rpms/net-snmp/F-10 net-snmp-5.4.1-libwrap.patch, NONE, 1.1 net-snmp.spec, 1.164, 1.165
Jan Šafránek
jsafrane at fedoraproject.org
Mon Feb 16 11:13:07 UTC 2009
Author: jsafrane
Update of /cvs/pkgs/rpms/net-snmp/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv801
Modified Files:
net-snmp.spec
Added Files:
net-snmp-5.4.1-libwrap.patch
Log Message:
fix tcp_wrappers integration
Resolves: CVE-2008-6123
net-snmp-5.4.1-libwrap.patch:
--- NEW FILE net-snmp-5.4.1-libwrap.patch ---
CVE-2008-6123: snmp queries allowed from each remote host regardless of
/etc/hosts.allow configuration
Source: upstream, SVN rev. 17367
diff -up net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c.libwrap net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c
--- net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c.libwrap 2007-10-11 22:46:30.000000000 +0200
+++ net-snmp-5.4.2.1/snmplib/snmpUDPDomain.c 2009-02-16 11:57:19.000000000 +0100
@@ -104,12 +104,12 @@ netsnmp_udp_fmtaddr(netsnmp_transport *t
char tmp[64];
to = (struct sockaddr_in *) &(addr_pair->remote_addr);
if (to == NULL) {
- sprintf(tmp, "UDP: [%s]->unknown",
+ sprintf(tmp, "UDP: unknown->[%s]",
inet_ntoa(addr_pair->local_addr));
} else {
- sprintf(tmp, "UDP: [%s]->", inet_ntoa(addr_pair->local_addr));
- sprintf(tmp + strlen(tmp), "[%s]:%hd",
- inet_ntoa(to->sin_addr), ntohs(to->sin_port));
+ sprintf(tmp, "UDP: [%s]:%hu->",
+ inet_ntoa(to->sin_addr), ntohs(to->sin_port));
+ sprintf(tmp + strlen(tmp), "[%s]", inet_ntoa(addr_pair->local_addr));
}
return strdup(tmp);
}
Index: net-snmp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/net-snmp/F-10/net-snmp.spec,v
retrieving revision 1.164
retrieving revision 1.165
diff -u -r1.164 -r1.165
--- net-snmp.spec 1 Dec 2008 11:11:01 -0000 1.164
+++ net-snmp.spec 16 Feb 2009 11:12:36 -0000 1.165
@@ -8,7 +8,7 @@
Summary: A collection of SNMP protocol tools and libraries
Name: net-snmp
Version: %{major_ver}
-Release: 2%{?dist}
+Release: 3%{?dist}
Epoch: 1
License: BSD and MIT
@@ -36,6 +36,7 @@
Patch10: net-snmp-5.4.1-shared-ip.patch
Patch11: net-snmp-5.4.1-sensors3.patch
Patch12: net-snmp-5.4.1-xen-crash.patch
+Patch13: net-snmp-5.4.1-libwrap.patch
Requires(pre): chkconfig
Requires(post): chkconfig
@@ -175,6 +176,7 @@
%patch10 -p1 -b .shared-ip
%patch11 -p1 -b .sensors
%patch12 -p1 -b .xen-crash
+%patch13 -p1 -b .libwrap
# Do this patch with a perl hack...
perl -pi -e "s|'\\\$install_libdir'|'%{_libdir}'|" ltmain.sh
@@ -414,6 +416,9 @@
%{_datadir}/snmp/mibs
%changelog
+* Mon Feb 16 2009 Jan Safranek <jsafranek at redhat.com> 5.4.2.1-3
+- fix tcp_wrappers integration (CVE-2008-6123)
+
* Mon Dec 1 2008 Jan Safranek <jsafranek at redhat.com> 5.4.2.1-2
- rebuild for fixed rpm (#473420)
More information about the fedora-extras-commits
mailing list