diff options
| author |   Patrick McLean <chutzpah@gentoo.org> | 2017-05-08 11:39:36 -0700 |
|---|---|---|
| committer | Patrick McLean <chutzpah@gentoo.org> | 2017-05-08 11:39:36 -0700 |
| commit | eae6e7a80bc2934ae1557731fc0ad71cd92af99b (patch) | |
| tree | 053ad6aab4b7eadfa04e52050114543c782355bb /net-nds/rpcbind | |
| parent | net-libs/libtirpc: Revision bump to pull in patch for CVE-2017-8779 (diff) | |
| download | gentoo-eae6e7a80bc2934ae1557731fc0ad71cd92af99b.tar.gz gentoo-eae6e7a80bc2934ae1557731fc0ad71cd92af99b.tar.bz2 gentoo-eae6e7a80bc2934ae1557731fc0ad71cd92af99b.zip | |
net-nds/rpcbind: Revision bump to pull in patch for CVE-2017-8779
Gentoo-Bug: 617472
Package-Manager: Portage-2.3.5, Repoman-2.3.2
Diffstat (limited to 'net-nds/rpcbind')
| -rw-r--r-- | net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch | 21 | ||||
| -rw-r--r-- | net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild | 59 |
2 files changed, 80 insertions, 0 deletions
diff --git a/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch new file mode 100644 index 000000000000..cef088badc91 --- /dev/null +++ b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch @@ -0,0 +1,21 @@ +diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c +index 5862c26..e11f61b 100644 +--- a/src/rpcb_svc_com.c ++++ b/src/rpcb_svc_com.c +@@ -48,6 +48,7 @@ + #include <rpc/rpc.h> + #include <rpc/rpcb_prot.h> + #include <rpc/svc_dg.h> ++#include <rpc/rpc_com.h> + #include <netconfig.h> + #include <errno.h> + #include <syslog.h> +@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp /*__unused*/, + static bool_t + xdr_encap_parms(XDR *xdrs, struct encap_parms *epp) + { +- return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0)); ++ return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXDATASIZE)); + } + + /* diff --git a/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild b/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild new file mode 100644 index 000000000000..5c16cb5c9821 --- /dev/null +++ b/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild @@ -0,0 +1,59 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 + +EAPI="5" + +inherit eutils systemd + +if [[ ${PV} == "9999" ]] ; then + EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git" + inherit autotools git-r3 +else + SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2" + KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +fi + +DESCRIPTION="portmap replacement which supports RPC over various protocols" +HOMEPAGE="https://sourceforge.net/projects/rpcbind/" + +LICENSE="BSD" +SLOT="0" +IUSE="debug selinux systemd tcpd warmstarts" + +CDEPEND=">=net-libs/libtirpc-1.0:= + systemd? ( sys-apps/systemd:= ) + tcpd? ( sys-apps/tcp-wrappers )" +DEPEND="${CDEPEND} + virtual/pkgconfig" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-rpcbind )" + +PATCHES=( + "${FILESDIR}/${P}-CVE-2017-8779.patch" +) + +src_prepare() { + [[ ${PV} == "9999" ]] && eautoreconf + epatch "${PATCHES[@]}" + epatch_user +} + +src_configure() { + econf \ + --bindir="${EPREFIX}"/sbin \ + --with-statedir="${EPREFIX}"/run/${PN} \ + --with-rpcuser=root \ + --with-systemdsystemunitdir=$(usex systemd "$(systemd_get_unitdir)" "no") \ + $(use_enable tcpd libwrap) \ + $(use_enable debug) \ + $(use_enable warmstarts) +} + +src_install() { + default + + newinitd "${FILESDIR}"/${PN}.initd ${PN} + newconfd "${FILESDIR}"/${PN}.confd ${PN} + + systemd_dounit "${FILESDIR}"/${PN}.service +} |