Bug 56006

Summary: [PATCH] buffer overflows in databases/gnats
Product: Ports & Packages Reporter: Oliver Eikemeier <eikemeier>
Component: Individual Port(s)Assignee: Ceri Davies <ceri>
Status: Closed FIXED    
Severity: Affects Only Me CC: des
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
gnats-security.patch none

Description Oliver Eikemeier 2003-08-26 16:20:15 UTC 
A security vulnerability has been found in the 3.113.1 release:
  http://www.securityfocus.com/archive/1/326337

Impact: Local privilege elevation.
  pr-edit, queue-pr and gen-index are installed setuid gnats and
  can be exploited.

Fix: A quick fix is the patch below from the security advisory. Don't forget to bump PORTREVISION.

As stated on http://www.gnu.org/software/gnats/ :
  "There are no plans to fix this problem, all GNATS users should upgrade to 4.0"

GNATS 4.0 is submitted as port databases/gnats4 in PR 55876:
  http://www.freebsd.org/cgi/query-pr.cgi?pr=55876

I'm willing to help to migrate the FreeBSD PR database to GNATS 4.0.

Btw, gnats 3.113.1 doesn't seem to build on -CURRENT:
  http://bento.freebsd.org/errorlogs/i386-5-latest/gnats-3.113.1_7.log
and package building fails on -STABLE (needs to use the new INFO macro)
  http://bento.freebsd.org/errorlogs/i386-4-latest/gnats-3.113.1_7.log
Comment 1 Sergey A. Osokin freebsd_committer freebsd_triage 2003-08-26 16:25:09 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->des

Over to maintainer.
Comment 2 Dag-Erling Smørgrav freebsd_committer freebsd_triage 2003-09-20 14:50:09 UTC 
State Changed
From-To: open->suspended

databases/gnats is marked BROKEN and will likely be removed.
Comment 3 Ceri Davies freebsd_committer freebsd_triage 2004-11-15 15:54:55 UTC 
State Changed
From-To: suspended->open

Take from des.
Comment 4 Ceri Davies freebsd_committer freebsd_triage 2004-11-15 15:54:55 UTC 
Responsible Changed
From-To: des->ceri

Take from des.
Comment 5 Ceri Davies freebsd_committer freebsd_triage 2004-11-15 18:23:49 UTC 
State Changed
From-To: open->closed

Committed; thanks.