tags 487598 + patch
tags 492235 + patch
tags 492236 + patch
tags 496034 + patch
thanks
Hi,
Attached is the diff for my havp 0.88-1.1 NMU, updated to add the GPLv2+
boilerplate to debian/copyright
diff -u havp-0.88/debian/havp.init havp-0.88/debian/havp.init
--- havp-0.88/debian/havp.init
+++ havp-0.88/debian/havp.init
@@ -43,6 +43,9 @@
chown -R havp:havp $havp_mountpoint
echo "done"
fi
+ echo -n "Cleaning up $havp_mountpoint"...
+ find $havp_mountpoint/ -type f -delete
+ echo " done"
echo -n "Starting $DESC: "
start-stop-daemon --start --quiet --pidfile $PIDFILE \
--exec $DAEMON -- $DAEMON_OPTS
@@ -56,6 +59,10 @@
echo "$NAME."
fi
+ echo -n "Cleaning up $havp_mountpoint"...
+ find $havp_mountpoint/ -type f -delete
+ echo " done"
+
if [ x"$USE_LOOPBACK" = x"true" ] && [ "`mount | grep ^$havp_loopback`" ]; then
echo -n "Unmounting $havp_mountpoint ..."
umount $havp_mountpoint
diff -u havp-0.88/debian/havp.templates havp-0.88/debian/havp.templates
--- havp-0.88/debian/havp.templates
+++ havp-0.88/debian/havp.templates
@@ -72,6 +72,12 @@
Чтобы использовать HAVP, вы можете смонтировать файловую систему, содержащую /var/spool/havp, с параметром "mand", или создать файловую систему loopback только для HAVP и смонтировать её в /var/spool/havp.
.
Если вы не знаете что делать, согласитесь на создание файловой системы loopback.
+Description-sv.UTF-8: Vill du skapa ett loopback-filsystem för spoolning?
+ HAVP kräver att filsystemet där temporära filer sparas vid scanning kan hantera låsningar. Många av de vanliga linux-filsystemen klarar detta men aktiverar det inte som standard.
+ .
+ För att använda HAVP så kan du antingen montera filsystemet som innehållet /var/spool/havp med inställningen "mand" eller skapa ett loopback-filsystem som monteras på /var/spool/havp och som endast kan användas av HAVP.
+ .
+ Om du är osäker så ska du välja det här alternativet och skapa ett loopback-filsystem.
Description-ta.UTF-8: சுற்றி மீளும் உருளை கோப்பு அமைப்பு ஒன்று உருவாக்க வேண்டுமா?
ஹெஏவிபி(HAVP) க்கு அதன் தற்காலிக கோப்புகளை வருடலின் போது சேமிக்கும் கோப்பு அமைப்பு கட்டாயமாக பூட்டும் ஆதரவு உள்ளதாக இருக்க வேண்டும். பல லீனக்ஸ் கோப்பு அமைப்புகள் இதை ஆதரித்தாலும் இதை முன்னிருப்பாக செயல் படுத்துவதில்லை.
.
@@ -106,4 +112,6 @@
Description-ru.UTF-8: Размер файловой системы Loopback:
Введите размер (в мегабайтах) создаваемой файловой системы loopback.
+Description-sv.UTF-8: Storlek på loopback-filsystemet:
+ Ange storleken för loopback-filsystemet (i megabyte).
Description-ta.UTF-8: சுற்றி மீளும் உருளை கோப்பு அமைப்பின் அளவு:
சுற்றி மீளும் உருளை கோப்பு அமைப்பு உருவாக்க அதன் அளவை குறிப்பிடுக.
diff -u havp-0.88/debian/copyright havp-0.88/debian/copyright
--- havp-0.88/debian/copyright
+++ havp-0.88/debian/copyright
@@ -8,4 +8,26 @@
+Copyright:
+
+ Copyright (C) 2005 by Christian Hilgers
+
License:
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
This software is licensed under the GNU GPL. On Debian GNU/Linux systems, you
can find the license under /usr/share/common-licenses/GPL
+
+These files have different copyright notices:
+ havp/params.h: Copyright (C) 2005 by Peter Sebald / Christian Hilgers
+ havp/params.cpp: Copyright (C) 2005 by Peter Sebald / Christian Hilgers
reverted:
--- havp-0.88/debian/havp.docs
+++ havp-0.88.orig/debian/havp.docs
@@ -1 +0,0 @@
-INSTALL
diff -u havp-0.88/debian/rules havp-0.88/debian/rules
--- havp-0.88/debian/rules
+++ havp-0.88/debian/rules
@@ -53,9 +53,12 @@
rm -f build-stamp config.status
# Add here commands to clean up after the build process.
- -$(MAKE) clean
+ [ ! -f Makefile ] || $(MAKE) clean
rm -f config.sub config.guess config.status config.log
+ rm -f havp/Makefile Makefile havp/default.h etc/havp/havp.config \
+ havp.1 havp/scanners/Makefile
+
# and make sure that templates are up-to-date
debconf-updatepo
po2debconf debian/havp.templates.master > debian/havp.templates
@@ -89,7 +92,7 @@
dh_installdocs
dh_installexamples
dh_installlogrotate
- dh_installinit
+ dh_installinit --error-handler=init_error
dh_installman havp.1
dh_link
dh_strip
diff -u havp-0.88/debian/changelog havp-0.88/debian/changelog
--- havp-0.88/debian/changelog
+++ havp-0.88/debian/changelog
@@ -1,3 +1,30 @@
+havp (0.88-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * debian/havp.init
+ - added cleanup for temporary files under /var/spool/havp; thanks to
+ Alberto for the report; Closes: #492235
+ * debian/{havp.prerm,havp.postinst,rules}
+ - modified to skip errors on service start/stop; thanks to Alberto for the
+ report; Closes: #492236
+ * debian/rules
+ - added removal for generated files
+ - clean run only if Makefile is present
+ * debian/patches/05_bts496034_CVE-2008-3688_fix_infinite_retry.dpatch
+ - added to fix CVE-2008-3688, DoS by connecting to a non-responsive server,
+ generating an infinite loop; thanks to Steffen Joeris for the report;
+ Closes: #496034
+ * debian/po/sv.po
+ - added Swedish translation of debconf templates; thanks to Martin Bagge;
+ Closes: #487598
+ * debian/copyright
+ - added copyright notices
+ - added GPLv2+ license boilerplate
+ * debian/havp.docs
+ - removed since it installed only INSTALL file
+
+ -- Sandro Tosi <[EMAIL PROTECTED]> Sat, 30 Aug 2008 10:58:54 +0200
+
havp (0.88-1) unstable; urgency=low
* New upstream release, now compatible with new libclamav.
diff -u havp-0.88/debian/havp.postinst havp-0.88/debian/havp.postinst
--- havp-0.88/debian/havp.postinst
+++ havp-0.88/debian/havp.postinst
@@ -3,6 +3,10 @@
#
# see: dh_installdeb(1)
+init_error() {
+echo "E: Error starting service (could be due to port 8080 already in use), ignoring..."
+}
+
CONFIGFILE=/etc/default/havp
set -e
diff -u havp-0.88/debian/patches/00list havp-0.88/debian/patches/00list
--- havp-0.88/debian/patches/00list
+++ havp-0.88/debian/patches/00list
@@ -2,0 +3 @@
+05_bts496034_CVE-2008-3688_fix_infinite_retry
only in patch2:
unchanged:
--- havp-0.88.orig/debian/havp.prerm
+++ havp-0.88/debian/havp.prerm
@@ -0,0 +1,11 @@
+#! /bin/sh
+# prerm script for havp
+#
+# see: dh_installdeb(1)
+
+init_error() {
+echo "E: Error stopping service, ignoring..."
+}
+
+#DEBHELPER#
+
only in patch2:
unchanged:
--- havp-0.88.orig/debian/patches/05_bts496034_CVE-2008-3688_fix_infinite_retry.dpatch
+++ havp-0.88/debian/patches/05_bts496034_CVE-2008-3688_fix_infinite_retry.dpatch
@@ -0,0 +1,18 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 05_bts496034_CVE-2008-3688_fix_infinite_retry.dpatch from http://bugs.endian.it/view.php?id=1129
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Fix CVE-2008-3688: DoS by infinite loop
+
[EMAIL PROTECTED]@
+diff -urNad havp-0.88~/havp/sockethandler.cpp havp-0.88/havp/sockethandler.cpp
+--- havp-0.88~/havp/sockethandler.cpp 2007-01-19 08:53:44.000000000 +0100
++++ havp-0.88/havp/sockethandler.cpp 2008-08-28 23:46:56.394240341 +0200
+@@ -623,6 +623,7 @@
+ my_u_addr.sun_family = AF_LOCAL;
+
+ ip_count = 0;
++ ips = 0;
+
+ //No socket exists yet
+ sock_fd = -1;
only in patch2:
unchanged:
--- havp-0.88.orig/debian/po/sv.po
+++ havp-0.88/debian/po/sv.po
@@ -0,0 +1,64 @@
+# translation of havp_0.88-1_templates.po to swedish
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+#
+# Martin Bagge <[EMAIL PROTECTED]>, 2008.
+msgid ""
+msgstr ""
+"Project-Id-Version: havp_0.88-1_templates\n"
+"Report-Msgid-Bugs-To: Source: [EMAIL PROTECTED]"
+"POT-Creation-Date: 2008-05-29 20:56+0200\n"
+"PO-Revision-Date: 2008-06-22 23:52+0200\n"
+"Last-Translator: Martin Bagge <[EMAIL PROTECTED]>\n"
+"Language-Team: swedish <[EMAIL PROTECTED]>\n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=UTF-8\n"
+"Content-Transfer-Encoding: 8bit\n"
+"X-Generator: KBabel 1.11.4\n"
+
+#. Type: boolean
+#. Description
+#: ../havp.templates.master:1001
+msgid "Do you want to create a loopback spool file system?"
+msgstr "Vill du skapa ett loopback-filsystem för spoolning?"
+
+#. Type: boolean
+#. Description
+#: ../havp.templates.master:1001
+msgid ""
+"HAVP strictly requires the file system where it stores its temporary files "
+"during scanning to support mandatory locking. Many of the standard Linux "
+"file systems support this, but do not enable it by default."
+msgstr "HAVP kräver att filsystemet där temporära filer sparas vid scanning kan hantera låsningar. Många av de vanliga linux-filsystemen klarar detta men aktiverar det inte som standard."
+
+#. Type: boolean
+#. Description
+#: ../havp.templates.master:1001
+msgid ""
+"To use HAVP, you can either mount the file system that contains /var/spool/"
+"havp with the option \"mand\", or create a loopback file system that is "
+"mounted at /var/spool/havp only for HAVP."
+msgstr "För att använda HAVP så kan du antingen montera filsystemet som innehållet /var/spool/havp med inställningen \"mand\" eller skapa ett loopback-filsystem som monteras på /var/spool/havp och som endast kan användas av HAVP."
+
+#. Type: boolean
+#. Description
+#: ../havp.templates.master:1001
+msgid ""
+"If you are in doubt, you should accept this option to create a loopback "
+"spool file system."
+msgstr "Om du är osäker så ska du välja det här alternativet och skapa ett loopback-filsystem."
+
+#. Type: string
+#. Description
+#: ../havp.templates.master:2001
+msgid "Loopback file system size:"
+msgstr "Storlek på loopback-filsystemet:"
+
+#. Type: string
+#. Description
+#: ../havp.templates.master:2001
+msgid ""
+"Please enter the size (in megabytes) of the loopback file system to be "
+"created."
+msgstr "Ange storleken för loopback-filsystemet (i megabyte)."
+
