[521] | 1 | %define rel 16 |
---|
| 2 | %define _libdir /lib |
---|
| 3 | |
---|
| 4 | Summary: Libsafe: Protecting Critical Elements of Stacks |
---|
| 5 | Summary(ja): Libsafe - バッファオーバーフロー脆弱製に対する防御ライブラリ |
---|
| 6 | Name: libsafe |
---|
| 7 | Version: 2.0 |
---|
| 8 | Release: %{rel}.1%{?_dist_release} |
---|
| 9 | License: LGPL |
---|
| 10 | Group: System Environment/Libraries |
---|
| 11 | Source: http://www.research.avayalabs.com/project/libsafe/libsafe-%{version}-%{rel}.tgz |
---|
| 12 | Source1: libsafe.sh |
---|
| 13 | Source2: libsafe.csh |
---|
| 14 | #Patch0: libsafe-2.0-makefile.patch |
---|
| 15 | URL: http://www.research.avayalabs.com/project/libsafe/index.html |
---|
| 16 | Buildroot: %{_tmppath}/%{name}-%{version}-root |
---|
| 17 | |
---|
| 18 | Vendor: Project Vine |
---|
| 19 | Distribution: Vine Linux |
---|
| 20 | |
---|
| 21 | %description |
---|
| 22 | The libsafe library protects a process against the exploitation of buffer |
---|
| 23 | overflow vulnerabilities in process stacks. Libsafe works with any |
---|
| 24 | existing pre-compiled executable and can be used transparently, even on a |
---|
| 25 | system-wide basis. The method intercepts all calls to library functions |
---|
| 26 | that are known to be vulnerable. A substitute version of the corresponding |
---|
| 27 | function implements the original functionality, but in a manner that |
---|
| 28 | ensures that any buffer overflows are contained within the current stack |
---|
| 29 | frame. Libsafe has been shown to detect several known attacks and can |
---|
| 30 | potentially prevent yet unknown attacks. Experiments indicate that the |
---|
| 31 | performance overhead of libsafe is negligible. |
---|
| 32 | |
---|
| 33 | %prep |
---|
| 34 | #rm -rf %{buildroot} |
---|
| 35 | %setup -q -n libsafe-%{version}-%{rel} |
---|
| 36 | |
---|
| 37 | #%patch0 -p1 |
---|
| 38 | |
---|
| 39 | %build |
---|
| 40 | mkdir -p %{buildroot}{%{_libdir},%{_mandir}/man8,%{_sysconfdir}/profile.d} |
---|
| 41 | make |
---|
| 42 | |
---|
| 43 | %install |
---|
| 44 | install -s -m 0755 src/libsafe.so.%{version}.%{rel} %{buildroot}%{_libdir} |
---|
| 45 | install -s -m 0755 src/libsafe.so %{buildroot}%{_libdir} |
---|
| 46 | install -m 0644 doc/libsafe.8 %{buildroot}%{_mandir}/man8 |
---|
| 47 | install -m 755 %{SOURCE1} %{buildroot}%{_sysconfdir}/profile.d |
---|
| 48 | install -m 755 %{SOURCE2} %{buildroot}%{_sysconfdir}/profile.d |
---|
| 49 | |
---|
| 50 | touch %{buildroot}%{_sysconfdir}/libsafe.notify |
---|
| 51 | |
---|
| 52 | %clean |
---|
| 53 | rm -rf %{buildroot} |
---|
| 54 | |
---|
| 55 | %post -p /sbin/ldconfig |
---|
| 56 | |
---|
| 57 | %postun -p /sbin/ldconfig |
---|
| 58 | |
---|
| 59 | %files |
---|
| 60 | %defattr(-,root,root) |
---|
| 61 | %doc README EMAIL_NOTIFICATION COPYING ChangeLog exploits/ |
---|
| 62 | %doc doc/whitepaper-1.3 doc/whitepaper-2.0 doc/libsafe.8.html |
---|
| 63 | %{_libdir}/libsafe.so.%{version}.%{rel} |
---|
| 64 | %{_libdir}/libsafe.so |
---|
| 65 | %{_mandir}/*/* |
---|
| 66 | %config(missingok,noreplace) %{_sysconfdir}/profile.d/libsafe.sh |
---|
| 67 | %config(missingok,noreplace) %{_sysconfdir}/profile.d/libsafe.csh |
---|
| 68 | %config(missingok,noreplace) %{_sysconfdir}/libsafe.notify |
---|
| 69 | |
---|
| 70 | %changelog |
---|
| 71 | * Mon Sep 29 2008 Shu KONNO <owa@bg.wakwak.com> 2.0-16.1vl5 |
---|
| 72 | - applied new versioning policy, spec in utf-8 |
---|
| 73 | |
---|
| 74 | * Thu Dec 22 2005 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.0-16vl3 |
---|
| 75 | - s/Copyright/License/ |
---|
| 76 | - changed Group: |
---|
| 77 | - added Japanese summary |
---|
| 78 | |
---|
| 79 | * Sun May 18 2003 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.0-16vl2 |
---|
| 80 | - fixed libsafe.[c]sh |
---|
| 81 | |
---|
| 82 | * Fri May 2 2003 Ryoichi INAGAKI <ryo1@bc.wakwak.com> 2.0-16vl1 |
---|
| 83 | - rebuild with new toolchains |
---|
| 84 | - update to 2.0-16 from upstream |
---|
| 85 | - dropped patch |
---|
| 86 | |
---|
| 87 | * Tue Mar 27 2001 Jun Nishii <jun@vinelinux.org> |
---|
| 88 | - 2.0-0vl1 |
---|
| 89 | |
---|
| 90 | * Thu Feb 15 2001 Jun Nishii <jun@vinelinux.org> |
---|
| 91 | - 1.3-0vl1 |
---|
| 92 | |
---|
| 93 | * Mon May 15 2000 Tim Powers <timp@redhat.com> |
---|
| 94 | - using this spec for 7.0 since it's a bit better than my orig for 6.2 |
---|
| 95 | - ditch redundant defines |
---|
| 96 | - use %{_prefix} where possible |
---|
| 97 | - quiet setup |
---|
| 98 | |
---|
| 99 | * Tue Apr 25 2000 William Stearns <wstearns@pobox.com> |
---|
| 100 | - install no longer tries to strip the man page or shell scripts. |
---|
| 101 | |
---|
| 102 | * Fri Apr 21 2000 Jeremy Hansen <jeremy@xxedgexx.com> |
---|
| 103 | - updated rpm. |
---|
| 104 | - updated rpm again, got bugfix tar ball from Arash Baratloo <arash@research.bell-labs.com> |
---|
| 105 | |
---|
| 106 | * Thu Apr 20 2000 Jeremy Hansen <jeremy@xxedgexx.com> |
---|
| 107 | - initial package build. |
---|
| 108 | |
---|
| 109 | |
---|