Merge branch 'master' into core-updates

1 files changed, 0 insertions, 36 deletions

diff --git a/gnu/packages/patches/xinetd-CVE-2013-4342.patch b/gnu/packages/patches/xinetd-CVE-2013-4342.patch
deleted file mode 100644
index ad57bc7b0e..0000000000
--- a/gnu/packages/patches/xinetd-CVE-2013-4342.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-Fix CVE-2013-4342:
-
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4342
-https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324678
-
-Patch copied from upstream source repository:
-
-https://github.com/xinetd-org/xinetd/commit/91e2401a219121eae15244a6b25d2e79c1af5864
-
-From 91e2401a219121eae15244a6b25d2e79c1af5864 Mon Sep 17 00:00:00 2001
-From: Thomas Swan <thomas.swan@gmail.com>
-Date: Wed, 2 Oct 2013 23:17:17 -0500
-Subject: [PATCH] CVE-2013-4342: xinetd: ignores user and group directives for
- TCPMUX services
-
-Originally reported to Debian in 2005 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324678> and rediscovered <https://bugzilla.redhat.com/show_bug.cgi?id=1006100>, xinetd would execute TCPMUX services without dropping privilege to match the service configuration allowing the service to run with same privilege as the xinetd process (root).
----
- xinetd/builtins.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/xinetd/builtins.c b/xinetd/builtins.c
-index 3b85579..34a5bac 100644
---- a/xinetd/builtins.c
-+++ b/xinetd/builtins.c
-@@ -617,7 +617,7 @@ static void tcpmux_handler( const struct server *serp )
-    if( SC_IS_INTERNAL( scp ) ) {
-       SC_INTERNAL(scp, nserp);
-    } else {
--      exec_server(nserp);
-+      child_process(nserp);
-    }
- }
- 
--- 
-2.7.4
-