daftaupe/opt
1
0
Fork 0
forked from ports/opt
Code Pull Requests Activity

rpcbind: update to 1.2.5

Browse Source
This commit is contained in:
Juergen Daubert 2018-08-16 13:15:11 +02:00
parent ff379f6f8a
commit bbfffdb46c
5 changed files with 11 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
rpcbind/.footprint
View File

@ -3,8 +3,9 @@ drwxr-xr-x root/root etc/rc.d/
-rwxr-xr-x root/root etc/rc.d/rpcbind
drwxr-xr-x root/root sbin/
-rwxr-xr-x root/root sbin/rpcbind
-rwxr-xr-x root/root sbin/rpcinfo
drwxr-xr-x root/root usr/
drwxr-xr-x root/root usr/bin/
-rwxr-xr-x root/root usr/bin/rpcinfo
drwxr-xr-x root/root usr/share/
drwxr-xr-x root/root usr/share/man/
drwxr-xr-x root/root usr/share/man/man8/

3
rpcbind/.md5sum
View File

@ -1,3 +1,2 @@
78bfe054cf620249b228350f5e8730f7 rpcbind
cf10cd41ed8228fc54c316191c1f07fe rpcbind-0.2.4.tar.bz2
db5756cdc1cf70ccf2d3e90d44fe404a rpcbind-CVE-2017-8779.patch
ed46f09b9c0fa2d49015f6431bc5ea7b rpcbind-1.2.5.tar.bz2

9
rpcbind/.signature
View File

@ -1,7 +1,6 @@
untrusted comment: verify with /etc/ports/opt.pub
RWSE3ohX2g5d/czjOQ51fjLRbMFJ+uZMCx8E2MpFQFAsPpG3rWqEFsR3ozDXf6Hd6gBpeeHv+quiS9P0toGhGYJDaztPydv1cws=
SHA256 (Pkgfile) = cbc90f456a15e54cc46459d88bae02b267b5155dfeef401704e2736ffc321525
SHA256 (.footprint) = 6d7a05e556df2d89ba9965aa2c7afac7c362edb73ca0be465ba237dc4d2ac5e1
SHA256 (rpcbind-0.2.4.tar.bz2) = 074a9a530dc7c11e0d905aa59bcb0847c009313f02e98d3d798aa9568f414c66
SHA256 (rpcbind-CVE-2017-8779.patch) = df10706a774370ea9dd0c3ba65d7574088a82a0ab80a6c87164f0382f30b83fe
RWSE3ohX2g5d/e5xTS5zF7vQw7dWqRE0D7WUqDQiwFClgtqoYD+qpGo3GWxCztjDAMxDiKW0aSvQ5VtD5gk57Uy3xJQj4QkqSgA=
SHA256 (Pkgfile) = 530d6b85529e0515938e6a334873f4bfceeb2560472d9e8395e824d4a3ed633d
SHA256 (.footprint) = 1ddf9f1f75433e98fa2bfaae830f7115428f650b285ebc3e845da09a84290502
SHA256 (rpcbind-1.2.5.tar.bz2) = 2ce360683963b35c19c43f0ee2c7f18aa5b81ef41c3fdbd15ffcb00b8bffda7a
SHA256 (rpcbind) = b8173ec0b927705100eab42f24797ac36ea7c5987475cba47474b5c73a117f1a

12
rpcbind/Pkgfile
View File

@ -4,23 +4,19 @@
# Depends on: libtirpc
name=rpcbind
version=0.2.4
release=3
version=1.2.5
release=1
source=(http://downloads.sourceforge.net/project/$name/$name/$version/$name-$version.tar.bz2 \
rpcbind-CVE-2017-8779.patch rpcbind)
rpcbind)
build() {
cd $name-$version
# security fix, see
# http://openwall.com/lists/oss-security/2017/05/03/12
patch -p1 -i $SRC/rpcbind-CVE-2017-8779.patch
# use sunrpc instead of rpcbind as service-name
sed '/servname\[\]/s/rpcbind/sunrpc/' -i src/rpcbind.c
./configure --prefix=/usr \
--bindir=/sbin \
--sbindir=/sbin \
--disable-libwrap \
--without-systemdsystemunitdir

24
rpcbind/rpcbind-CVE-2017-8779.patch
View File

@ -1,24 +0,0 @@
# http://openwall.com/lists/oss-security/2017/05/03/12
# https://github.com/guidovranken/rpcbomb
diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
index 5862c26..e11f61b 100644
--- a/src/rpcb_svc_com.c
+++ b/src/rpcb_svc_com.c
@@ -48,6 +48,7 @@
#include <rpc/rpc.h>
#include <rpc/rpcb_prot.h>
#include <rpc/svc_dg.h>
+#include <rpc/rpc_com.h>
#include <netconfig.h>
#include <errno.h>
#include <syslog.h>
@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp /*__unused*/,
static bool_t
xdr_encap_parms(XDR *xdrs, struct encap_parms *epp)
{
- return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0));
+ return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXDATASIZE));
}
/*