; export LD_LIBRARY_PATH
++ if [ "$DIR_EXECUTABLE" ]; then
++ if [ `echo $LD_LIBRARY_PATH | grep -c "^$DIR_EXECUTABLE\>"` -eq 0 ]; then
++ LD_LIBRARY_PATH="$DIR_EXECUTABLE${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}"
++ export LD_LIBRARY_PATH
++ fi
+ fi
+
+ sidadm="`echo $SID | tr [:upper:] [:lower:]`adm"
+--
+1.7.1
+
diff -Nru cluster-agents-1.0.3/debian/patches/debian-changes-1:1.0.3-3.1 cluster-agents-1.0.3/debian/patches/debian-changes-1:1.0.3-3.1
--- cluster-agents-1.0.3/debian/patches/debian-changes-1:1.0.3-3.1 1970-01-01 02:00:00.000000000 +0200
+++ cluster-agents-1.0.3/debian/patches/debian-changes-1:1.0.3-3.1 2010-10-17 00:59:28.000000000 +0300
@@ -0,0 +1,553 @@
+Description: Upstream changes introduced in version 1:1.0.3-3.1
+ This patch has been created by dpkg-source during the package build.
+ Here's the last changelog entry, hopefully it gives details on why
+ those changes were made:
+ .
+ cluster-agents (1:1.0.3-3.1) unstable; urgency=low
+ .
+ * Non-maintainer upload.
+ * debian/patches
+ - (CVE-2010-3389--bug598549): New. Correct LD_LIBRARY_PATH handling.
+ (important, security; Closes: #598549).
+ .
+ The person named in the Author field signed this changelog entry.
+Author: Jari Aalto <jari.aa...@cante.net>
+Bug-Debian: http://bugs.debian.org/598549
+
+---
+The information above should follow the Patch Tagging Guidelines, please
+checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
+are templates for supplementary fields that you might want to add:
+
+Origin: <vendor|upstream|other>, <url of original patch>
+Bug: <url in upstream bugtracker>
+Bug-Debian: http://bugs.debian.org/<bugnumber>
+Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber>
+Forwarded: <no|not-needed|url proving that it has been forwarded>
+Reviewed-By: <name and email of someone who approved the patch>
+Last-Update: <YYYY-MM-DD>
+
+--- /dev/null
++++ cluster-agents-1.0.3/tools/ocft/Makefile.in
+@@ -0,0 +1,521 @@
++# Makefile.in generated by automake 1.11.1 from Makefile.am.
++# @configure_input@
++
++# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
++# 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation,
++# Inc.
++# This Makefile.in is free software; the Free Software Foundation
++# gives unlimited permission to copy and/or distribute it,
++# with or without modifications, as long as this notice is preserved.
++
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
++# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
++# PARTICULAR PURPOSE.
++
+...@set_make@
++
++# Author: John Shi
++# j...@suse.de
++# This program is free software; you can redistribute it and/or
++# modify it under the terms of the GNU General Public License
++# as published by the Free Software Foundation; either version 2
++# of the License, or (at your option) any later version.
++#
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++# GNU General Public License for more details.
++#
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
++#
++
++
++VPATH = @srcdir@
++pkgdatadir = $(datadir)/@PACKAGE@
++pkgincludedir = $(includedir)/@PACKAGE@
++pkglibdir = $(libdir)/@PACKAGE@
++pkglibexecdir = $(libexecdir)/@PACKAGE@
++am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd
++install_sh_DATA = $(install_sh) -c -m 644
++install_sh_PROGRAM = $(install_sh) -c
++install_sh_SCRIPT = $(install_sh) -c
++INSTALL_HEADER = $(INSTALL_DATA)
++transform = $(program_transform_name)
++NORMAL_INSTALL = :
++PRE_INSTALL = :
++POST_INSTALL = :
++NORMAL_UNINSTALL = :
++PRE_UNINSTALL = :
++POST_UNINSTALL = :
++build_triplet = @build@
++host_triplet = @host@
++subdir = tools/ocft
++DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \
++ $(srcdir)/README.in $(srcdir)/README.zh_CN.in \
++ $(srcdir)/caselib.in $(srcdir)/ocft.in ChangeLog
++ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
++am__aclocal_m4_deps = $(top_srcdir)/configure.in
++am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \
++ $(ACLOCAL_M4)
++mkinstalldirs = $(install_sh) -d
++CONFIG_HEADER = $(top_builddir)/include/config.h \
++ $(top_builddir)/include/agent_config.h
++CONFIG_CLEAN_FILES = ocft caselib README README.zh_CN
++CONFIG_CLEAN_VPATH_FILES =
++am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`;
++am__vpath_adj = case $$p in \
++ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \
++ *) f=$$p;; \
++ esac;
++am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`;
++am__install_max = 40
++am__nobase_strip_setup = \
++ srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'`
++am__nobase_strip = \
++ for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||"
++am__nobase_list = $(am__nobase_strip_setup); \
++ for p in $$list; do echo "$$p $$p"; done | \
++ sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \
++ $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \
++ if (++n[$$2] == $(am__install_max)) \
++ { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \
++ END { for (dir in files) print dir, files[dir] }'
++am__base_list = \
++ sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \
++ sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g'
++am__installdirs = "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(ocftdir)" \
++ "$(DESTDIR)$(ocftcfgsdir)"
++SCRIPTS = $(sbin_SCRIPTS)
++SOURCES =
++DIST_SOURCES =
++DATA = $(ocft_DATA) $(ocftcfgs_DATA)
++DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
++ACLOCAL = @ACLOCAL@
++AMTAR = @AMTAR@
++AUTOCONF = @AUTOCONF@
++AUTOHEADER = @AUTOHEADER@
++AUTOMAKE = @AUTOMAKE@
++AWK = @AWK@
++BUILD_VERSION = @BUILD_VERSION@
++CC = @CC@
++CCDEPMODE = @CCDEPMODE@
++CFLAGS = @CFLAGS@
++CFLAGS_COPY = @CFLAGS_COPY@
++CPP = @CPP@
++CPPFLAGS = @CPPFLAGS@
++CYGPATH_W = @CYGPATH_W@
++DEFS = @DEFS@
++DEPDIR = @DEPDIR@
++ECHO_C = @ECHO_C@
++ECHO_N = @ECHO_N@
++ECHO_T = @ECHO_T@
++EGREP = @EGREP@
++EXEEXT = @EXEEXT@
++GLUE_STATE_DIR = @GLUE_STATE_DIR@
++GREP = @GREP@
++HA_VARLIBHBDIR = @HA_VARLIBHBDIR@
++HA_VARRUNDIR = @HA_VARRUNDIR@
++HG = @HG@
++IFCONFIG = @IFCONFIG@
++IFCONFIG_A_OPT = @IFCONFIG_A_OPT@
++INITDIR = @INITDIR@
++INIT_EXT = @INIT_EXT@
++INSTALL = @INSTALL@
++INSTALL_DATA = @INSTALL_DATA@
++INSTALL_PROGRAM = @INSTALL_PROGRAM@
++INSTALL_SCRIPT = @INSTALL_SCRIPT@
++INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@
++LDFLAGS = @LDFLAGS@
++LIBNETCONFIG = @LIBNETCONFIG@
++LIBNETDEFINES = @LIBNETDEFINES@
++LIBNETLIBS = @LIBNETLIBS@
++LIBOBJS = @LIBOBJS@
++LIBS = @LIBS@
++LOCALE = @LOCALE@
++LTLIBOBJS = @LTLIBOBJS@
++MAILCMD = @MAILCMD@
++MAKE = @MAKE@
++MAKEINFO = @MAKEINFO@
++MD5 = @MD5@
++MKDIR_P = @MKDIR_P@
++NON_FATAL_CFLAGS = @NON_FATAL_CFLAGS@
++OBJEXT = @OBJEXT@
++OCF_RA_DIR = @OCF_RA_DIR@
++OCF_ROOT_DIR = @OCF_ROOT_DIR@
++PACKAGE = @PACKAGE@
++PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@
++PACKAGE_NAME = @PACKAGE_NAME@
++PACKAGE_STRING = @PACKAGE_STRING@
++PACKAGE_TARNAME = @PACKAGE_TARNAME@
++PACKAGE_URL = @PACKAGE_URL@
++PACKAGE_VERSION = @PACKAGE_VERSION@
++PATH_SEPARATOR = @PATH_SEPARATOR@
++PING = @PING@
++PKGCONFIG = @PKGCONFIG@
++PKGNAME = @PKGNAME@
++POD2MAN = @POD2MAN@
++POWEROFF_CMD = @POWEROFF_CMD@
++POWEROFF_OPTIONS = @POWEROFF_OPTIONS@
++PYTHON = @PYTHON@
++PYTHON_EXEC_PREFIX = @PYTHON_EXEC_PREFIX@
++PYTHON_PLATFORM = @PYTHON_PLATFORM@
++PYTHON_PREFIX = @PYTHON_PREFIX@
++PYTHON_VERSION = @PYTHON_VERSION@
++REBOOT = @REBOOT@
++REBOOT_OPTIONS = @REBOOT_OPTIONS@
++ROUTE = @ROUTE@
++SCP = @SCP@
++SET_MAKE = @SET_MAKE@
++SHELL = @SHELL@
++SSH = @SSH@
++STRIP = @STRIP@
++TAR = @TAR@
++TEST = @TEST@
++VERSION = @VERSION@
++XSLTPROC = @XSLTPROC@
++abs_builddir = @abs_builddir@
++abs_srcdir = @abs_srcdir@
++abs_top_builddir = @abs_top_builddir@
++abs_top_srcdir = @abs_top_srcdir@
++ac_ct_CC = @ac_ct_CC@
++am__include = @am__include@
++am__leading_dot = @am__leading_dot@
++am__quote = @am__quote@
++am__tar = @am__tar@
++am__untar = @am__untar@
++bindir = @bindir@
++build = @build@
++build_alias = @build_alias@
++build_cpu = @build_cpu@
++build_os = @build_os@
++build_vendor = @build_vendor@
++builddir = @builddir@
++datadir = @datadir@
++datarootdir = @datarootdir@
++docdir = @docdir@
++dvidir = @dvidir@
++exec_prefix = @exec_prefix@
++host = @host@
++host_alias = @host_alias@
++host_cpu = @host_cpu@
++host_os = @host_os@
++host_vendor = @host_vendor@
++htmldir = @htmldir@
++includedir = @includedir@
++infodir = @infodir@
++install_sh = @install_sh@
++libdir = @libdir@
++libexecdir = @libexecdir@
++localedir = @localedir@
++localstatedir = @localstatedir@
++mandir = @mandir@
++mkdir_p = @mkdir_p@
++oldincludedir = @oldincludedir@
++pdfdir = @pdfdir@
++pkgpyexecdir = @pkgpyexecdir@
++pkgpythondir = @pkgpythondir@
++prefix = @prefix@
++program_transform_name = @program_transform_name@
++psdir = @psdir@
++pyexecdir = @pyexecdir@
++pythondir = @pythondir@
++sbindir = @sbindir@
++sharedstatedir = @sharedstatedir@
++srcdir = @srcdir@
++sysconfdir = @sysconfdir@
++target_alias = @target_alias@
++top_build_prefix = @top_build_prefix@
++top_builddir = @top_builddir@
++top_srcdir = @top_srcdir@
++MAINTAINERCLEANFILES = Makefile.in
++EXTRA_DIST = $(ocftcfgs_DATA) $(ocft_DATA)
++sbin_SCRIPTS = ocft
++ocftcfgsdir = $(datadir)/$(PACKAGE_NAME)/ocft/configs
++ocftcfgs_DATA = apache \
++ IPaddr2 \
++ IPsrcaddr \
++ MailTo \
++ mysql \
++ nfsserver \
++ portblock \
++ SendArp
++
++ocftdir = $(datadir)/$(PACKAGE_NAME)/ocft
++ocft_DATA = README \
++ README.zh_CN \
++ caselib
++
++all: all-am
++
++.SUFFIXES:
++$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps)
++ @for dep in $?; do \
++ case '$(am__configure_deps)' in \
++ *$$dep*) \
++ ( cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh ) \
++ && { if test -f $@; then exit 0; else break; fi; }; \
++ exit 1;; \
++ esac; \
++ done; \
++ echo ' cd $(top_srcdir) && $(AUTOMAKE) --gnu tools/ocft/Makefile'; \
++ $(am__cd) $(top_srcdir) && \
++ $(AUTOMAKE) --gnu tools/ocft/Makefile
++.PRECIOUS: Makefile
++Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
++ @case '$?' in \
++ *config.status*) \
++ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \
++ *) \
++ echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \
++ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \
++ esac;
++
++$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES)
++ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
++
++$(top_srcdir)/configure: $(am__configure_deps)
++ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
++$(ACLOCAL_M4): $(am__aclocal_m4_deps)
++ cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh
++$(am__aclocal_m4_deps):
++ocft: $(top_builddir)/config.status $(srcdir)/ocft.in
++ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
++caselib: $(top_builddir)/config.status $(srcdir)/caselib.in
++ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
++README: $(top_builddir)/config.status $(srcdir)/README.in
++ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
++README.zh_CN: $(top_builddir)/config.status $(srcdir)/README.zh_CN.in
++ cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
++install-sbinSCRIPTS: $(sbin_SCRIPTS)
++ @$(NORMAL_INSTALL)
++ test -z "$(sbindir)" || $(MKDIR_P) "$(DESTDIR)$(sbindir)"
++ @list='$(sbin_SCRIPTS)'; test -n "$(sbindir)" || list=; \
++ for p in $$list; do \
++ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
++ if test -f "$$d$$p"; then echo "$$d$$p"; echo "$$p"; else :; fi; \
++ done | \
++ sed -e 'p;s,.*/,,;n' \
++ -e 'h;s|.*|.|' \
++ -e 'p;x;s,.*/,,;$(transform)' | sed 'N;N;N;s,\n, ,g' | \
++ $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1; } \
++ { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \
++ if ($$2 == $$4) { files[d] = files[d] " " $$1; \
++ if (++n[d] == $(am__install_max)) { \
++ print "f", d, files[d]; n[d] = 0; files[d] = "" } } \
++ else { print "f", d "/" $$4, $$1 } } \
++ END { for (d in files) print "f", d, files[d] }' | \
++ while read type dir files; do \
++ if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \
++ test -z "$$files" || { \
++ echo " $(INSTALL_SCRIPT) $$files '$(DESTDIR)$(sbindir)$$dir'"; \
++ $(INSTALL_SCRIPT) $$files "$(DESTDIR)$(sbindir)$$dir" || exit $$?; \
++ } \
++ ; done
++
++uninstall-sbinSCRIPTS:
++ @$(NORMAL_UNINSTALL)
++ @list='$(sbin_SCRIPTS)'; test -n "$(sbindir)" || exit 0; \
++ files=`for p in $$list; do echo "$$p"; done | \
++ sed -e 's,.*/,,;$(transform)'`; \
++ test -n "$$list" || exit 0; \
++ echo " ( cd '$(DESTDIR)$(sbindir)' && rm -f" $$files ")"; \
++ cd "$(DESTDIR)$(sbindir)" && rm -f $$files
++install-ocftDATA: $(ocft_DATA)
++ @$(NORMAL_INSTALL)
++ test -z "$(ocftdir)" || $(MKDIR_P) "$(DESTDIR)$(ocftdir)"
++ @list='$(ocft_DATA)'; test -n "$(ocftdir)" || list=; \
++ for p in $$list; do \
++ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
++ echo "$$d$$p"; \
++ done | $(am__base_list) | \
++ while read files; do \
++ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(ocftdir)'"; \
++ $(INSTALL_DATA) $$files "$(DESTDIR)$(ocftdir)" || exit $$?; \
++ done
++
++uninstall-ocftDATA:
++ @$(NORMAL_UNINSTALL)
++ @list='$(ocft_DATA)'; test -n "$(ocftdir)" || list=; \
++ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
++ test -n "$$files" || exit 0; \
++ echo " ( cd '$(DESTDIR)$(ocftdir)' && rm -f" $$files ")"; \
++ cd "$(DESTDIR)$(ocftdir)" && rm -f $$files
++install-ocftcfgsDATA: $(ocftcfgs_DATA)
++ @$(NORMAL_INSTALL)
++ test -z "$(ocftcfgsdir)" || $(MKDIR_P) "$(DESTDIR)$(ocftcfgsdir)"
++ @list='$(ocftcfgs_DATA)'; test -n "$(ocftcfgsdir)" || list=; \
++ for p in $$list; do \
++ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \
++ echo "$$d$$p"; \
++ done | $(am__base_list) | \
++ while read files; do \
++ echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(ocftcfgsdir)'"; \
++ $(INSTALL_DATA) $$files "$(DESTDIR)$(ocftcfgsdir)" || exit $$?; \
++ done
++
++uninstall-ocftcfgsDATA:
++ @$(NORMAL_UNINSTALL)
++ @list='$(ocftcfgs_DATA)'; test -n "$(ocftcfgsdir)" || list=; \
++ files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \
++ test -n "$$files" || exit 0; \
++ echo " ( cd '$(DESTDIR)$(ocftcfgsdir)' && rm -f" $$files ")"; \
++ cd "$(DESTDIR)$(ocftcfgsdir)" && rm -f $$files
++tags: TAGS
++TAGS:
++
++ctags: CTAGS
++CTAGS:
++
++
++distdir: $(DISTFILES)
++ @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
++ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \
++ list='$(DISTFILES)'; \
++ dist_files=`for file in $$list; do echo $$file; done | \
++ sed -e "s|^$$srcdirstrip/||;t" \
++ -e "s|^$$topsrcdirstrip/|$(top_builddir)/|;t"`; \
++ case $$dist_files in \
++ */*) $(MKDIR_P) `echo "$$dist_files" | \
++ sed '/\//!d;s|^|$(distdir)/|;s,/[^/]*$$,,' | \
++ sort -u` ;; \
++ esac; \
++ for file in $$dist_files; do \
++ if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \
++ if test -d $$d/$$file; then \
++ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \
++ if test -d "$(distdir)/$$file"; then \
++ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
++ fi; \
++ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \
++ cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \
++ find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \
++ fi; \
++ cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \
++ else \
++ test -f "$(distdir)/$$file" \
++ || cp -p $$d/$$file "$(distdir)/$$file" \
++ || exit 1; \
++ fi; \
++ done
++check-am: all-am
++check: check-am
++all-am: Makefile $(SCRIPTS) $(DATA)
++installdirs:
++ for dir in "$(DESTDIR)$(sbindir)" "$(DESTDIR)$(ocftdir)" "$(DESTDIR)$(ocftcfgsdir)"; do \
++ test -z "$$dir" || $(MKDIR_P) "$$dir"; \
++ done
++install: install-am
++install-exec: install-exec-am
++install-data: install-data-am
++uninstall: uninstall-am
++
++install-am: all-am
++ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
++
++installcheck: installcheck-am
++install-strip:
++ $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \
++ install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \
++ `test -z '$(STRIP)' || \
++ echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install
++mostlyclean-generic:
++
++clean-generic:
++
++distclean-generic:
++ -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES)
++ -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES)
++
++maintainer-clean-generic:
++ @echo "This command is intended for maintainers to use"
++ @echo "it deletes files that may require special tools to rebuild."
++ -test -z "$(MAINTAINERCLEANFILES)" || rm -f $(MAINTAINERCLEANFILES)
++clean: clean-am
++
++clean-am: clean-generic mostlyclean-am
++
++distclean: distclean-am
++ -rm -f Makefile
++distclean-am: clean-am distclean-generic
++
++dvi: dvi-am
++
++dvi-am:
++
++html: html-am
++
++html-am:
++
++info: info-am
++
++info-am:
++
++install-data-am: install-ocftDATA install-ocftcfgsDATA
++
++install-dvi: install-dvi-am
++
++install-dvi-am:
++
++install-exec-am: install-sbinSCRIPTS
++
++install-html: install-html-am
++
++install-html-am:
++
++install-info: install-info-am
++
++install-info-am:
++
++install-man:
++
++install-pdf: install-pdf-am
++
++install-pdf-am:
++
++install-ps: install-ps-am
++
++install-ps-am:
++
++installcheck-am:
++
++maintainer-clean: maintainer-clean-am
++ -rm -f Makefile
++maintainer-clean-am: distclean-am maintainer-clean-generic
++
++mostlyclean: mostlyclean-am
++
++mostlyclean-am: mostlyclean-generic
++
++pdf: pdf-am
++
++pdf-am:
++
++ps: ps-am
++
++ps-am:
++
++uninstall-am: uninstall-ocftDATA uninstall-ocftcfgsDATA \
++ uninstall-sbinSCRIPTS
++
++.MAKE: install-am install-strip
++
++.PHONY: all all-am check check-am clean clean-generic distclean \
++ distclean-generic distdir dvi dvi-am html html-am info info-am \
++ install install-am install-data install-data-am install-dvi \
++ install-dvi-am install-exec install-exec-am install-html \
++ install-html-am install-info install-info-am install-man \
++ install-ocftDATA install-ocftcfgsDATA install-pdf \
++ install-pdf-am install-ps install-ps-am install-sbinSCRIPTS \
++ install-strip installcheck installcheck-am installdirs \
++ maintainer-clean maintainer-clean-generic mostlyclean \
++ mostlyclean-generic pdf pdf-am ps ps-am uninstall uninstall-am \
++ uninstall-ocftDATA uninstall-ocftcfgsDATA \
++ uninstall-sbinSCRIPTS
++
++
++# Tell versions [3.59,3.63) of GNU make to not export all variables.
++# Otherwise a system limit (for SysV at least) may be exceeded.
++.NOEXPORT:
diff -Nru cluster-agents-1.0.3/debian/patches/series cluster-agents-1.0.3/debian/patches/series
--- cluster-agents-1.0.3/debian/patches/series 2010-05-03 20:31:33.000000000 +0300
+++ cluster-agents-1.0.3/debian/patches/series 2010-10-17 00:59:28.000000000 +0300
@@ -1 +1,3 @@
+CVE-2010-3389--bug598549.patch
spelling-fixes.patch
+debian-changes-1:1.0.3-3.1
