diff options
author | Tobias Geerinckx-Rice <me@tobias.gr> | 2019-11-29 06:04:47 +0100 |
---|---|---|
committer | Tobias Geerinckx-Rice <me@tobias.gr> | 2019-11-29 06:08:18 +0100 |
commit | e00d5b6bbf38a9d95164c07b82f615d439f2bd6a (patch) | |
tree | c48bb19b0f43733a303d8a54bc4dd97ef52587f9 /gnu/packages | |
parent | 73dd06546a80d3465d3afe8f6b256d6e8d681cfa (diff) | |
download | patches-e00d5b6bbf38a9d95164c07b82f615d439f2bd6a.tar patches-e00d5b6bbf38a9d95164c07b82f615d439f2bd6a.tar.gz |
gnu: xinetd: Update to 2.3.15.4 [fix build].
* gnu/packages/web.scm (xinetd): Update to 2.3.15.4.
[source]: Switch to openSUSE (and Debian) maintenance fork.
Remove obsolete patches.
[native-inputs]: Add automake, autoconf, libtool, and pkg-config.
[home-page]: Update.
* gnu/packages/patches/xinetd-CVE-2013-4342.patch,
gnu/packages/patches/xinetd-fix-fd-leak.patch: Delete files.
* gnu/local.mk (dist_patch_DATA): Remove them.
Diffstat (limited to 'gnu/packages')
-rw-r--r-- | gnu/packages/patches/xinetd-CVE-2013-4342.patch | 36 | ||||
-rw-r--r-- | gnu/packages/patches/xinetd-fix-fd-leak.patch | 26 | ||||
-rw-r--r-- | gnu/packages/web.scm | 20 |
3 files changed, 11 insertions, 71 deletions
diff --git a/gnu/packages/patches/xinetd-CVE-2013-4342.patch b/gnu/packages/patches/xinetd-CVE-2013-4342.patch deleted file mode 100644 index ad57bc7b0e..0000000000 --- a/gnu/packages/patches/xinetd-CVE-2013-4342.patch +++ /dev/null @@ -1,36 +0,0 @@ -Fix CVE-2013-4342: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4342 -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324678 - -Patch copied from upstream source repository: - -https://github.com/xinetd-org/xinetd/commit/91e2401a219121eae15244a6b25d2e79c1af5864 - -From 91e2401a219121eae15244a6b25d2e79c1af5864 Mon Sep 17 00:00:00 2001 -From: Thomas Swan <thomas.swan@gmail.com> -Date: Wed, 2 Oct 2013 23:17:17 -0500 -Subject: [PATCH] CVE-2013-4342: xinetd: ignores user and group directives for - TCPMUX services - -Originally reported to Debian in 2005 <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324678> and rediscovered <https://bugzilla.redhat.com/show_bug.cgi?id=1006100>, xinetd would execute TCPMUX services without dropping privilege to match the service configuration allowing the service to run with same privilege as the xinetd process (root). ---- - xinetd/builtins.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/xinetd/builtins.c b/xinetd/builtins.c -index 3b85579..34a5bac 100644 ---- a/xinetd/builtins.c -+++ b/xinetd/builtins.c -@@ -617,7 +617,7 @@ static void tcpmux_handler( const struct server *serp ) - if( SC_IS_INTERNAL( scp ) ) { - SC_INTERNAL(scp, nserp); - } else { -- exec_server(nserp); -+ child_process(nserp); - } - } - --- -2.7.4 - diff --git a/gnu/packages/patches/xinetd-fix-fd-leak.patch b/gnu/packages/patches/xinetd-fix-fd-leak.patch deleted file mode 100644 index 77e4600185..0000000000 --- a/gnu/packages/patches/xinetd-fix-fd-leak.patch +++ /dev/null @@ -1,26 +0,0 @@ -Fix a file descriptor leak: - -https://github.com/xinetd-org/xinetd/issues/23 - -Patch copied from Debian: - -https://anonscm.debian.org/cgit/collab-maint/xinetd.git/tree/debian/patches/000012-fix_fd_leak - -Patch sent upstream at https://github.com/xinetd-org/xinetd/pull/26. - -diff --git a/xinetd/xgetloadavg.c b/xinetd/xgetloadavg.c -index 5a26214..fe0f872 100644 ---- a/xinetd/xgetloadavg.c -+++ b/xinetd/xgetloadavg.c -@@ -34,7 +34,7 @@ double xgetloadavg(void) - - if( fscanf(fd, "%lf", &ret) != 1 ) { - perror("fscanf"); -- return -1; -+ ret = -1; - } - - fclose(fd); --- -2.7.4 - diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm index e2ca9de9e4..31eff55d39 100644 --- a/gnu/packages/web.scm +++ b/gnu/packages/web.scm @@ -5329,25 +5329,27 @@ additional capabilities.") (define-public xinetd (package (name "xinetd") - (version "2.3.15") + ;; This is the maintenance fork currently used by openSUSE and Debian. + (version "2.3.15.4") (source (origin (method git-fetch) (uri (git-reference - (url "https://github.com/xinetd-org/xinetd.git") - (commit (string-append "xinetd-" - (string-join (string-split version #\.) - "-"))))) + (url "https://github.com/openSUSE/xinetd.git") + (commit version))) (file-name (git-file-name name version)) - (patches (search-patches "xinetd-CVE-2013-4342.patch" - "xinetd-fix-fd-leak.patch")) (sha256 - (base32 "0wjai6qagcgxpa1khh639ih7kswgkryc7ll1i4hxhs29sc7irdcn")))) + (base32 "0lrp3lcj6azhjplwxws2rx40bkyp6i6bp7n77ndcisb7ninad30q")))) (build-system gnu-build-system) (arguments `(#:configure-flags '("--with-loadavg") #:tests? #f)) ; no tests - (home-page "https://github.com/xinetd-org/xinetd") + (native-inputs + `(("autoconf" ,autoconf) + ("automake" ,automake) + ("libtool" ,libtool) + ("pkg-config" ,pkg-config))) + (home-page "https://github.com/openSUSE/xinetd") (synopsis "Internet services daemon") (description "@code{xinetd}, a more secure replacement for @code{inetd}, listens for incoming requests over a network and launches the appropriate |