From d6fae7839472caf550a2df1b9eac8ffb00f00816 Mon Sep 17 00:00:00 2001 From: Silvan Calarco Date: Fri, 5 Jan 2024 21:37:27 +0100 Subject: [PATCH] rebuilt with libopenssl 0.9.8 [release 1.12.13-3mamba;Fri Oct 16 2009] --- README.md | 7 ++ cvs-1.12.12-can_2005_2693.patch | 19 +++ cvs-pam | 8 ++ cvs.spec | 201 ++++++++++++++++++++++++++++++++ cvspserver-xinetd | 11 ++ 5 files changed, 246 insertions(+) create mode 100644 cvs-1.12.12-can_2005_2693.patch create mode 100644 cvs-pam create mode 100644 cvs.spec create mode 100644 cvspserver-xinetd diff --git a/README.md b/README.md index a1c9391..f48aa67 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,9 @@ # cvs +Concurrent Versions System (CVS) is a version control system which can record the history of your files (usually, but not always, source code). +CVS only stores the differences between versions, instead of every version of every file you've ever created. CVS also keeps a log of who, when and why changes occurred. + +CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors. +Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files. +These directories and files can then be combined together to form a software release. + diff --git a/cvs-1.12.12-can_2005_2693.patch b/cvs-1.12.12-can_2005_2693.patch new file mode 100644 index 0000000..a951a9a --- /dev/null +++ b/cvs-1.12.12-can_2005_2693.patch @@ -0,0 +1,19 @@ +--- cvs-1.12.12/src/cvsbug.in.orig 2005-09-08 15:51:56.000000000 +0200 ++++ cvs-1.12.12/src/cvsbug.in 2005-09-08 15:53:11.000000000 +0200 +@@ -109,14 +109,14 @@ + /usr/bin/ypcat passwd 2>/dev/null | cat - /etc/passwd | grep "^$LOGNAME:" | + cut -f5 -d':' | sed -e 's/,.*//' > $TEMP + ORIGINATOR="`cat $TEMP`" +- rm -f $TEMP ++ > $TEMP + fi + fi + + if [ "$ORIGINATOR" = "" ]; then + grep "^$LOGNAME:" /etc/passwd | cut -f5 -d':' | sed -e 's/,.*//' > $TEMP + ORIGINATOR="`cat $TEMP`" +- rm -f $TEMP ++ > $TEMP + fi + + if [ -n "$ORGANIZATION" ]; then diff --git a/cvs-pam b/cvs-pam new file mode 100644 index 0000000..8d29678 --- /dev/null +++ b/cvs-pam @@ -0,0 +1,8 @@ +#%PAM-1.0 +auth required pam_stack.so service=system-auth +auth required pam_nologin.so +account required pam_stack.so service=system-auth +password required pam_stack.so service=system-auth +session required pam_stack.so service=system-auth +session required pam_limits.so + diff --git a/cvs.spec b/cvs.spec new file mode 100644 index 0000000..badc4ae --- /dev/null +++ b/cvs.spec @@ -0,0 +1,201 @@ +%define groupid 65015 +%define groupidadmin 65016 + +Name: cvs +Version: 1.12.13 +Release: 3mamba +Summary: The CVS (Concurrent Versions System) tools +Group: Applications/Development +Vendor: openmamba +Distribution: openmamba +Packager: Silvan Calarco +URL: http://www.nongnu.org/cvs/ +Source0: http://ftp.gnu.org/non-gnu/cvs/source/feature/%{version}/cvs-%{version}.tar.bz2 +Source1: cvspserver-xinetd +Source2: cvs-pam +Patch: %{name}-1.12.12-can_2005_2693.patch +License: GPL +## AUTOBUILDREQ-BEGIN +BuildRequires: glibc-devel +BuildRequires: libe2fs-devel +BuildRequires: libkrb5-devel +BuildRequires: libopenssl-devel +BuildRequires: pam-devel +BuildRequires: perl-devel +## AUTOBUILDREQ-END +BuildRequires: tcsh >= 6.12 +BuildRequires: libgdbm-devel >= 1.8.3 +BuildRequires: glibc-devel >= 2.3.5 +BuildRequires: gettext-devel >= 0.14.0 +BuildRequires: zlib-devel >= 1.2.2 +BuildRequires: debianutils >= 2.5.2 +BuildRequires: coreutils >= 5.2.1 +BuildRequires: perl, groff, ghostscript, texinfo +PreReq: %{__install_info} +BuildRoot: %{_tmppath}/%{name}-%{version}-build + +# FIXME: remove use of PID in `debug_check_log' + +%description +Concurrent Versions System (CVS) is a version control system which can record the history of your files (usually, but not always, source code). +CVS only stores the differences between versions, instead of every version of every file you've ever created. CVS also keeps a log of who, when and why changes occurred. + +CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors. +Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files. +These directories and files can then be combined together to form a software release. + +%package server +Summary: Server side of the CVS (Concurrent Versions System) +Group: System/Servers +Requires: %{name} = %{version} + +%description server +Concurrent Versions System (CVS) is a version control system which can record the history of your files (usually, but not always, source code). +CVS only stores the differences between versions, instead of every version of every file you've ever created. CVS also keeps a log of who, when and why changes occurred. + +CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors. +Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files. +These directories and files can then be combined together to form a software release. + +This package include the cvs part that create and a cvs repository (/var/cvsroot). + +# FIXME : unsecure use of `$$' in +# `/usr/share/cvs/contrib/debug_check_log' +# `/usr/share/cvs/contrib/newcvsroot' + +%prep +%setup -q +%patch -p1 -b .can_2005_2693 + +%build +%configure \ + --enable-encryption \ + --enable-case-sensitivity \ + --with-cvs-admin-group=cvsadmin \ + --enable-pam \ + --with-hardcoded-pam-service-name="cvs" + +%make + +%install +[ "%{buildroot}" != / ] && rm -rf "%{buildroot}" +%makeinstall + +install -m 0640 -D %{SOURCE1} %{buildroot}%{_sysconfdir}/xinetd.d/cvspserver +install -m 0640 -D %{SOURCE2} %{buildroot}%{_sysconfdir}/pam.d/cvs + +# initialize database +#install -d %{buildroot}/var + +%clean +[ "%{buildroot}" != / ] && rm -rf "%{buildroot}" + +%post +%install_info cvs.info +%install_info cvsclient.info + +%preun +%uninstall_info cvs.info +%uninstall_info cvsclient.info +exit 0 + +%pre server +if [ $1 -eq 1 ]; then +# new install + /usr/sbin/groupadd cvsuser -g %{groupid} 2>/dev/null + /usr/sbin/groupadd cvsadmin -g %{groupidadmin} 2>/dev/null +fi +exit 0 + +%post server +if [ $1 -eq 1 ]; then +# new install + cvs -d /var/cvsroot init + chown root.cvsuser -R /var/cvsroot + chmod g+s /var/cvsroot + chmod g+s /var/cvsroot/CVSROOT + chmod g+s /var/cvsroot/CVSROOT/Emptydir +fi +exit 0 + +%preun server +if [ $1 -eq 0 ]; then +# erase + /usr/sbin/groupdel cvsuser 2>/dev/null + /usr/sbin/groupdel cvsadmin 2>/dev/null +fi +exit 0 + +%files +%defattr(-,root,root) +%{_bindir}/* +%dir %{_datadir}/cvs +%{_datadir}/cvs/* +#%attr(2775,root,cvsuser) %dir /var/cvsroot +#%attr(2775,root,cvsuser) %dir /var/cvsroot/CVSROOT +#%attr(-,root,cvsuser) /var/cvsroot/* +%{_infodir}/* +%{_mandir}/man?/cvs* + +%files server +%defattr(-,root,root) +%config(noreplace) %{_sysconfdir}/xinetd.d/cvspserver +%config(noreplace) %{_sysconfdir}/pam.d/cvs + +%changelog +* Fri Oct 16 2009 Silvan Calarco 1.12.13-3mamba +- rebuilt with libopenssl 0.9.8 + +* Wed Aug 15 2007 Silvan Calarco 1.12.13-2mamba +- rebuilt + +* Tue Jun 13 2006 Davide Madrisan 1.12.13-1qilnx +- update to version 1.12.13 by autospec + +* Thu Sep 08 2005 Davide Madrisan 1.12.12-1qilnx +- update to version 1.12.12 by autospec + +* Fri Apr 22 2005 Davide Madrisan 1.11.20-1qilnx +- update to version 1.11.20 by autospec +- also fixes QSA-2005-052 (CAN-2005-0753) +- fixed package groups +- added missing build requirements +- added %%post, %%preun scripts to install/uninstall info pages + +* Wed Jan 12 2005 Massimo Pintore 1.11.18-5qilnx +- added package cvs-server + +* Wed Jan 12 2005 Silvan Calarco 1.11.18-4qilnx +- create cvsroot after install instead of before packaging + +* Tue Jan 11 2005 Silvan Calarco 1.11.18-3qilnx +- create cvsroot and cvsroot/CVSROOT directories with suid'ed group + +* Thu Dec 30 2004 Silvan Calarco 1.11.18-2qilnx +- added pam support patch + +* Fri Dec 24 2004 Davide Madrisan 1.11.18-1qilnx +- new version rebuild + +* Wed Jun 30 2004 Davide Madrisan 1.11.17-1qilnx +- new version rebuild: security fixes CAN-2004-04{14,16,17,18} + +* Thu May 20 2004 Davide Madrisan 1.11.16-1qilnx +- new version rebuild: fixes a serious security hole (CAN-2004-0396) in the + CVS server executable + +* Tue Apr 15 2004 Davide Madrisan 1.11.15-1qilnx +- new version rebuild: fixes serious security holes in both the client and the + CVS server (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0180) + +* Tue Mar 02 2004 Davide Madrisan 1.11.13-1qilnx +- rebuilt with cvs-1.11.13 + +* Tue Dec 30 2003 Silvan Calarco 1.11.11-2qilnx +- privileges/security enhancements (cvsuser/cvsadmin) + +* Mon Dec 29 2003 Silvan Calarco 1.11.11-1qilnx +- new version rebuild + +* Fri Jul 18 2003 Silvan Calarco 1.11.6-1qilnx +- first build of cvs diff --git a/cvspserver-xinetd b/cvspserver-xinetd new file mode 100644 index 0000000..d0b0d34 --- /dev/null +++ b/cvspserver-xinetd @@ -0,0 +1,11 @@ +service cvspserver +{ + flags = REUSE + socket_type = stream + wait = no + user = root + server = /usr/bin/cvs + server_args = -f --allow-root=/var/cvsroot pserver + log_on_failure += USERID + disable = yes +}