Hello community,
here is the log from the commit of package openvas-scanner for openSUSE:Factory
checked in at Fri Jun 10 13:05:41 CEST 2011.
--------
--- openvas-scanner/openvas-scanner.changes 2011-04-11 20:07:18.000000000 +0200
+++ /mounts/work_src_done/STABLE/openvas-scanner/openvas-scanner.changes 2011-06-08 20:53:27.000000000 +0200
@@ -1,0 +2,8 @@
+Wed Jun 8 18:14:49 UTC 2011 - bitshuffler@opensuse.org
+
+- Updated to 3.2.4
+ * Fixed: Two potential resource leaks.
+ * Fixed: A number of compiler warning when compiling with gcc 4.6.
+ * Fixed: Usage of the mktemp template in openvas-nvt-sync.
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
openvas-scanner-3.2.3.tar.gz
New:
----
openvas-scanner-3.2.4.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ openvas-scanner.spec ++++++
--- /var/tmp/diff_new_pack.lCAhzA/_old 2011-06-10 13:04:59.000000000 +0200
+++ /var/tmp/diff_new_pack.lCAhzA/_new 2011-06-10 13:04:59.000000000 +0200
@@ -19,7 +19,7 @@
Name: openvas-scanner
-Version: 3.2.3
+Version: 3.2.4
Release: 1
License: GPLv2
Group: Productivity/Networking/Security
++++++ debian.changelog ++++++
--- /var/tmp/diff_new_pack.lCAhzA/_old 2011-06-10 13:04:59.000000000 +0200
+++ /var/tmp/diff_new_pack.lCAhzA/_new 2011-06-10 13:04:59.000000000 +0200
@@ -1,3 +1,12 @@
+openvas-scanner (3.2.4-1) UNRELEASED; urgency=low
+
+ * New upstream release
+ - Fixed: Two potential resource leaks.
+ - Fixed: A number of compiler warning when compiling with gcc 4.6.
+ - Fixed: Usage of the mktemp template in openvas-nvt-sync.
+
+ -- Stephan Kleine Wed, 08 Jun 2011 20:16:05 +0200
+
openvas-scanner (3.2.3-1) UNRELEASED; urgency=low
* New upstream release
++++++ openvas-scanner-3.2.3.tar.gz -> openvas-scanner-3.2.4.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/CHANGES new/openvas-scanner-3.2.4/CHANGES
--- old/openvas-scanner-3.2.3/CHANGES 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/CHANGES 2011-06-08 14:22:08.000000000 +0200
@@ -1,3 +1,22 @@
+openvas-scanner 3.2.4 (2011-06-08)
+
+This is the fourth maintenance release of the openvas-scanner 3.2 module for the
+Open Vulnerability Assessment System release 4 (OpenVAS-4).
+
+This release addresses a number of compiler warnings discovered by Stephan
+Kleine, fixes two potential resource leaks reported by Henri Doreau and
+addresses an issue in the synchronization script which could cause an error
+under certain circumstances.
+
+Many thanks to everyone who has contributed to this release:
+Henri Doreau, Stephan Kleine, Matthew Mundell and Michael Wiegand.
+
+Main changes compared to 3.2.3:
+* Fixed: Two potential resource leaks.
+* Fixed: A number of compiler warning when compiling with gcc 4.6.
+* Fixed: Usage of the mktemp template in openvas-nvt-sync.
+
+
openvas-scanner 3.2.3 (2011-04-11)
This is the third maintenance release of the openvas-scanner 3.2 module for the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/CMakeLists.txt new/openvas-scanner-3.2.4/CMakeLists.txt
--- old/openvas-scanner-3.2.3/CMakeLists.txt 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/CMakeLists.txt 2011-06-08 14:22:08.000000000 +0200
@@ -79,7 +79,7 @@
set (CPACK_TOPLEVEL_TAG "")
set (CPACK_PACKAGE_VERSION_MAJOR "3")
set (CPACK_PACKAGE_VERSION_MINOR "2")
-set (CPACK_PACKAGE_VERSION_PATCH "3${SVN_REVISION}")
+set (CPACK_PACKAGE_VERSION_PATCH "4${SVN_REVISION}")
set (CPACK_PACKAGE_VERSION "${CPACK_PACKAGE_VERSION_MAJOR}.${CPACK_PACKAGE_VERSION_MINOR}.${CPACK_PACKAGE_VERSION_PATCH}")
set (CPACK_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}")
set (CPACK_SOURCE_PACKAGE_FILE_NAME "${PROJECT_NAME}-${CPACK_PACKAGE_VERSION}")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/ChangeLog new/openvas-scanner-3.2.4/ChangeLog
--- old/openvas-scanner-3.2.3/ChangeLog 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/ChangeLog 2011-06-08 14:22:08.000000000 +0200
@@ -1,3 +1,73 @@
+2011-06-08 Michael Wiegand
+
+ Preparing the openvas-scanner 3.2.4 release.
+
+ * CHANGES: Updated.
+
+2011-06-06 Michael Wiegand
+
+ * src/ntp_11.c (ntp_1x_send_dependencies): Revert last commit as it
+ removed a used variable.
+
+2011-06-05 Stephan Kleine
+
+ * src/ntp_11.c: remove unused variable to fix compilation wih GCC 4.6.
+
+2011-06-01 Matthew Mundell
+
+ Close some leaks. Based on patch from Michael Wiegand. Backport from
+ trunk r11050.
+
+ * src/oval_plugins.c (start_element, text, oval_plugin_add): Always free
+ memory that is allocated by glib functions. Take into account that the
+ nvti_set_* functions duplicate the given memory.
+ (ovaldi_launch): Add leak todos.
+
+2011-05-31 Matthew Mundell
+
+ Deal with GCC 4.6 warnings. Thanks to Stephan Kleine for original patch.
+ Backport from trunk r11034.
+
+ * src/attack.c (attack_network): Remove stray variables.
+
+ * src/nasl_plugins.c (nasl_thread): Check nice return.
+
+ * src/openvassd.c (scanner_thread): Check nice return.
+
+ * src/oval_plugins.c (oval_plugin_add): Set NVT description correctly in
+ overlength case.
+
+ * src/preferences.c (preferences_drop_privileges): Remove variable
+ previously used for trace message.
+
+ * src/shared_socket.c (openvassd_shared_socket_register): Check
+ internal_recv return.
+
+ * src/sighand.c (let_em_die): Remove return variable, as the waitpid may
+ fail in legitimate cases.
+
+2011-04-18 Matthew Mundell
+
+ * tools/openvas-nvt-sync.in: Put the mktemp template last, otherwise
+ Ubuntu 9.10 gives an error.
+ (do_sync): Correct typo.
+
+2011-04-18 Henri Doreau
+
+ * src/ntp_11.c (ntp_1x_send_dependencies): fixed memory leak reported
+ by Valgrind.
+
+2011-04-18 Henri Doreau
+
+ * src/pluginload.c (collect_nvts): fixed memory leak reported by
+ Valgrind.
+
+2011-04-11 Michael Wiegand
+
+ Post release version bump.
+
+ * CMakeLists.txt: Set to version to 3.2.4.
+
2011-04-11 Michael Wiegand
Preparing the openvas-scanner 3.2.3 release.
@@ -280,7 +350,7 @@
* doc/HTTP_authentication.txt: Removed. There is no
new or helpful information in there.
-
+
* src/COPYING: Removed. Since we maintain a explicit
list in COPYING, we don't need that file anymore.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/doc/openvassd.8 new/openvas-scanner-3.2.4/doc/openvassd.8
--- old/openvas-scanner-3.2.3/doc/openvassd.8 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/doc/openvassd.8 2011-06-08 14:22:08.000000000 +0200
@@ -23,7 +23,7 @@
.TP
.BI "-c " <config-file> ", --config-file=" <config-file>
Use the alternate configuration file instead of
-.I /home/michael/vol1/openvas-testing/etc/openvas/openvassd.conf
+.I /home/michael/vol1/openvas-testing-release/etc/openvas/openvassd.conf
.TP
.BI "-a " <address> ", --listen=" <address>
@@ -81,12 +81,12 @@
The default
.B openvassd
configuration file,
-.I /home/michael/vol1/openvas-testing/etc/openvas/openvassd.conf
+.I /home/michael/vol1/openvas-testing-release/etc/openvas/openvassd.conf
contains these options:
.IP plugins_folder
Contains the location of the plugins folder. This is usually
-/home/michael/vol1/openvas-testing/var/lib/openvas/plugins, but you may change this.
+/home/michael/vol1/openvas-testing-release/var/lib/openvas/plugins, but you may change this.
.IP logfile
path to the logfile. You can enter
.I syslog
@@ -159,7 +159,7 @@
.SH USERS MANAGEMENT
The utility openvas-adduser(8) creates new openvassd users. Each openvassd user
-is attributed a "home", in /home/michael/vol1/openvas-testing/var/lib/openvas/users/<username>. This home contains the following directories :
+is attributed a "home", in /home/michael/vol1/openvas-testing-release/var/lib/openvas/users/<username>. This home contains the following directories :
.IP auth/
This directory contains the authentication information for this user. It might contain the file 'dname' if the user is authenticating using a certificate, or 'hash' (or 'passwd') if the user is authenticating using a password. The file 'hash' contains a MD5 hash of the user password, as well as a random seed. The file 'password' should contain the password in clear text.
@@ -175,7 +175,7 @@
When a user attempts to log in, openvassd first checks that the directory
-/home/michael/vol1/openvas-testing/var/lib/openvas/users/<username> exists, then hashes the password sent by the user with the random salt found in <username>/auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then openvassd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in <username>/dname.
+/home/michael/vol1/openvas-testing-release/var/lib/openvas/users/<username> exists, then hashes the password sent by the user with the random salt found in <username>/auth/hash, and compares it with the password hash stored in the same file. If the users authenticates using a certificate, then openvassd checks that the certificate has been signed by a recognized authority, and makes sure that the dname of the certificate shown by the user is the same as the one in <username>/dname.
To remove a given user, use the command openvas-rmuser(8).
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/attack.c new/openvas-scanner-3.2.4/src/attack.c
--- old/openvas-scanner-3.2.3/src/attack.c 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/src/attack.c 2011-06-08 14:22:08.000000000 +0200
@@ -1,5 +1,5 @@
/* OpenVAS
-* $Id: attack.c 9983 2011-01-17 17:46:44Z jan $
+* $Id: attack.c 11038 2011-05-31 18:53:24Z mattm $
* Description: Launches the plugins, and manages multithreading.
*
* Authors: - Renaud Deraison (Original pre-fork develoment)
@@ -939,7 +939,6 @@
{
int max_hosts = 0;
int num_tested = 0;
- int host_pending = 0;
char hostname[1024];
char *hostlist;
struct in6_addr host_ip;
@@ -1139,7 +1138,6 @@
}
}
- host_pending = 0;
memcpy (&addrs.ip6, &host_ip, sizeof (struct in6_addr));
/* Do we have the right to test this host ? */
@@ -1156,9 +1154,7 @@
int s;
char *MAC = NULL;
int mac_err = -1;
- struct in_addr addr;
- addr.s_addr = host_ip.s6_addr32[3];
if (preferences_use_mac_addr (preferences)
&& v6_is_local_ip (&host_ip))
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/nasl_plugins.c new/openvas-scanner-3.2.4/src/nasl_plugins.c
--- old/openvas-scanner-3.2.3/src/nasl_plugins.c 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/src/nasl_plugins.c 2011-06-08 14:22:08.000000000 +0200
@@ -1,5 +1,5 @@
/* OpenVAS
-* $Id: nasl_plugins.c 9983 2011-01-17 17:46:44Z jan $
+* $Id: nasl_plugins.c 11038 2011-05-31 18:53:24Z mattm $
* Description: Launches NASL plugins.
*
* Authors: - Renaud Deraison (Original pre-fork develoment)
@@ -29,6 +29,7 @@
* @brief The nasl - plugin class. Loads or launches nasl- plugins.
*/
+#include
#include /* for fprintf() */
#include /* for close() */
#include /* for SIGTERM */
@@ -252,10 +253,14 @@
int nice_retval;
if (preferences_benice (NULL))
- nice_retval = nice (-5);
- // @todo: Check value of nice_retval to see if it was successful.
- // Keep in mind that even -1 can mean success here; see man page of nice
- // for details.
+ {
+ errno = 0;
+ nice_retval = nice (-5);
+ if (nice_retval == -1 && errno != 0)
+ {
+ log_write ("Unable to renice process: %d", errno);
+ }
+ }
/* XXX ugly hack */
soc = dup2 (soc, 4);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/ntp_11.c new/openvas-scanner-3.2.4/src/ntp_11.c
--- old/openvas-scanner-3.2.3/src/ntp_11.c 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/src/ntp_11.c 2011-06-08 14:22:08.000000000 +0200
@@ -1,5 +1,5 @@
/* OpenVAS
-* $Id: ntp_11.c 9926 2011-01-11 20:33:45Z jan $
+* $Id: ntp_11.c 11076 2011-06-06 08:29:59Z mwiegand $
* Description: OpenVAS Communication Manager; it manages the OpenVAS Transfer Protocol,
* version 1.1 and 1.2.
*
@@ -843,9 +843,7 @@
strncat (buf, " <|> ", buf_size);
deps = deps->next;
}
-#if 0
arg_free_all (d);
-#endif
auth_printf (globals, "%s\n", buf);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/openvassd.c new/openvas-scanner-3.2.4/src/openvassd.c
--- old/openvas-scanner-3.2.3/src/openvassd.c 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/src/openvassd.c 2011-06-08 14:22:08.000000000 +0200
@@ -1,5 +1,5 @@
/* OpenVAS
-* $Id: openvassd.c 10073 2011-01-24 07:48:34Z jan $
+* $Id: openvassd.c 11038 2011-05-31 18:53:24Z mattm $
* Description: Runs the OpenVAS-scanner.
*
* Authors: - Renaud Deraison (Original pre-fork develoment)
@@ -40,6 +40,7 @@
* OpenVAS Scanner main module, runs the scanner.
*/
+#include
#include /* for strchr() */
#include /* for fprintf() */
#include /* for atoi() */
@@ -428,11 +429,14 @@
/* Everyone runs with a nicelevel of 10 */
if (preferences_benice (prefs))
- nice_retval = nice (10);
- // @todo: Check value of nice_retval to see if it was successful.
- // Keep in mind that even -1 can mean success here; see man page of nice
- // for details.
-
+ {
+ errno = 0;
+ nice_retval = nice (10);
+ if (nice_retval == -1 && errno != 0)
+ {
+ log_write ("Unable to renice process: %d", errno);
+ }
+ }
openvas_signal (SIGCHLD, sighand_chld);
#if 1
/* To let some time to attach a debugger to the child process */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/oval_plugins.c new/openvas-scanner-3.2.4/src/oval_plugins.c
--- old/openvas-scanner-3.2.3/src/oval_plugins.c 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/src/oval_plugins.c 2011-06-08 14:22:08.000000000 +0200
@@ -202,13 +202,14 @@
{
// TODO: This currently assigns only IDs in the range intended for
// RedHat security advisories.
- // TODO: g_strdup really necessary?
- nvti_set_oid (current_plugin,
- (const gchar *) g_strconcat ("1.3.6.1.4.1.25623.1.2.2312.",
- g_strrstr (g_strdup (*value_cursor), ":") + 1, NULL));
+ gchar *nvt_oid = g_strconcat ("1.3.6.1.4.1.25623.1.2.2312.",
+ g_strrstr (*value_cursor, ":") + 1,
+ NULL);
+ nvti_set_oid (current_plugin, nvt_oid);
+ g_free (nvt_oid);
}
if (strcmp (*name_cursor, "version") == 0)
- nvti_set_version(current_plugin, *value_cursor);
+ nvti_set_version (current_plugin, *value_cursor);
name_cursor++;
value_cursor++;
}
@@ -268,11 +269,14 @@
gchar **title_split = g_strsplit (text, "\n", 0);
if (g_strv_length (title_split) > 1)
{
+ gchar *nvt_name;
for (i = 0; i < g_strv_length (title_split); i++)
{
g_strstrip (title_split[i]);
}
- nvti_set_name (current_plugin, g_strjoinv (" ", title_split));
+ nvt_name = g_strjoinv (" ", title_split);
+ nvti_set_name (current_plugin, nvt_name);
+ g_free (nvt_name);
}
else
{
@@ -360,7 +364,6 @@
gchar *filebuffer = NULL;
gsize length = 0;
gchar *descriptions = NULL;
- gchar *description = NULL;
int i;
if (plugin_list != NULL)
@@ -383,6 +386,7 @@
if (args == NULL)
{
+ gchar *nvt_filename;
char *sign_fprs = nasl_extract_signature_fprs (fullname);
// If server accepts signed plugins only, discard if signature file missing.
if (preferences_nasl_no_signature_check (preferences) == 0
@@ -425,6 +429,8 @@
if (g_slist_length (plugin_list) > 1)
{
gchar **title_array;
+ gchar *nvt_description;
+ gchar *nvt_name;
title_array =
g_malloc0 ((g_slist_length (plugin_list) + 1) * sizeof (gchar *));
@@ -437,23 +443,27 @@
descriptions = g_strjoinv (NULL, title_array);
if (strlen (descriptions) > 3100)
{
- description =
- g_strconcat
+ gchar *short_description = g_strndup (descriptions, 3100);
+ nvt_description = g_strconcat
("This OVAL file contains the following definitions:\n",
- g_strndup (descriptions, 3100),
- "\n(list cut due to memory limitations)", NULL);
+ short_description, "\n(list cut due to memory limitations)", NULL);
+ g_free (short_description);
}
else
{
- nvti_set_description (first_plugin, g_strconcat
+ nvt_description = g_strconcat
("This OVAL file contains the following definitions:\n",
- g_strdup (descriptions), NULL));
+ descriptions, NULL);
}
+ nvti_set_description (first_plugin, nvt_description);
+ g_free (nvt_description);
g_free (descriptions);
g_strfreev (title_array);
- nvti_set_name (first_plugin,
- g_strdup_printf ("%s (%d OVAL definitions)", name,
- g_slist_length (plugin_list)));
+ nvt_name = g_strdup_printf ("%s (%d OVAL definitions)",
+ name,
+ g_slist_length (plugin_list));
+ nvti_set_name (first_plugin, nvt_name);
+ g_free (nvt_name);
}
nvti_set_summary (first_plugin, nvti_name (first_plugin));
@@ -461,7 +471,11 @@
nvti_set_dependencies (first_plugin, "toolcheck.nasl");
nvti_set_mandatory_keys (first_plugin, "Tools/Present/ovaldi");
nvti_set_category (first_plugin, ACT_END);
- nvti_set_src (first_plugin, g_build_filename (folder, name, NULL));
+
+ nvt_filename = g_build_filename (folder, name, NULL);
+ nvti_set_src (first_plugin, nvt_filename);
+ g_free (nvt_filename);
+
nvti_set_sign_key_ids (first_plugin, sign_fprs);
args = emalloc (sizeof (struct arglist));
@@ -559,14 +573,18 @@
// struct arglist * args = arg_get_value (g_args, "args");
struct kb_item **kb = arg_get_value (g_args, "key");
gchar *basename =
+ /** @todo What frees the g_strdup string? */
g_strrstr (g_strdup ((char *) arg_get_value (g_args, "name")), "/") + 1;
gchar *result_string = NULL;
+ /** @todo What frees this? */
gchar *folder = g_strndup ((char *) arg_get_value (g_args, "name"),
strlen ((char *) arg_get_value (g_args, "name")) -
strlen (basename));
+ /** @todo What frees this? */
sc_filename = g_strconcat (folder, "sc-out.xml", NULL);
log_write ("SC Filename: %s\n", sc_filename);
+ /** @todo What if some other process does an ovaldi scan? */
results_filename = "/tmp/results.xml";
if (g_file_test (results_filename, G_FILE_TEST_EXISTS))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/pluginload.c new/openvas-scanner-3.2.4/src/pluginload.c
--- old/openvas-scanner-3.2.3/src/pluginload.c 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/src/pluginload.c 2011-06-08 14:22:08.000000000 +0200
@@ -1,5 +1,5 @@
/* OpenVAS
-* $Id: pluginload.c 9967 2011-01-14 15:38:08Z jan $
+* $Id: pluginload.c 10795 2011-04-18 08:23:01Z hdoreau $
* Description: Loads plugins from disk into memory.
*
* Authors: - Renaud Deraison (Original pre-fork develoment)
@@ -95,7 +95,7 @@
collect_nvts (const char *folder, const char *subdir, GSList * files)
{
GDir *dir;
- const gchar *fname, *path;
+ const gchar *fname;
if (folder == NULL)
return files;
@@ -107,11 +107,23 @@
fname = g_dir_read_name (dir);
while (fname)
{
+ char *path;
+
path = g_build_filename (folder, fname, NULL);
if (g_file_test (path, G_FILE_TEST_IS_DIR))
- files =
- collect_nvts (g_build_filename (folder, fname, NULL),
- g_build_filename (subdir, fname, NULL), files);
+ {
+ char *new_folder, *new_subdir;
+
+ new_folder = g_build_filename (folder, fname, NULL);
+ new_subdir = g_build_filename (subdir, fname, NULL);
+
+ files = collect_nvts (new_folder, new_subdir, files);
+
+ if (new_folder)
+ g_free (new_folder);
+ if (new_subdir)
+ g_free (new_subdir);
+ }
else
{
pl_class_t *cl_ptr = plugin_classes;
@@ -127,6 +139,7 @@
cl_ptr = cl_ptr->pl_next;
}
}
+ g_free (path);
fname = g_dir_read_name (dir);
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/preferences.c new/openvas-scanner-3.2.4/src/preferences.c
--- old/openvas-scanner-3.2.3/src/preferences.c 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/src/preferences.c 2011-06-08 14:22:08.000000000 +0200
@@ -1,5 +1,5 @@
/* OpenVAS
-* $Id: preferences.c 10320 2011-02-16 13:27:43Z mwiegand $
+* $Id: preferences.c 11038 2011-05-31 18:53:24Z mattm $
* Description: Loads the preferences set in openvassd.conf into the memory.
*
* Authors: - Renaud Deraison (Original pre-fork develoment)
@@ -452,7 +452,6 @@
int
preferences_drop_privileges (struct arglist *preferences, char *oid)
{
- char *pref;
int ret = 0;
if (preferences == NULL)
@@ -464,7 +463,6 @@
ret = 1;
}
- pref = arg_get_value (preferences, "drop_privileges");
return ret;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/shared_socket.c new/openvas-scanner-3.2.4/src/shared_socket.c
--- old/openvas-scanner-3.2.3/src/shared_socket.c 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/src/shared_socket.c 2011-06-08 14:22:08.000000000 +0200
@@ -1,5 +1,5 @@
/* OpenVAS
-* $Id: shared_socket.c 9926 2011-01-11 20:33:45Z jan $
+* $Id: shared_socket.c 11038 2011-05-31 18:53:24Z mattm $
* Description: Manage shared sockets.
*
* Authors: - Renaud Deraison (Original pre-fork develoment)
@@ -100,6 +100,12 @@
int type;
e = internal_recv (soc, &buffer, &bufsz, &type);
+ if (e == -1)
+ {
+ log_write ("shared_socket_register(): Error - internal_recv() failed\n");
+ return -1;
+ }
+
if ((type & INTERNAL_COMM_MSG_SHARED_SOCKET) == 0
|| (type & INTERNAL_COMM_SHARED_SOCKET_DORECVMSG) == 0)
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/src/sighand.c new/openvas-scanner-3.2.4/src/sighand.c
--- old/openvas-scanner-3.2.3/src/sighand.c 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/src/sighand.c 2011-06-08 14:22:08.000000000 +0200
@@ -1,5 +1,5 @@
/* OpenVAS
-* $Id: sighand.c 9881 2011-01-04 18:23:58Z jan $
+* $Id: sighand.c 11038 2011-05-31 18:53:24Z mattm $
* Description: Provides signal handling functions.
*
* Authors: - Renaud Deraison (Original pre-fork develoment)
@@ -46,9 +46,9 @@
void
let_em_die (int pid)
{
- int status, x;
+ int status;
- x = waitpid (pid, &status, WNOHANG);
+ waitpid (pid, &status, WNOHANG);
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openvas-scanner-3.2.3/tools/openvas-nvt-sync.in new/openvas-scanner-3.2.4/tools/openvas-nvt-sync.in
--- old/openvas-scanner-3.2.3/tools/openvas-nvt-sync.in 2011-04-11 09:29:40.000000000 +0200
+++ new/openvas-scanner-3.2.4/tools/openvas-nvt-sync.in 2011-06-08 14:22:08.000000000 +0200
@@ -87,7 +87,7 @@
SYNC_TMP_DIR=/tmp
# If we have mktemp, create a temporary dir (safer)
if [ -n "`which mktemp`" ]; then
- SYNC_TMP_DIR=`mktemp -d openvas-nvt-sync.XXXXXXXXXX -t` || { echo "ERROR: Cannot create temporary directory for file download" >&2; exit 1 ; }
+ SYNC_TMP_DIR=`mktemp -t -d openvas-nvt-sync.XXXXXXXXXX` || { echo "ERROR: Cannot create temporary directory for file download" >&2; exit 1 ; }
trap "rm -rf $SYNC_TMP_DIR" EXIT HUP INT TRAP TERM
fi
else
@@ -252,7 +252,7 @@
do_sync () {
if [ -z "$CMD_RSYNC" ] || [ $FEED_PRESENT -eq 0 ] ; then
if [ $FEED_PRESENT -eq 0 ] ; then
- echo "[i] rsync not is recommended for the initial sync. Falling back on http."
+ echo "[i] rsync is not recommended for the initial sync. Falling back on http."
else
echo "[w] rsync not found!"
fi
++++++ openvas-scanner.dsc ++++++
--- /var/tmp/diff_new_pack.lCAhzA/_old 2011-06-10 13:04:59.000000000 +0200
+++ /var/tmp/diff_new_pack.lCAhzA/_new 2011-06-10 13:04:59.000000000 +0200
@@ -2,13 +2,13 @@
Source: openvas-scanner
Binary: openvas-scanner
Architecture: any
-Version: 3.2.3-1
+Version: 3.2.4-1
Maintainer: Stephan Kleine
Homepage: http://www.openvas.org/
Standards-Version: 3.8.0
Build-Depends: debhelper (>= 6), devscripts, dpatch, cmake, hardening-wrapper, libopenvas4-dev, libwrap0-dev, pkg-config, po-debconf
Files:
- 776ce4e1000137c9aec7863372c8c876 373800 openvas-scanner-3.2.3.orig.tar.gz
- 131e6720b0526ade9405eade0d9150ac 56625 openvas-scanner-3.2.3.diff.gz
+ 776ce4e1000137c9aec7863372c8c876 373800 openvas-scanner-3.2.4.orig.tar.gz
+ 131e6720b0526ade9405eade0d9150ac 56625 openvas-scanner-3.2.4.diff.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org