diff options
| author | Tobias Geerinckx-Rice <me@tobias.gr> | 2019-11-29 06:04:47 +0100 |
|---|---|---|
| committer | Tobias Geerinckx-Rice <me@tobias.gr> | 2019-11-29 06:08:18 +0100 |
| commit | e00d5b6bbf38a9d95164c07b82f615d439f2bd6a (patch) | |
| tree | c48bb19b0f43733a303d8a54bc4dd97ef52587f9 /gnu/packages/patches | |
| parent | 73dd06546a80d3465d3afe8f6b256d6e8d681cfa (diff) | |
gnu: xinetd: Update to 2.3.15.4 [fix build].
* gnu/packages/web.scm (xinetd): Update to 2.3.15.4.
[source]: Switch to openSUSE (and Debian) maintenance fork.
Remove obsolete patches.
[native-inputs]: Add automake, autoconf, libtool, and pkg-config.
[home-page]: Update.
* gnu/packages/patches/xinetd-CVE-2013-4342.patch,
gnu/packages/patches/xinetd-fix-fd-leak.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
Diffstat (limited to 'gnu/packages/patches')
| -rw-r--r-- | gnu/packages/patches/xinetd-CVE-2013-4342.patch | 36 | ||||
| -rw-r--r-- | gnu/packages/patches/xinetd-fix-fd-leak.patch | 26 |
2 files changed, 0 insertions, 62 deletions
diff --git a/gnu/packages/patches/xinetd-CVE-2013-4342.patch b/gnu/packages/patches/xinetd-CVE-2013-4342.patch deleted file mode 100644 index ad57bc7b0e..0000000000 --- a/gnu/packages/patches/xinetd-CVE-2013-4342.patch +++ /dev/null @@ -1,36 +0,0 @@ -Fix CVE-2013-4342: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4342 -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324678 - -Patch copied from upstream source repository: - -https://github.com/xinetd-org/xinetd/commit/91e2401a219121eae15244a6b25d2e79c1af5864 - -From 91e2401a219121eae15244a6b25d2e79c1af5864 Mon Sep 17 00:00:00 2001 -From: Thomas Swan <thomas.swan@gmail.com> -Date: Wed, 2 Oct 2013 23:17:17 -0500 -Subject: [PATCH] CVE-2013-4342: xinetd: ignores user and group directives for - TCPMUX services - -Originally reported to Debian in 2005 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324678> and rediscovered <https://bugzilla.redhat.com/show_bug.cgi?id=1006100>, xinetd would execute TCPMUX services without dropping privilege to match the service configuration allowing the service to run with same privilege as the xinetd process (root). ---- - xinetd/builtins.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/xinetd/builtins.c b/xinetd/builtins.c -index 3b85579..34a5bac 100644 ---- a/xinetd/builtins.c -+++ b/xinetd/builtins.c -@@ -617,7 +617,7 @@ static void tcpmux_handler( const struct server *serp ) - if( SC_IS_INTERNAL( scp ) ) { - SC_INTERNAL(scp, nserp); - } else { -- exec_server(nserp); -+ child_process(nserp); - } - } - --- -2.7.4 - diff --git a/gnu/packages/patches/xinetd-fix-fd-leak.patch b/gnu/packages/patches/xinetd-fix-fd-leak.patch deleted file mode 100644 index 77e4600185..0000000000 --- a/gnu/packages/patches/xinetd-fix-fd-leak.patch +++ /dev/null @@ -1,26 +0,0 @@ -Fix a file descriptor leak: - -https://github.com/xinetd-org/xinetd/issues/23 - -Patch copied from Debian: - -https://anonscm.debian.org/cgit/collab-maint/xinetd.git/tree/debian/patches/000012-fix_fd_leak - -Patch sent upstream at https://github.com/xinetd-org/xinetd/pull/26. - -diff --git a/xinetd/xgetloadavg.c b/xinetd/xgetloadavg.c -index 5a26214..fe0f872 100644 ---- a/xinetd/xgetloadavg.c -+++ b/xinetd/xgetloadavg.c -@@ -34,7 +34,7 @@ double xgetloadavg(void) - - if( fscanf(fd, "%lf", &ret) != 1 ) { - perror("fscanf"); -- return -1; -+ ret = -1; - } - - fclose(fd); --- -2.7.4 - |