[iputils/f12/master] * Thu Aug 05 2010 Jiri Skala <jskala at redhat.com> - 20071127-12 - fixes #617613 - CVE-2010-2529 iputi
Jiri Skala
jskala at fedoraproject.org
Thu Aug 5 08:26:50 UTC 2010
commit 84556f687d97ad4920c07c932aa816f62c5e7177
Author: Jiri Skala <jskala at localhost.localdomain>
Date: Thu Aug 5 10:26:45 2010 +0200
* Thu Aug 05 2010 Jiri Skala <jskala at redhat.com> - 20071127-12
- fixes #617613 - CVE-2010-2529 iputils: denial of service vulnerability in ping
iputils-20071127-dos.patch | 21 +++++++++++++++++++++
iputils.spec | 7 ++++++-
2 files changed, 27 insertions(+), 1 deletions(-)
---
diff --git a/iputils-20071127-dos.patch b/iputils-20071127-dos.patch
new file mode 100644
index 0000000..211aec3
--- /dev/null
+++ b/iputils-20071127-dos.patch
@@ -0,0 +1,21 @@
+diff -up iputils-s20100418/ping.c.dos iputils-s20100418/ping.c
+--- iputils-s20100418/ping.c.dos 2010-07-13 08:53:29.356694202 +0200
++++ iputils-s20100418/ping.c 2010-07-13 08:53:55.350694373 +0200
+@@ -1065,7 +1065,7 @@ void pr_options(unsigned char * cp, int
+ i = j;
+ i -= IPOPT_MINOFF;
+ if (i <= 0)
+- continue;
++ break;
+ if (i == old_rrlen
+ && !strncmp((char *)cp, old_rr, i)
+ && !(options & F_FLOOD)) {
+@@ -1102,7 +1102,7 @@ void pr_options(unsigned char * cp, int
+ i = j;
+ i -= 5;
+ if (i <= 0)
+- continue;
++ break;
+ flags = *++cp;
+ printf("\nTS: ");
+ cp++;
diff --git a/iputils.spec b/iputils.spec
index 767579a..befd6e2 100644
--- a/iputils.spec
+++ b/iputils.spec
@@ -1,7 +1,7 @@
Summary: Network monitoring tools including ping
Name: iputils
Version: 20071127
-Release: 11%{?dist}
+Release: 12%{?dist}
License: BSD
URL: http://www.skbuff.net/iputils
Group: System Environment/Daemons
@@ -28,6 +28,7 @@ Patch14: iputils-20071127-typing_bug.patch
Patch15: iputils-20071127-corr_type.patch
Patch16: iputils-20071127-timeout.patch
Patch17: iputils-20071127-flowlabel.patch
+Patch18: iputils-20071127-dos.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: docbook-utils perl-SGMLSpm
@@ -65,6 +66,7 @@ the target machine is alive and receiving network traffic.
%patch15 -p1 -b .corr_type
%patch16 -p1 -b .timeout
%patch17 -p1 -b .flowlabel
+%patch18 -p1 -b .dos
%build
%ifarch s390 s390x
@@ -154,6 +156,9 @@ rm -rf ${RPM_BUILD_ROOT}
%{_sysconfdir}/rc.d/init.d/rdisc
%changelog
+* Thu Aug 05 2010 Jiri Skala <jskala at redhat.com> - 20071127-12
+- fixes #617613 - CVE-2010-2529 iputils: denial of service vulnerability in ping
+
* Tue May 11 2010 Jiri Skala <jskala at redhat.com> - 20071127-11
- fixes #583976 - ping6 does not support -F flowlabel option
More information about the scm-commits
mailing list