1 |
commit: eae6e7a80bc2934ae1557731fc0ad71cd92af99b |
2 |
Author: Patrick McLean <chutzpah <AT> gentoo <DOT> org> |
3 |
AuthorDate: Mon May 8 18:39:36 2017 +0000 |
4 |
Commit: Patrick McLean <chutzpah <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon May 8 18:39:36 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eae6e7a8 |
7 |
|
8 |
net-nds/rpcbind: Revision bump to pull in patch for CVE-2017-8779 |
9 |
|
10 |
Gentoo-Bug: 617472 |
11 |
Package-Manager: Portage-2.3.5, Repoman-2.3.2 |
12 |
|
13 |
.../files/rpcbind-0.2.4-CVE-2017-8779.patch | 21 ++++++++ |
14 |
net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild | 59 ++++++++++++++++++++++ |
15 |
2 files changed, 80 insertions(+) |
16 |
|
17 |
diff --git a/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch |
18 |
new file mode 100644 |
19 |
index 00000000000..cef088badc9 |
20 |
--- /dev/null |
21 |
+++ b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch |
22 |
@@ -0,0 +1,21 @@ |
23 |
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c |
24 |
+index 5862c26..e11f61b 100644 |
25 |
+--- a/src/rpcb_svc_com.c |
26 |
++++ b/src/rpcb_svc_com.c |
27 |
+@@ -48,6 +48,7 @@ |
28 |
+ #include <rpc/rpc.h> |
29 |
+ #include <rpc/rpcb_prot.h> |
30 |
+ #include <rpc/svc_dg.h> |
31 |
++#include <rpc/rpc_com.h> |
32 |
+ #include <netconfig.h> |
33 |
+ #include <errno.h> |
34 |
+ #include <syslog.h> |
35 |
+@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp /*__unused*/, |
36 |
+ static bool_t |
37 |
+ xdr_encap_parms(XDR *xdrs, struct encap_parms *epp) |
38 |
+ { |
39 |
+- return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0)); |
40 |
++ return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXDATASIZE)); |
41 |
+ } |
42 |
+ |
43 |
+ /* |
44 |
|
45 |
diff --git a/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild b/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild |
46 |
new file mode 100644 |
47 |
index 00000000000..5c16cb5c982 |
48 |
--- /dev/null |
49 |
+++ b/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild |
50 |
@@ -0,0 +1,59 @@ |
51 |
+# Copyright 1999-2017 Gentoo Foundation |
52 |
+# Distributed under the terms of the GNU General Public License v2 |
53 |
+ |
54 |
+EAPI="5" |
55 |
+ |
56 |
+inherit eutils systemd |
57 |
+ |
58 |
+if [[ ${PV} == "9999" ]] ; then |
59 |
+ EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git" |
60 |
+ inherit autotools git-r3 |
61 |
+else |
62 |
+ SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" |
63 |
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" |
64 |
+fi |
65 |
+ |
66 |
+DESCRIPTION="portmap replacement which supports RPC over various protocols" |
67 |
+HOMEPAGE="https://sourceforge.net/projects/rpcbind/" |
68 |
+ |
69 |
+LICENSE="BSD" |
70 |
+SLOT="0" |
71 |
+IUSE="debug selinux systemd tcpd warmstarts" |
72 |
+ |
73 |
+CDEPEND=">=net-libs/libtirpc-1.0:= |
74 |
+ systemd? ( sys-apps/systemd:= ) |
75 |
+ tcpd? ( sys-apps/tcp-wrappers )" |
76 |
+DEPEND="${CDEPEND} |
77 |
+ virtual/pkgconfig" |
78 |
+RDEPEND="${CDEPEND} |
79 |
+ selinux? ( sec-policy/selinux-rpcbind )" |
80 |
+ |
81 |
+PATCHES=( |
82 |
+ "${FILESDIR}/${P}-CVE-2017-8779.patch" |
83 |
+) |
84 |
+ |
85 |
+src_prepare() { |
86 |
+ [[ ${PV} == "9999" ]] && eautoreconf |
87 |
+ epatch "${PATCHES[@]}" |
88 |
+ epatch_user |
89 |
+} |
90 |
+ |
91 |
+src_configure() { |
92 |
+ econf \ |
93 |
+ --bindir="${EPREFIX}"/sbin \ |
94 |
+ --with-statedir="${EPREFIX}"/run/${PN} \ |
95 |
+ --with-rpcuser=root \ |
96 |
+ --with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \ |
97 |
+ $(use_enable tcpd libwrap) \ |
98 |
+ $(use_enable debug) \ |
99 |
+ $(use_enable warmstarts) |
100 |
+} |
101 |
+ |
102 |
+src_install() { |
103 |
+ default |
104 |
+ |
105 |
+ newinitd "${FILESDIR}"/${PN}.initd ${PN} |
106 |
+ newconfd "${FILESDIR}"/${PN}.confd ${PN} |
107 |
+ |
108 |
+ systemd_dounit "${FILESDIR}"/${PN}.service |
109 |
+} |