rpms/net-snmp/devel net-snmp-5.4.1-libwrap.patch, NONE, 1.1 net-snmp.spec, 1.176, 1.177
Jan Šafránek
jsafrane at fedoraproject.org
Mon Feb 16 13:28:10 UTC 2009
- Previous message (by thread): rpms/cherokee/devel .cvsignore, 1.5, 1.6 cherokee.spec, 1.9, 1.10 import.log, 1.7, 1.8 sources, 1.5, 1.6
- Next message (by thread): rpms/kdebase/F-10 kdebase-4.2.1-konsole-keypad.patch, NONE, 1.1 kdebase.spec, 1.355, 1.356
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jsafrane
Update of /cvs/pkgs/rpms/net-snmp/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv23111
Modified Files:
net-snmp.spec
Added Files:
net-snmp-5.4.1-libwrap.patch
Log Message:
fix tcp_wrappers integration
Resolves: CVE-2008-6123
net-snmp-5.4.1-libwrap.patch:
--- NEW FILE net-snmp-5.4.1-libwrap.patch ---
CVE-2008-6123: snmp queries allowed from each remote host regardless of
/etc/hosts.allow configuration
Source: upstream, SVN rev. 17367
diff -up net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c.libwrap net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c
--- net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c.libwrap 2007-10-11 22:46:30.000000000 +0200
+++ net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c 2009-02-16 11:57:19.000000000 +0100
@@ -104,12 +104,12 @@ netsnmp_udp_fmtaddr(netsnmp_transport *t
char tmp[64];
to = (struct sockaddr_in *) &(addr_pair->remote_addr);
if (to == NULL) {
- sprintf(tmp, "UDP: [%s]->unknown",
+ sprintf(tmp, "UDP: unknown->[%s]",
inet_ntoa(addr_pair->local_addr));
} else {
- sprintf(tmp, "UDP: [%s]->", inet_ntoa(addr_pair->local_addr));
- sprintf(tmp + strlen(tmp), "[%s]:%hd",
- inet_ntoa(to->sin_addr), ntohs(to->sin_port));
+ sprintf(tmp, "UDP: [%s]:%hu->",
+ inet_ntoa(to->sin_addr), ntohs(to->sin_port));
+ sprintf(tmp + strlen(tmp), "[%s]", inet_ntoa(addr_pair->local_addr));
}
return strdup(tmp);
}
Index: net-snmp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/net-snmp/devel/net-snmp.spec,v
retrieving revision 1.176
retrieving revision 1.177
diff -u -r1.176 -r1.177
--- net-snmp.spec 30 Jan 2009 14:03:07 -0000 1.176
+++ net-snmp.spec 16 Feb 2009 13:27:40 -0000 1.177
@@ -8,7 +8,7 @@
Summary: A collection of SNMP protocol tools and libraries
Name: net-snmp
Version: %{major_ver}
-Release: 7%{?dist}
+Release: 8%{?dist}
Epoch: 1
License: BSD and MIT
@@ -34,6 +34,7 @@
Patch10: net-snmp-5.4.1-shared-ip.patch
Patch11: net-snmp-5.4.1-sensors3.patch
Patch12: net-snmp-5.4.1-xen-crash.patch
+Patch13: net-snmp-5.4.1-libwrap.patch
Requires(pre): chkconfig
Requires(post): chkconfig
@@ -171,6 +172,7 @@
#%patch10 -p1 -b .shared-ip
%patch11 -p1 -b .sensors
%patch12 -p1 -b .xen-crash
+%patch13 -p1 -b .libwrap
# Do this patch with a perl hack...
perl -pi -e "s|'\\\$install_libdir'|'%{_libdir}'|" ltmain.sh
@@ -419,6 +421,9 @@
%{_datadir}/snmp/mibs
%changelog
+* Mon Feb 16 2009 Jan Safranek <jsafranek at redhat.com> 5.4.2.1-8
+- fix tcp_wrappers integration (CVE-2008-6123)
+
* Fri Jan 30 2009 Karsten Hopp <karsten at redhat.com> 5.4.2.1-7
- fix build on s390x which has no libsensors
- Previous message (by thread): rpms/cherokee/devel .cvsignore, 1.5, 1.6 cherokee.spec, 1.9, 1.10 import.log, 1.7, 1.8 sources, 1.5, 1.6
- Next message (by thread): rpms/kdebase/F-10 kdebase-4.2.1-konsole-keypad.patch, NONE, 1.1 kdebase.spec, 1.355, 1.356
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list