Wed Mar 4 22:03:30 UTC 202020200304220330

a/sdparm-1.10-x86_64-3.txz:  Rebuilt.
  Recompiled against sg3_utils-1.45.
a/udisks-1.0.5-x86_64-5.txz:  Rebuilt.
  Recompiled against sg3_utils-1.45.
d/cmake-3.16.5-x86_64-1.txz:  Upgraded.
l/libgpod-0.8.3-x86_64-6.txz:  Rebuilt.
  Recompiled against sg3_utils-1.45.
n/curl-7.69.0-x86_64-1.txz:  Upgraded.
n/cyrus-sasl-2.1.27-x86_64-3.txz:  Rebuilt.
  Added SQL support via MariaDB. Thanks to niksoggia.
n/ntp-4.2.8p14-x86_64-1.txz:  Upgraded.
n/ppp-2.4.8-x86_64-1.txz:  Upgraded.
  This update fixes a security issue:
  By sending an unsolicited EAP packet to a vulnerable ppp client or server,
  an unauthenticated remote attacker could cause memory corruption in the
  pppd process, which may allow for arbitrary code execution.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
  (* Security fix *)
testing/packages/PAM/cyrus-sasl-2.1.27-x86_64-3_pam.txz:  Rebuilt.
  Added SQL support via MariaDB. Thanks to niksoggia.
testing/packages/PAM/ppp-2.4.8-x86_64-1_pam.txz:  Upgraded.
  This update fixes a security issue:
  By sending an unsolicited EAP packet to a vulnerable ppp client or server,
  an unauthenticated remote attacker could cause memory corruption in the
  pppd process, which may allow for arbitrary code execution.
  For more information, see:
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8597
  (* Security fix *)

1 files changed, 0 insertions, 74 deletions

diff --git a/source/n/ppp/ppp.glibc228.diff b/source/n/ppp/ppp.glibc228.diff
deleted file mode 100644
index 6faed287e..000000000
--- a/source/n/ppp/ppp.glibc228.diff
+++ /dev/null
@@ -1,74 +0,0 @@
---- ./pppd/pppcrypt.c.orig	2014-08-09 07:31:39.000000000 -0500
-+++ ./pppd/pppcrypt.c	2018-09-18 18:59:26.393068817 -0500
-@@ -110,7 +110,7 @@
- }
- 
- bool
--DesSetkey(key)
-+setkey(key)
- u_char *key;
- {
- 	u_char des_key[8];
-@@ -126,7 +126,7 @@
- }
- 
- bool
--DesEncrypt(clear, cipher)
-+encrypt(clear, cipher)
- u_char *clear;	/* IN  8 octets */
- u_char *cipher;	/* OUT 8 octets */
- {
-@@ -161,7 +161,7 @@
- static des_key_schedule	key_schedule;
- 
- bool
--DesSetkey(key)
-+setkey(key)
- u_char *key;
- {
- 	des_cblock des_key;
-@@ -171,7 +171,7 @@
- }
- 
- bool
--DesEncrypt(clear, key, cipher)
-+encrypt(clear, key, cipher)
- u_char *clear;	/* IN  8 octets */
- u_char *cipher;	/* OUT 8 octets */
- {
---- ./pppd/chap_ms.c.orig	2014-08-09 07:31:39.000000000 -0500
-+++ ./pppd/chap_ms.c	2018-09-18 18:59:26.391068817 -0500
-@@ -518,12 +518,12 @@
- 	   sizeof(ZPasswordHash), ZPasswordHash);
- #endif
- 
--    (void) DesSetkey(ZPasswordHash + 0);
--    DesEncrypt(challenge, response + 0);
--    (void) DesSetkey(ZPasswordHash + 7);
--    DesEncrypt(challenge, response + 8);
--    (void) DesSetkey(ZPasswordHash + 14);
--    DesEncrypt(challenge, response + 16);
-+    (void) setkey(ZPasswordHash + 0);
-+    encrypt(challenge, response + 0);
-+    (void) setkey(ZPasswordHash + 7);
-+    encrypt(challenge, response + 8);
-+    (void) setkey(ZPasswordHash + 14);
-+    encrypt(challenge, response + 16);
- 
- #if 0
-     dbglog("ChallengeResponse - response %.24B", response);
-@@ -640,10 +640,10 @@
-     BZERO(UcasePassword, sizeof(UcasePassword));
-     for (i = 0; i < secret_len; i++)
-        UcasePassword[i] = (u_char)toupper(secret[i]);
--    (void) DesSetkey(UcasePassword + 0);
--    DesEncrypt( StdText, PasswordHash + 0 );
--    (void) DesSetkey(UcasePassword + 7);
--    DesEncrypt( StdText, PasswordHash + 8 );
-+    (void) setkey(UcasePassword + 0);
-+    encrypt( StdText, PasswordHash + 0 );
-+    (void) setkey(UcasePassword + 7);
-+    encrypt( StdText, PasswordHash + 8 );
-     ChallengeResponse(rchallenge, PasswordHash, &response[MS_CHAP_LANMANRESP]);
- }
- #endif