From 84c4ca212177f1cf0103e5879aa56d69159287be Mon Sep 17 00:00:00 2001
From: Aldas Nabazas <aldas@opensde.net>
Date: Sun, 24 Feb 2008 21:02:02 +0100
Subject: [PATCH] Updated nas (1.8 -> 1.9.1) : SECURITY - CRITICAL

CVE-2007-1543 (High) :
Stack-based buffer overflow in the accept_att_local function in server/os/connection.c in Network
Audio System (NAS) before 1.8a SVN 237 allows remote attackers to execute arbitrary code via a
long path slave name in a USL socket connection.

CVE-2007-1544 (Medium) :
Integer overflow in the ProcAuWriteElement function in server/dia/audispatch.c in Network Audio
System (NAS) before 1.8a SVN 237 allows remote attackers to cause a denial of service (crash)
and possibly execute arbitrary code via a large max_samples value.

CVE-2007-1545 (Medium) :
The AddResource function in server/dia/resource.c in Network Audio System (NAS) before 1.8a
SVN 237 allows remote attackers to cause a denial of service (server crash) via a nonexistent
client ID.

CVE-2007-1546 (Medium) :
Array index error in Network Audio System (NAS) before 1.8a SVN 237 allows remote attackers to
cause a denial of service (crash) via (1) large num_action values in the ProcAuSetElements
function in server/dia/audispatch.c or (2) a large inputNum parameter to the compileInputs function
in server/dia/auutil.c.

CVE-2007-1547 (High) :
The ReadRequestFromClient function in server/os/io.c in Network Audio System (NAS) before
1.8a SVN 237 allows remote attackers to cause a denial of service (crash) via multiple
simultaneous connections, which triggers a NULL pointer dereference.
---
 audio/nas/X11R7.patch | 87 -------------------------------------------
 audio/nas/nas.desc    |  6 +--
 2 files changed, 3 insertions(+), 90 deletions(-)
 delete mode 100644 audio/nas/X11R7.patch

diff --git a/audio/nas/X11R7.patch b/audio/nas/X11R7.patch
deleted file mode 100644
index e9fb58c4a..000000000
--- a/audio/nas/X11R7.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-# --- SDE-COPYRIGHT-NOTE-BEGIN ---
-# This copyright note is auto-generated by ./scripts/Create-CopyPatch.
-#
-# Filename: package/.../nas/X11R7.patch
-# Copyright (C) 2004 - 2006 The T2 SDE Project
-#
-# More information can be found in the files COPYING and README.
-#
-# This patch file is dual-licensed. It is available under the license the
-# patched project is licensed under, as long as it is an OpenSource license
-# as defined at http://www.opensource.org/ (e.g. BSD, X11) or under the terms
-# of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
-# --- SDE-COPYRIGHT-NOTE-END ---
---- nas-1.7/Makefile	2002-01-20 20:51:24.000000000 +0100
-+++ nas-1.7-fixed/Makefile	2005-11-04 15:40:22.000000000 +0100
-@@ -71,11 +71,11 @@
-          IMAKESRC = $(CONFIGSRC)/imake
-         DEPENDSRC = $(CONFIGSRC)/makedepend
- 
--          INCROOT = /usr/X11R6/include
--        USRLIBDIR = /usr/X11R6/lib
--         SHLIBDIR = /usr/X11R6/lib
-+          INCROOT = /usr/X11/include
-+        USRLIBDIR = /usr/X11/lib
-+         SHLIBDIR = /usr/X11/lib
-        LINTLIBDIR = $(USRLIBDIR)/lint
--          MANPATH = /usr/X11R6/man
-+          MANPATH = /usr/X11/man
-     MANSOURCEPATH = $(MANPATH)/man
-            MANDIR = $(MANSOURCEPATH)1
-         LIBMANDIR = $(MANSOURCEPATH)3
-@@ -171,7 +171,7 @@
-      INSTDATFLAGS = -m 0444
-     INSTKMEMFLAGS = -s -m 4711
- 
--      PROJECTROOT = /usr/X11R6
-+      PROJECTROOT = /usr/X11
- 
-       CDEBUGFLAGS = -O3 -mpentium -mieee-fp -fbuiltin
-         CCOPTIONS = -pipe
-@@ -223,7 +223,7 @@
- # X Window System make variables; these need to be coordinated with rules
- 
-              XTOP = $(XPROJECTROOT)
--           BINDIR = /usr/X11R6/bin
-+           BINDIR = /usr/X11/bin
-      BUILDINCROOT = $(TOP)/exports
-       BUILDINCDIR = $(BUILDINCROOT)/include
-       BUILDINCTOP = ../..
-@@ -286,7 +286,7 @@
-      TRANSCOMMSRC = $(LIBSRC)/xtrans
-    TRANS_INCLUDES = -I$(TRANSCOMMSRC)
- 
--     XPROJECTROOT = /usr/X11R6
-+     XPROJECTROOT = /usr/X11
- 
-        XENVLIBDIR = $(USRLIBDIR)
-    CLIENTENVSETUP = XLOCALEDIR=$(XBUILDINCROOT)/lib/locale LD_LIBRARY_PATH=$(DTENVLIBDIR):$(OGLENVLIBDIR):$(MOTIFENVLIBDIR):$(XENVLIBDIR)
-@@ -492,7 +492,7 @@
- 
-     MOTIFENVLIBDIR = $(USRLIBDIR)
- 
--      USRINCDIR = /usr/X11R6/include
-+      USRINCDIR = /usr/X11/include
-          UIDDIR = $(LIBDIR)/uid
-         TESTSRC = $(MTOP)/tests
-         TESTLIB = $(TESTSRC)/lib
-@@ -524,7 +524,7 @@
-    MRESOURCESRC = $(MLIBSRC)/Mrm
-          UILSRC = $(MCLIENTSRC)/uil
- 
--   MPROJECTROOT = /usr/X11R6
-+   MPROJECTROOT = /usr/X11
- 
-             UIL = uil
-          DEPUIL = $(BINDIR)/uil
-@@ -584,7 +584,7 @@
- 
-    OGLENVLIBDIR = OBuildLibPath
- 
--   OPROJECTROOT = /usr/X11R6
-+   OPROJECTROOT = /usr/X11
- 
- SOGLREV = 1.1
- DEPGLLIB =
diff --git a/audio/nas/nas.desc b/audio/nas/nas.desc
index c90dabd95..c628f33d0 100644
--- a/audio/nas/nas.desc
+++ b/audio/nas/nas.desc
@@ -3,7 +3,7 @@
 [COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 [COPY]
 [COPY] Filename: package/.../nas/nas.desc
-[COPY] Copyright (C) 2006 The OpenSDE Project
+[COPY] Copyright (C) 2006 - 2008 The OpenSDE Project
 [COPY] Copyright (C) 2004 - 2006 The T2 SDE Project
 [COPY] Copyright (C) 1998 - 2004 Clifford Wolf
 [COPY]
@@ -32,10 +32,10 @@
 
 [L] MIT
 [S] Stable
-[V] 1.8
+[V] 1.9.1
 [P] X -----5---9 122.400
 
 [CV-URL] http://radscan.com/nas.html
 
-[D] 3624209591 nas-1.8.src.tar.gz http://radscan.com/nas/
+[D] 3255584881 nas-1.9.1.src.tar.gz http://dl.sourceforge.net/sourceforge/nas/