rpms/libtirpc/devel libtirpc-0.1.12-rc1.patch, NONE, 1.1 libtirpc-0.1.7-compile.patch, 1.6, 1.7 libtirpc.spec, 1.45, 1.46
Steve Dickson
steved at fedoraproject.org
Mon Apr 20 16:41:13 UTC 2009
Author: steved
Update of /cvs/pkgs/rpms/libtirpc/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv9041
Modified Files:
libtirpc-0.1.7-compile.patch libtirpc.spec
Added Files:
libtirpc-0.1.12-rc1.patch
Log Message:
- Updated to libtirpc-0.1.12-rc1
libtirpc-0.1.12-rc1.patch:
--- NEW FILE libtirpc-0.1.12-rc1.patch ---
diff --git a/src/svc.c b/src/svc.c
commit 8f840586d9ceba6d682ab424ae48a0cf08f7ea41
Author: Jeff Layton <jlayton at redhat.com>
Date: Mon Apr 20 12:23:25 2009 -0400
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2006-002-rpc.txt
Signed-off-by: Jeff Layton <jlayton at redhat.com>
Signed-off-by: Steve Dickson <steved at redhat.com>
commit 54ad86c29bcd40dbb6b9f1f9e611778add4227ea
Author: Jeff Layton <jlayton at redhat.com>
Date: Mon Apr 20 12:22:22 2009 -0400
[PATCH] port fix for CVE-2008-0947
Adds bounds checking of fd passed into makefd_xprt against FD_SETSIZE.
http://web.mit.edu/kerberos/advisories/MITKRB5-SA-2008-002.txt
This was reported against MIT krb5 code, but it looks like libtirpc
has a similar problem.
Signed-off-by: Jeff Layton <jlayton at redhat.com>
Signed-off-by: Steve Dickson <steved at redhat.com>
-----------------------------------------------------
--- a/src/svc.c
+++ b/src/svc.c
@@ -78,6 +78,7 @@ static struct svc_callout
extern rwlock_t svc_lock;
extern rwlock_t svc_fd_lock;
+extern struct svc_auth_ops svc_auth_gss_ops;
static struct svc_callout *svc_find (rpcprog_t, rpcvers_t,
struct svc_callout **, char *);
@@ -715,6 +716,11 @@ svc_getreq_common (fd)
SVC_DESTROY (xprt);
break;
}
+ else if ((xprt->xp_auth != NULL) &&
+ (xprt->xp_auth->svc_ah_ops != &svc_auth_gss_ops))
+ {
+ xprt->xp_auth = NULL;
+ }
}
while (stat == XPRT_MOREREQS);
}
diff --git a/src/svc_vc.c b/src/svc_vc.c
index 44d3497..7a1f5c3 100644
--- a/src/svc_vc.c
+++ b/src/svc_vc.c
@@ -261,6 +261,12 @@ makefd_xprt(fd, sendsize, recvsize)
assert(fd != -1);
+ if (fd >= FD_SETSIZE) {
+ warnx("svc_vc: makefd_xprt: fd too high\n");
+ xprt = NULL;
+ goto done;
+ }
+
xprt = mem_alloc(sizeof(SVCXPRT));
if (xprt == NULL) {
warnx("svc_vc: makefd_xprt: out of memory");
libtirpc-0.1.7-compile.patch:
Index: libtirpc-0.1.7-compile.patch
===================================================================
RCS file: /cvs/pkgs/rpms/libtirpc/devel/libtirpc-0.1.7-compile.patch,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- libtirpc-0.1.7-compile.patch 20 Nov 2008 14:38:35 -0000 1.6
+++ libtirpc-0.1.7-compile.patch 20 Apr 2009 16:41:13 -0000 1.7
@@ -5,7 +5,7 @@
lib_LTLIBRARIES = libtirpc.la
-libtirpc_la_LDFLAGS = -lnsl -lpthread -version-info 1:9:0
-+libtirpc_la_LDFLAGS = -lnsl -lpthread -version-info 1:10:0
++libtirpc_la_LDFLAGS = -lnsl -lpthread -version-info 1:11:0
libtirpc_la_SOURCES = auth_none.c auth_unix.c authunix_prot.c bindresvport.c clnt_bcast.c \
clnt_dg.c clnt_generic.c clnt_perror.c clnt_raw.c clnt_simple.c \
Index: libtirpc.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libtirpc/devel/libtirpc.spec,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -r1.45 -r1.46
--- libtirpc.spec 20 Apr 2009 14:44:23 -0000 1.45
+++ libtirpc.spec 20 Apr 2009 16:41:13 -0000 1.46
@@ -1,6 +1,6 @@
Name: libtirpc
Version: 0.1.11
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: Transport Independent RPC Library
Group: System Environment/Libraries
License: SISSL
@@ -30,6 +30,8 @@
Requires: %{name} = %{version}-%{release}
Requires(devel): pkgconfig man
+Patch1: libtirpc-0.1.12-rc1.patch
+
Patch100: libtirpc-0.1.7-compile.patch
%description devel
@@ -39,6 +41,7 @@
%prep
%setup -q
+%patch1 -p1
%patch100 -p1
@@ -137,6 +140,9 @@
%{_mandir}/*/*
%changelog
+* Mon Apr 20 2009 Steve Dickson <steved at redhat.com> 0.1.11-2
+- Updated to libtirpc-0.1.12-rc1
+
* Mon Apr 20 2009 Steve Dickson <steved at redhat.com> 0.1.11-1
- Updated to the latest release: 0.1.11
More information about the scm-commits
mailing list