Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 5D746B8ED5
	for <mhonarc+pkgsrc-changes@mail-index.netbsd.org>; Sun,  7 Sep 2014 23:25:04 +0000 (UTC)
Received: by mail.netbsd.org (Postfix, from userid 605)
	id 062C014A2A3; Sun,  7 Sep 2014 23:25:04 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id 54B5A14A2A2
	for <pkgsrc-changes@NetBSD.org>; Sun,  7 Sep 2014 23:24:57 +0000 (UTC)
X-Virus-Scanned: amavisd-new at NetBSD.org
Received: from mail.netbsd.org ([127.0.0.1])
	by localhost (mail.NetBSD.org [127.0.0.1]) (amavisd-new, port 10025)
	with ESMTP id uaYMWHnLyxMb for <pkgsrc-changes@NetBSD.org>;
	Sun,  7 Sep 2014 23:24:56 +0000 (UTC)
Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd])
	by mail.netbsd.org (Postfix) with ESMTP id 4DD5214A2A0
	for <pkgsrc-changes@NetBSD.org>; Sun,  7 Sep 2014 23:24:56 +0000 (UTC)
Received: by cvs.netbsd.org (Postfix, from userid 500)
	id 4234098; Sun,  7 Sep 2014 23:24:56 +0000 (UTC)
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"
MIME-Version: 1.0
Date: Sun, 7 Sep 2014 23:24:56 +0000
From: "Blue Rats" <rodent@netbsd.org>
Subject: CVS commit: pkgsrc/net/socat
To: pkgsrc-changes@NetBSD.org
Reply-To: rodent@netbsd.org
X-Mailer: log_accum
Message-Id: <20140907232456.4234098@cvs.netbsd.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: pkgsrc-changes.NetBSD.org
Precedence: bulk

Module Name:	pkgsrc
Committed By:	rodent
Date:		Sun Sep  7 23:24:56 UTC 2014

Modified Files:
	pkgsrc/net/socat: Makefile distinfo
	pkgsrc/net/socat/patches: patch-configure patch-mytypes.h
Removed Files:
	pkgsrc/net/socat/patches: patch-aa

Log Message:
Update to latest stable, 1.7.2.4, which is supposed to resolve CVE-2014-0019.
patches/patch-aa seems to have been committed upstream. Passing readline
location to configure and fixing CCOPTS in Makefile.in seems to not be
necessary anymore. From CHANGES:

####################### V 1.7.2.4:

corrections:
	LISTEN based addresses applied some address options, e.g. so-keepalive,
	to the listening file descriptor instead of the connected file
	descriptor

	make failed after configure with non gcc compiler due to missing
	include.

	configure checked for --disable-rawsocket but printed
	--disable-genericsocket in the help text.

	In xioshutdown() a wrong branch was chosen after RECVFROM type addresses.
	Probably no impact.

	procan could not cleanly format ulimit values longer than 16 decimal
	digits. Thanks to Frank Dana for providing a patch that increases field
	width to 24 digits.

	OPENSSL-CONNECT with bind option failed on some systems, eg.FreeBSD, with
	"Invalid argument"

	Changed some variable definitions to make gcc -O2 aliasing checker happy

	On big endian platforms with type long >32bit the range option applied a
	bad base address.

	Red Hat issue 1022070: missing length check in xiolog_ancillary_socket()

	Red Hat issue 1022063: out-of-range shifts on net mask bits

	Red Hat issue 1022062: strcpy misuse in xiosetsockaddrenv_ip4()

	Red Hat issue 1022048: strncpy hardening: corrected suspicious strncpy()
	uses

	Red Hat issue 1021958: fixed a bug with faulty buffer/data length
	calculation in xio-ascii.c:_xiodump()

	Red Hat issue 1021972: fixed a missing NUL termination in return string
	of sysutils.c:sockaddr_info() for the AF_UNIX case

	fixed some typos and minor issues, including:
	Red Hat issue 1021967: formatting error in manual page

	UNIX-LISTEN with fork option did not remove the socket file system entry
	when exiting. Other file system based passive address types had similar
	issues or failed to apply options umask, user e.a.

porting:
	Red Hat issue 1020203: configure checks fail with some compilers.
	Use case: clang

	Performed changes for Fedora release 19

	Adapted, improved test.sh script

	Red Hat issue 1021429: getgroupent fails with large number of groups;
	use getgrouplist() when available instead of sequence of calls to
	getgrent()

	Red Hat issue 1021948: snprintf API change;
	Implemented xio_snprintf() function as wrapper that tries to emulate C99
	behaviour on old glibc systems, and adapted all affected calls
	appropriately

	Mike Frysinger provided a patch that supports long long for time_t,
	socklen_t and a few other libc types.

	Artem Mygaiev extended Cedril Priscals Android build script with pty code

	The check for fips.h required stddef.h

	Check for linux/errqueue.h failed on some systems due to lack of
	linux/types.h inclusion.

	autoconf now prefers configure.ac over configure.in

	type of struct cmsghdr.cmsg is system dependend, determine it with
	configure; some more print format corrections

docu:
	libwrap always logs to syslog

	added actual text version of GPLv2

####################### V 1.7.2.3:

security:
	CVE-2014-0019: socats PROXY-CONNECT address was vulnerable to a buffer
	overflow with data from command line (see socat-secadv5.txt)


To generate a diff of this commit:
cvs rdiff -u -r1.31 -r1.32 pkgsrc/net/socat/Makefile
cvs rdiff -u -r1.19 -r1.20 pkgsrc/net/socat/distinfo
cvs rdiff -u -r1.6 -r0 pkgsrc/net/socat/patches/patch-aa
cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/socat/patches/patch-configure \
    pkgsrc/net/socat/patches/patch-mytypes.h

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.