import iputils-20210202-7.el9

This commit is contained in:
CentOS Sources 2021-11-03 19:42:57 -04:00 committed by Stepan Oksanichenko
commit db918a9bb5
10 changed files with 1410 additions and 0 deletions

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
SOURCES/ifenslave.tar.gz
SOURCES/iputils-20210202.tar.gz

2
.iputils.metadata Normal file
View File

@ -0,0 +1,2 @@
1e2652cb1d1e29a8ebed1209131924a6eb864daf SOURCES/ifenslave.tar.gz
4e552cd0478388e1551853020b60efda18592028 SOURCES/iputils-20210202.tar.gz

36
SOURCES/bsd.txt Normal file
View File

@ -0,0 +1,36 @@
/*
* Copyright (c) 1989 The Regents of the University of California.
* All rights reserved.
*
* This code is derived from software contributed to Berkeley by
* Mike Muuss.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/

339
SOURCES/gpl-2.0.txt Normal file
View File

@ -0,0 +1,339 @@
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
`Gnomovision' (which makes passes at compilers) written by James Hacker.
<signature of Ty Coon>, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.

View File

@ -0,0 +1,154 @@
From bea19fd9a86dd2c601681ff2ef4a9c1afab1e34d Mon Sep 17 00:00:00 2001
From: Jan Macku <jamacku@redhat.com>
Date: Tue, 8 Jun 2021 15:41:58 +0200
Subject: [PATCH] ifenslave: fix CWE-170: Improper Null Termination
Resolves: #1938746
---
ifenslave.c | 43 +++++++++++++++++++++++++++----------------
1 file changed, 27 insertions(+), 16 deletions(-)
diff --git a/ifenslave.c b/ifenslave.c
index 1efe4f1..59bce4c 100644
--- a/ifenslave.c
+++ b/ifenslave.c
@@ -619,7 +619,7 @@ static int get_drv_info(char *master_ifname)
char *endptr;
memset(&ifr, 0, sizeof(ifr));
- strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ);
+ strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ - 1);
ifr.ifr_data = (caddr_t)&info;
info.cmd = ETHTOOL_GDRVINFO;
@@ -664,8 +664,9 @@ static int change_active(char *master_ifname, char *slave_ifname)
return 1;
}
- strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ);
- strncpy(ifr.ifr_slave, slave_ifname, IFNAMSIZ);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ - 1);
+ strncpy(ifr.ifr_slave, slave_ifname, IFNAMSIZ - 1);
if ((ioctl(skfd, SIOCBONDCHANGEACTIVE, &ifr) < 0) &&
(ioctl(skfd, BOND_CHANGE_ACTIVE_OLD, &ifr) < 0)) {
saved_errno = errno;
@@ -806,8 +807,9 @@ static int enslave(char *master_ifname, char *slave_ifname)
}
/* Do the real thing */
- strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ);
- strncpy(ifr.ifr_slave, slave_ifname, IFNAMSIZ);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ - 1);
+ strncpy(ifr.ifr_slave, slave_ifname, IFNAMSIZ - 1);
if ((ioctl(skfd, SIOCBONDENSLAVE, &ifr) < 0) &&
(ioctl(skfd, BOND_ENSLAVE_OLD, &ifr) < 0)) {
saved_errno = errno;
@@ -847,8 +849,9 @@ static int release(char *master_ifname, char *slave_ifname)
return 1;
}
- strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ);
- strncpy(ifr.ifr_slave, slave_ifname, IFNAMSIZ);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ - 1);
+ strncpy(ifr.ifr_slave, slave_ifname, IFNAMSIZ - 1);
if ((ioctl(skfd, SIOCBONDRELEASE, &ifr) < 0) &&
(ioctl(skfd, BOND_RELEASE_OLD, &ifr) < 0)) {
saved_errno = errno;
@@ -880,7 +883,8 @@ static int get_if_settings(char *ifname, struct dev_ifr ifra[])
int res = 0;
for (i = 0; ifra[i].req_ifr; i++) {
- strncpy(ifra[i].req_ifr->ifr_name, ifname, IFNAMSIZ);
+ strncpy(ifra[i].req_ifr->ifr_name, ifname, IFNAMSIZ - 1);
+ ifra[i].req_ifr->ifr_name[IFNAMSIZ - 1] = '\0';
res = ioctl(skfd, ifra[i].req_type, ifra[i].req_ifr);
if (res < 0) {
saved_errno = errno;
@@ -899,7 +903,8 @@ static int get_slave_flags(char *slave_ifname)
{
int res = 0;
- strncpy(slave_flags.ifr_name, slave_ifname, IFNAMSIZ);
+ strncpy(slave_flags.ifr_name, slave_ifname, IFNAMSIZ - 1);
+ slave_flags.ifr_name[IFNAMSIZ - 1] = '\0';
res = ioctl(skfd, SIOCGIFFLAGS, &slave_flags);
if (res < 0) {
saved_errno = errno;
@@ -919,7 +924,8 @@ static int set_master_hwaddr(char *master_ifname, struct sockaddr *hwaddr)
struct ifreq ifr;
int res = 0;
- strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ - 1);
memcpy(&(ifr.ifr_hwaddr), hwaddr, sizeof(struct sockaddr));
res = ioctl(skfd, SIOCSIFHWADDR, &ifr);
if (res < 0) {
@@ -943,7 +949,8 @@ static int set_slave_hwaddr(char *slave_ifname, struct sockaddr *hwaddr)
struct ifreq ifr;
int res = 0;
- strncpy(ifr.ifr_name, slave_ifname, IFNAMSIZ);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, slave_ifname, IFNAMSIZ - 1);
memcpy(&(ifr.ifr_hwaddr), hwaddr, sizeof(struct sockaddr));
res = ioctl(skfd, SIOCSIFHWADDR, &ifr);
if (res < 0) {
@@ -980,8 +987,9 @@ static int set_slave_mtu(char *slave_ifname, int mtu)
struct ifreq ifr;
int res = 0;
+ memset(&ifr, 0, sizeof(ifr));
ifr.ifr_mtu = mtu;
- strncpy(ifr.ifr_name, slave_ifname, IFNAMSIZ);
+ strncpy(ifr.ifr_name, slave_ifname, IFNAMSIZ - 1);
res = ioctl(skfd, SIOCSIFMTU, &ifr);
if (res < 0) {
@@ -1000,8 +1008,9 @@ static int set_if_flags(char *ifname, short flags)
struct ifreq ifr;
int res = 0;
+ memset(&ifr, 0, sizeof(ifr));
ifr.ifr_flags = flags;
- strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
res = ioctl(skfd, SIOCSIFFLAGS, &ifr);
if (res < 0) {
@@ -1030,7 +1039,8 @@ static int clear_if_addr(char *ifname)
struct ifreq ifr;
int res = 0;
- strncpy(ifr.ifr_name, ifname, IFNAMSIZ);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
ifr.ifr_addr.sa_family = AF_INET;
memset(ifr.ifr_addr.sa_data, 0, sizeof(ifr.ifr_addr.sa_data));
@@ -1065,8 +1075,9 @@ static int set_if_addr(char *master_ifname, char *slave_ifname)
{NULL, NULL, 0, 0},
};
+ memset(&ifr, 0, sizeof(ifr));
for (i = 0; ifra[i].req_name; i++) {
- strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ);
+ strncpy(ifr.ifr_name, master_ifname, IFNAMSIZ - 1);
res = ioctl(skfd, ifra[i].g_ioctl, &ifr);
if (res < 0) {
int saved_errno = errno;
@@ -1080,7 +1091,7 @@ static int set_if_addr(char *master_ifname, char *slave_ifname)
sizeof(ifr.ifr_addr.sa_data));
}
- strncpy(ifr.ifr_name, slave_ifname, IFNAMSIZ);
+ strncpy(ifr.ifr_name, slave_ifname, IFNAMSIZ - 1);
res = ioctl(skfd, ifra[i].s_ioctl, &ifr);
if (res < 0) {
int saved_errno = errno;
--
2.31.1

View File

@ -0,0 +1,88 @@
From a38091c8eb0c515441080806975856ee09d2edc7 Mon Sep 17 00:00:00 2001
From: Jan Macku <jamacku@redhat.com>
Date: Tue, 23 Mar 2021 08:10:10 +0100
Subject: [PATCH] ifenslave: fix CWE-170: Improper Null Termination
---
ifenslave.c | 24 ++++++++++++++++--------
1 file changed, 16 insertions(+), 8 deletions(-)
diff --git a/ifenslave.c b/ifenslave.c
index ddd82ec..1efe4f1 100644
--- a/ifenslave.c
+++ b/ifenslave.c
@@ -509,21 +509,24 @@ static int if_getconfig(char *ifname)
struct sockaddr dstaddr, broadaddr, netmask;
unsigned char *hwaddr;
- strcpy(ifr.ifr_name, ifname);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
if (ioctl(skfd, SIOCGIFFLAGS, &ifr) < 0)
return -1;
mif_flags = ifr.ifr_flags;
printf("The result of SIOCGIFFLAGS on %s is %x.\n",
ifname, ifr.ifr_flags);
- strcpy(ifr.ifr_name, ifname);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
if (ioctl(skfd, SIOCGIFADDR, &ifr) < 0)
return -1;
printf("The result of SIOCGIFADDR is %2.2x.%2.2x.%2.2x.%2.2x.\n",
ifr.ifr_addr.sa_data[2], ifr.ifr_addr.sa_data[3],
ifr.ifr_addr.sa_data[4], ifr.ifr_addr.sa_data[5]);
- strcpy(ifr.ifr_name, ifname);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
if (ioctl(skfd, SIOCGIFHWADDR, &ifr) < 0)
return -1;
@@ -534,33 +537,38 @@ static int if_getconfig(char *ifname)
ifr.ifr_hwaddr.sa_family, hwaddr[0], hwaddr[1],
hwaddr[2], hwaddr[3], hwaddr[4], hwaddr[5]);
- strcpy(ifr.ifr_name, ifname);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
if (ioctl(skfd, SIOCGIFMETRIC, &ifr) < 0) {
metric = 0;
} else
metric = ifr.ifr_metric;
printf("The result of SIOCGIFMETRIC is %d\n", metric);
- strcpy(ifr.ifr_name, ifname);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
if (ioctl(skfd, SIOCGIFMTU, &ifr) < 0)
mtu = 0;
else
mtu = ifr.ifr_mtu;
printf("The result of SIOCGIFMTU is %d\n", mtu);
- strcpy(ifr.ifr_name, ifname);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
if (ioctl(skfd, SIOCGIFDSTADDR, &ifr) < 0) {
memset(&dstaddr, 0, sizeof(struct sockaddr));
} else
dstaddr = ifr.ifr_dstaddr;
- strcpy(ifr.ifr_name, ifname);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
if (ioctl(skfd, SIOCGIFBRDADDR, &ifr) < 0) {
memset(&broadaddr, 0, sizeof(struct sockaddr));
} else
broadaddr = ifr.ifr_broadaddr;
- strcpy(ifr.ifr_name, ifname);
+ memset(&ifr, 0, sizeof(ifr));
+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ - 1);
if (ioctl(skfd, SIOCGIFNETMASK, &ifr) < 0) {
memset(&netmask, 0, sizeof(struct sockaddr));
} else
--
2.29.2

View File

@ -0,0 +1,13 @@
--- iputils/ifenslave.c.addr 2006-03-29 15:00:24.000000000 +0200
+++ iputils/ifenslave.c 2006-03-29 15:02:01.000000000 +0200
@@ -524,8 +524,8 @@
if (ioctl(skfd, SIOCGIFADDR, &ifr) < 0)
return -1;
printf("The result of SIOCGIFADDR is %2.2x.%2.2x.%2.2x.%2.2x.\n",
- ifr.ifr_addr.sa_data[0], ifr.ifr_addr.sa_data[1],
- ifr.ifr_addr.sa_data[2], ifr.ifr_addr.sa_data[3]);
+ ifr.ifr_addr.sa_data[2], ifr.ifr_addr.sa_data[3],
+ ifr.ifr_addr.sa_data[4], ifr.ifr_addr.sa_data[5]);
strcpy(ifr.ifr_name, ifname);
if (ioctl(skfd, SIOCGIFHWADDR, &ifr) < 0)

11
SOURCES/ninfod.service Normal file
View File

@ -0,0 +1,11 @@
[Unit]
Description=Node Information Query Daemon
After=network.target
Documentation=man:ninfod
[Service]
Type=forking
ExecStart=/usr/sbin/ninfod
[Install]
WantedBy=multi-user.target

11
SOURCES/rdisc.service Normal file
View File

@ -0,0 +1,11 @@
[Unit]
Description=rdisc daemon which discovers routers on the local subnet
After=network.target
Documentation=man:rdisc
[Service]
Type=forking
ExecStart=/sbin/rdisc -s
[Install]
WantedBy=multi-user.target

754
SPECS/iputils.spec Normal file
View File

@ -0,0 +1,754 @@
%global _hardened_build 1
Summary: Network monitoring tools including ping
Name: iputils
Version: 20210202
Release: 7%{?dist}
# some parts are under the original BSD (ping.c)
# some are under GPLv2+ (tracepath.c)
License: BSD and GPLv2+
URL: https://github.com/iputils/iputils
Source0: https://github.com/iputils/iputils/archive/%{version}/%{name}-%{version}.tar.gz
# ifenslave.tar.gz was taken from kernel 3.10 source at: https://elixir.bootlin.com/linux/v3.10/source/Documentation/networking/ifenslave.c
Source1: ifenslave.tar.gz
Source2: rdisc.service
Source3: ninfod.service
# Taken from ping.c on 2014-07-12
Source4: bsd.txt
Source5: https://www.gnu.org/licenses/old-licenses/gpl-2.0.txt
Patch100: iputils-ifenslave.patch
Patch101: iputils-ifenslave-CWE-170.patch
Patch102: iputils-ifenslave-CWE-170-2.patch
BuildRequires: gcc
BuildRequires: meson
BuildRequires: gettext
BuildRequires: glibc-kernheaders >= 2.4-8.19
BuildRequires: libidn2-devel
BuildRequires: openssl-devel
BuildRequires: libcap-devel
BuildRequires: libxslt docbook5-style-xsl
BuildRequires: systemd
%{?systemd_ordering}
Provides: /bin/ping
Provides: /bin/ping6
Provides: /sbin/arping
Provides: /sbin/rdisc
%description
The iputils package contains basic utilities for monitoring a network,
including ping. The ping command sends a series of ICMP protocol
ECHO_REQUEST packets to a specified network host to discover whether
the target machine is alive and receiving network traffic.
%package ninfod
Summary: Node Information Query Daemon
Requires: %{name} = %{version}-%{release}
Provides: %{_sbindir}/ninfod
%description ninfod
Node Information Query (RFC4620) daemon. Responds to IPv6 Node Information
Queries.
%prep
%setup -q -a 1 -n %{name}-%{version}
cp %{SOURCE4} %{SOURCE5} .
%patch100 -p1
%patch101 -p1
%patch102 -p1
%build
%ifarch s390 s390x
export CFLAGS="-fPIE"
%else
export CFLAGS="-fpie"
%endif
export LDFLAGS="-pie -Wl,-z,relro,-z,now"
%meson -DBUILD_TFTPD=false
%meson_build
gcc -Wall $RPM_OPT_FLAGS $CFLAGS $RPM_LD_FLAGS $LDFLAGS ifenslave.c -o ifenslave
%install
%meson_install
%find_lang %{name}
mkdir -p ${RPM_BUILD_ROOT}%{_bindir}
ln -sf ../bin/ping ${RPM_BUILD_ROOT}%{_sbindir}/ping
ln -sf ../bin/ping ${RPM_BUILD_ROOT}%{_sbindir}/ping6
ln -sf ../bin/tracepath ${RPM_BUILD_ROOT}%{_sbindir}/tracepath
ln -sf ../bin/tracepath ${RPM_BUILD_ROOT}%{_sbindir}/tracepath6
ln -sf ../bin/arping ${RPM_BUILD_ROOT}%{_sbindir}/arping
ln -sf ping.8.gz ${RPM_BUILD_ROOT}%{_mandir}/man8/ping6.8.gz
ln -sf tracepath.8.gz ${RPM_BUILD_ROOT}%{_mandir}/man8/tracepath6.8.gz
install -cp ifenslave ${RPM_BUILD_ROOT}%{_sbindir}/
install -cp ifenslave.8 ${RPM_BUILD_ROOT}%{_mandir}/man8/
%post
%systemd_post rdisc.service
%preun
%systemd_preun rdisc.service
%postun
%systemd_postun_with_restart rdisc.service
%post ninfod
%systemd_post ninfod.service
%preun ninfod
%systemd_preun ninfod.service
%postun ninfod
%systemd_postun_with_restart ninfod.service
%files -f %{name}.lang
%doc README.bonding
%license bsd.txt gpl-2.0.txt
%{_unitdir}/rdisc.service
%attr(0755,root,root) %caps(cap_net_raw=p) %{_bindir}/clockdiff
%attr(0755,root,root) %caps(cap_net_raw=p) %{_bindir}/arping
%attr(0755,root,root) %{_bindir}/ping
%{_sbindir}/ifenslave
%{_sbindir}/rdisc
%{_bindir}/tracepath
%{_sbindir}/ping
%{_sbindir}/ping6
%{_sbindir}/tracepath
%{_sbindir}/tracepath6
%{_sbindir}/arping
%attr(644,root,root) %{_mandir}/man8/clockdiff.8.gz
%attr(644,root,root) %{_mandir}/man8/arping.8.gz
%attr(644,root,root) %{_mandir}/man8/ping.8.gz
%{_mandir}/man8/ping6.8.gz
%attr(644,root,root) %{_mandir}/man8/rdisc.8.gz
%attr(644,root,root) %{_mandir}/man8/tracepath.8.gz
%{_mandir}/man8/tracepath6.8.gz
%attr(644,root,root) %{_mandir}/man8/ifenslave.8.gz
%files ninfod
%attr(0755,root,root) %caps(cap_net_raw=ep) %{_sbindir}/ninfod
%{_unitdir}/ninfod.service
%attr(644,root,root) %{_mandir}/man8/ninfod.8.gz
%changelog
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 20210202-7
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Tue Jun 22 2021 Mohan Boddu <mboddu@redhat.com> - 20210202-6
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065
* Mon Jun 14 2021 Jan Macku <jamacku@redhat.com> - 20210202-5
- spec: Add note about source of ifenslave code (rhbz#1938746)
* Wed Jun 09 2021 Jan Macku <jamacku@redhat.com> - 20210202-4
- ifenslave: fix CWE-170 (rhbz#1938746)
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 20210202-3
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Tue Mar 23 2021 Jan Macku <jamacku@redhat.com> - 20210202-2
- ifenslave: fix CWE-170 (related to rhbz#1938746)
* Tue Feb 02 2021 Kevin Fenzi <kevin@scrye.com> - 20210202-1
- Update to 20210202. Fixes rhbz#1923917
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 20200821-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Sat Oct 31 2020 Kevin Fenzi <kevin@scrye.com> - 20200821-1
- Update to 20200821 release. Fixes bug #1871310
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 20190515-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon May 18 2020 Jan Synáček <jsynacek@redhat.com> - 20190515-7
- arping exits with error when should not (#1836607)
* Mon Mar 2 2020 Jan Synáček <jsynacek@redhat.com> - 20190515-6
- Make ping unprivileged (#1699497)
* Mon Feb 3 2020 Jan Synáček <jsynacek@redhat.com> - 20190515-5
- Symlink arping to /usr/sbin/arping to maintain backward compatibility (#1797525)
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 20190515-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 20190515-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Wed May 22 2019 Jan Synáček <jsynacek@redhat.com> - 20190515-2
- Mark localization files correctly (#1712514)
* Wed May 22 2019 Jan Synáček <jsynacek@redhat.com> - 20190515-1
- Update to s20190515 (#1710647)
* Thu Mar 28 2019 Jan Synáček <jsynacek@redhat.com> - 20190324-1
- Update to s20190324 (#1692136)
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 20180629-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Jan 23 2019 Bogdan Dobrelya <bdobreli@redhat.com> - 20180629-3
- Use systemd_ordering macro
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 20180629-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Jul 3 2018 Jan Synáček <jsynacek@redhat.com> - 20180629-1
- update to s20180629 (#1596893)
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 20161105-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Fri Nov 24 2017 Jan Synáček <jsynacek@redhat.com> - 20161105-8
- switch to libidn2 (#1449149)
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 20161105-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Sun Jul 30 2017 Florian Weimer <fweimer@redhat.com> - 20161105-6
- Rebuild with binutils fix for ppc64le (#1475636)
* Thu Jul 27 2017 Jan Synáček <jsynacek@redhat.com> - 20161105-5
- ping does not work in dkr images (#1350019)
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 20161105-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri May 12 2017 Karsten Hopp <karsten@redhat.com> - 20161105-3
- don't build docs for module builds to limit dependencies
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 20161105-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Tue Nov 8 2016 Jan Synáček <jsynacek@redhat.com> - 20161105-1
- Update to s20161105 (#1392759)
* Thu Oct 13 2016 Tomáš Mráz <tmraz@redhat.com> - 20160308-4
- rebuild with OpenSSL 1.1.0
* Wed Jun 22 2016 Jan Synáček <jsynacek@redhat.com> - 20160308-3
- Fix: Failed to bind to device (#1348934)
* Wed Mar 9 2016 Jan Synáček <jsynacek@redhat.com> - 20160308-2
- Don't build against libnettle
* Wed Mar 9 2016 Jan Synáček <jsynacek@redhat.com> - 20160308-1
- Update to s20160308 (#1315975)
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 20150815-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Thu Nov 19 2015 Jan Synáček <jsynacek@redhat.com> - 20150815-2
- Fix: Always use POSIX locale when parsing -i (#1283277)
* Thu Sep 24 2015 Jan Synáček <jsynacek@redhat.com> - 20150815-1
- Update to s20150815 (#617934)
* Sun Aug 23 2015 Peter Robinson <pbrobinson@fedoraproject.org> 20140519-6
- Don't depend on chkconfig, uses systemctl now
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20140519-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20140519-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jul 12 2014 Tom Callaway <spot@fedoraproject.org> - 2040519-3
- fix license handling
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20140519-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue May 20 2014 Jan Synáček <jsynacek@redhat.com> - 20140519-1
- Update to iputils-s20140519 (#1096617)
* Fri Apr 11 2014 Jan Synáček <jsynacek@redhat.com> - 20121221-10
- Fix arping hang if SIGALRM is blocked (#1085971)
* Wed Mar 26 2014 Jan Synáček <jsynacek@redhat.com> - 20121221-9
- Fix message flood when EPERM is encountered in ping (#1061867)
* Mon Feb 3 2014 Jan Synáček <jsynacek@redhat.com> - 20121221-8
- reference documentation in the service files
- remove redundant sysconfig-related stuff
- remove sysvinit script
* Tue Jan 21 2014 Jan Synáček <jsynacek@redhat.com> - 20121221-7
- Build with pie/full RELRO (#1055742)
* Sun Jan 19 2014 Ville Skyttä <ville.skytta@iki.fi> - 20121221-6
- Don't order services after syslog.target.
* Thu Oct 31 2013 Jan Synáček <jsynacek@redhat.com> - 20121221-5
- Harden the package even more (full RELRO)
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20121221-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Mon Jul 15 2013 Jan Synáček <jsynacek@redhat.com> - 20121221-3
- Harden the package
* Fri Feb 01 2013 Jan Synáček <jsynacek@redhat.com> - 20121221-2
- Always use posix locale when reading -i (#905840)
- Set correct ninfod capabilities
* Mon Jan 07 2013 Jan Synáček <jsynacek@redhat.com> - 20121221-1
- Update to iputils-s20121207 (#890397) and remove unnecessary patches
* Fri Dec 07 2012 Jan Synáček <jsynacek@redhat.com> - 20121207-1
- Update to iputils-s20121207 (#884983) - fixes a ping segfault introduced
by the previous update
- Update ninfod-minor patch
- Renumber patches
- Fix -F switch (flowlabel patch)
* Thu Dec 06 2012 Jan Synáček <jsynacek@redhat.com> - 20121205-1
- Update to iputils-s20121205 (#884436) and remove unnecessary patches
* Thu Dec 06 2012 Jan Synáček <jsynacek@redhat.com> - 20121125-3
- Package ninfod (#877530)
- Update systemd requirements
* Mon Nov 26 2012 Jan Synáček <jsynacek@redhat.com> - 20121125-2
- Comment patches and cleanup
- Update ifaddrs patch
- Call usage() before limiting capabilities
- Correct ifaddrs patch
- Drop corr_type patch (gcc 4.4 build hack)
- Fix missing end tags in sgml documentation
* Mon Nov 26 2012 Jan Synáček <jsynacek@redhat.com> - 20121125-1
- Update to iputils-s20121125 (#879952)
* Mon Nov 26 2012 Jan Synáček <jsynacek@redhat.com> - 20121121-2
- Re-fix arping's default device search logic (#879807)
* Thu Nov 22 2012 Jan Synáček <jsynacek@redhat.com> - 20121121-1
- Update to iputils-s20121121, drop unnecessary patches
- Add capabilities to clockdiff and arping
- Renumber patches
- Fix arping's default device search logic
* Mon Nov 19 2012 Jan Synáček <jsynacek@redhat.com> - 20121112-2
- Update License field
* Tue Nov 13 2012 Jan Synáček <jsynacek@redhat.com> - 20121112-1
- Update to iputils-s20121112 (#875767)
+ drop unnecessary patches
+ update patches
+ wrap SO_BINDTODEVICE with the correct capability
+ fix incorrect free (hits when -lidn is used)
* Thu Nov 08 2012 Jan Synáček <jsynacek@redhat.com> - 20121106-2
- Update ifenslave tarball (#859182)
* Tue Nov 06 2012 Jan Synáček <jsynacek@redhat.com> - 20121106-1
- Update to iputils-s20121106 (#873571) and update patches
* Mon Oct 15 2012 Jan Synáček <jsynacek@redhat.com> - 20121011-1
- Update to iputils-s20121011
+ drop unnecessary patches
+ update patches
+ improve spec
* Wed Aug 22 2012 Jan Synáček <jsynacek@redhat.com> - 20101006-18
- Improve spec for fedora
- Add systemd-rpm macros (#850167)
* Mon Jul 23 2012 Jan Synáček <jsynacek@redhat.com> 20101006-17
- Minor update: capabilities patch
* Fri Jul 20 2012 Jan Synáček <jsynacek@redhat.com> 20101006-16
- Make fedora-review friendly
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20101006-16
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Mon Jun 25 2012 Jan Synáček <jsynacek@redhat.com> 20101006-15
- Ping fixes:
+ enable marking packets when the correct capabilities are set (#802197)
+ integer overflow (#834661)
+ Fallback to numeric addresses while exiting (#834661)
* Wed Jan 25 2012 Harald Hoyer <harald@redhat.com> 20101006-14
- install everything in /usr
https://fedoraproject.org/wiki/Features/UsrMove
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20101006-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Thu Nov 24 2011 Jiri Skala <jskala@redhat.com> - 20101006-12
- fixes #756439 - ping Record Route report incorrect (same route)
* Thu Nov 10 2011 Jiri Skala <jskala@redhat.com> - 20101006-11
- fixes #752397 - arping uses eth0 as default interface
* Mon Aug 01 2011 Jiri Skala <jskala@redhat.com> - 20101006-10
- rebuild for libcap
* Mon Jun 27 2011 Jiri Skala <jskala@redhat.com> - 20101006-9
- fixes #697532 - The SysV initscript should be packaged into subpackage
* Tue Mar 29 2011 Jiri Skala <jskala@redhat.com> - 20101006-8
- fixes #663734 - ping/ping6 man page fixes
- fixes #673831 - tracepath/tracepath6 manpage fixes
* Wed Feb 09 2011 Jiri Skala <jskala@redhat.com> - 20101006-7
- fixes build errors due to unused variables
* Wed Feb 09 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20101006-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Jan 19 2011 Jiri Skala <jskala@redhat.com> - 20101006-5
- fixes #670380 - added /etc/sysconfig/rdisc, modified initscript
- initscript moved to git
* Wed Dec 15 2010 Jiri Skala <jskala@redhat.com> - 20101006-4
- fixes #662720 - Providing native systemd file
- freeing memory when capabilities are dropped
* Mon Nov 08 2010 Jiri Skala <jskala@redhat.com> - 20101006-3
- applied patch dropping capabilities of Ludwig Nussel
- fixes building ping, pinpg6 with -pie option
- moves most CFLAGS options from spec to Makefile
* Wed Oct 27 2010 Jiri Skala <jskala@redhat.com> - 20101006-2
- fixes #646444 - Replace SETUID in spec file with the correct file capabilities
* Mon Oct 11 2010 Jiri Skala <jskala@redhat.com> - 20101006-1
- update to latest upstream
* Tue Jul 13 2010 Jiri Skala <jskala@redhat.com> - 20100418-3
- applied patch preventing ping against dos attack
* Wed May 19 2010 Jiri Skala <jskala@redhat.com> - 20100418-2
- fixes #593641 - update bonding files (updated ifenslave tarball)
* Tue Apr 20 2010 Jiri Skala <jskala@redhat.com> - 20100418-1
- update to latest upstream
- enables flowlabel feature (-F option)
* Fri Mar 05 2010 Jiri Skala <jskala@redhat.com> - 20071127-10
- fixes #557308 - arping ignores the deadline option
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20071127-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Wed Feb 25 2009 Jiri Skala <jskala@redhat.com> - 20071127-8
- remake type conversions to gcc4.4 requirements
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20071127-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Fri Sep 26 2008 Jiri Skala <jskala@redhat.com> - 20071127-6
- #455713 not accepted - suid is back
* Fri Aug 15 2008 Jiri Skala <jskala@redhat.com> - 20071127-5
- removed a dependency on libsysfs library in arping
* Wed Aug 06 2008 Jiri Skala <jskala@redhat.com> - 20071127-4
- Resolves: #455713 remove suid from ping
- corrected typing error in man
* Tue Jun 03 2008 Martin Nagy <mnagy@redhat.com> - 20071127-3
- major patch cleanup so it will be easier to get patches upstream
- fix for #68212, previous fix actually didn't work for ping6
- renewed the ia64 align patches
- update README.bonding
- clear up the code from warnings
- spec file cleanup
* Tue Mar 25 2008 Martin Nagy <mnagy@redhat.com> - 20071127-2
- fix inconsistent behaviour of ping (#360881)
* Mon Feb 25 2008 Martin Nagy <mnagy@redhat.com> - 20071127-1
- update to new upstream version
* Mon Feb 18 2008 Martin Nagy <mnagy@redhat.com> - 20070202-9
- rebuild
* Mon Feb 18 2008 Martin Nagy <mnagy@redhat.com> - 20070202-8
- correctly fix the -w option and return code of arping (#387881)
* Fri Feb 01 2008 Martin Nagy <mnagy@redhat.com> - 20070202-7
- fix -Q option of ping6 (#213544)
* Mon Jan 14 2008 Martin Nagy <mnagy@redhat.com> - 20070202-6
- fix absolute symlinks and character encoding for RELNOTES (#225909)
- preserve file timestamps (#225909)
- use %%{?_smp_mflags} (#225909)
- fix service rdisc stop removing of lock file
* Fri Sep 14 2007 Martin Bacovsky <mbacovsk@redhat.com> - 20070202-5
- rebuild
* Fri Aug 3 2007 Martin Bacovsky <mbacovsk@redhat.com> - 20070202-4
- resolves: #236725: ping does not work for subsecond intervals for ordinary user
- resolves: #243197: RFE: Please sync ifenslave with current kernel
- resolves: #246954: Initscript Review
- resolves: #251124: can't build rdisc - OPEN_MAX undeclared
* Fri Apr 6 2007 Martin Bacovsky <mbacovsk@redhat.com> - 20070202-3
- resolves: #235374: Update of iputils starts rdisc, breaking connectivity
* Tue Mar 27 2007 Martin Bacovsky <mbacovsk@redhat.com> - 20070202-2
- Resolves: #234060: [PATCH] IDN (umlaut domains) support for ping and ping6
patch provided by Robert Scheck <redhat@linuxnetz.de>
* Thu Mar 15 2007 Martin Bacovsky <mbacovsk@redhat.com> - 20070202-1
- upgarde to new upstream iputils-s20070202
- Resolves: #229995
- Resolves: #225909 - Merge Review: iputils
- patches revision
* Thu Feb 22 2007 Martin Bacovsky <mbacovsk@redhat.com>- 20020927-42
- Resolves: #218706 - now defines the destination address along RFC3484
- Resolves: #229630 - ifenslave(8) man page added
- Resolves: #213716 - arping doesn't work on InfiniBand ipoib interfaces
* Wed Sep 13 2006 Radek Vokal <rvokal@redhat.com> - 20020927-41
- new ifenslave/bonding documentation
* Mon Aug 21 2006 Martin Bacovsky <mbacovsk@redhat.com> - 20020927-40
- tracepath doesn't continue past destination host (#174032)
previous patch replaced by new one provided by <mildew@gmail.com>
option -c added
* Mon Jul 17 2006 Radek Vokal <rvokal@redhat.com> - 20020927-39
- rebuilt
* Mon Jul 10 2006 Radek Vokal <rvokal@redhat.com> - 20020927-38
- tracepath doesn't continue past destination host (#174032) <mildew@gmail.com>
* Wed Mar 29 2006 Radek Vokál <rvokal@redhat.com> - 20020927-37
- fix ifenslave, shows interface addresses
- add RPM_OPT_FLAGS to ifenslave
* Sun Mar 12 2006 Radek Vokál <rvokal@redhat.com> - 20020927-36
- fix ifenslave man page (#185223)
* Fri Feb 24 2006 Radek Vokál <rvokal@redhat.com> - 20020927-35
- add PreReq: chkconfig (#182799,#182798)
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 20020927-34.2
- bump again for double-long bug on ppc(64)
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 20020927-34.1
- rebuilt for new gcc4.1 snapshot and glibc changes
* Mon Feb 06 2006 Radek Vokál <rvokal@redhat.com> 20020927-34
- ping clean-up, added new ICMP warning messages
* Wed Jan 25 2006 Radek Vokál <rvokal@redhat.com> 20020927-33
- gcc patch, warnings cleaned-up
* Tue Dec 13 2005 Radek Vokal <rvokal@redhat.com> 20020927-32
- fix HOPLIMIT option for setsockopt() (#175471)
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt
* Mon Dec 05 2005 Radek Vokal <rvokal@redhat.com> 20020927-31
- ifenslave.8 from debian.org
- separate ifenslave to its own tarball
* Tue Nov 08 2005 Radek Vokal <rvokal@redhat.com> 20020927-30
- don't ship traceroute6, now part of traceroute package
* Wed Oct 05 2005 Radek Vokal <rvokal@redhat.com> 20020927-29
- add ping6 and tracepath6 manpages, fix attributes.
* Fri Sep 30 2005 Radek Vokal <rvokal@redhat.com> 20020927-28
- memset structure before using it (#168166)
* Mon Sep 26 2005 Radek Vokal <rvokal@redhat.com> 20020927-27
- fixed ping -f, flooding works again (#134859,#169141)
* Thu Sep 08 2005 Radek Vokal <rvokal@redhat.com> 20020927-26
- tracepath6 and tracepath fix, use getaddrinfo instead of gethostbyname(2)
(#100778,#167735)
* Fri Aug 12 2005 Radek Vokal <rvokal@redhat.com> 20020927-25
- fixed arping timeout (#165715)
* Mon Jul 18 2005 Radek Vokal <rvokal@redhat.com> 20020927-24
- fixed arping buffer overflow (#163383)
* Fri May 27 2005 Radek Vokal <rvokal@redhat.com> 20020927-23
- fixed un-initialized "device" (#158914)
* Thu Apr 07 2005 Radek Vokal <rvokal@redhat.com> 20020927-22
- don't start rdisc as default (#154075)
* Tue Apr 05 2005 Radek Vokal <rvokal@redhat.com> 20020927-21
- rdisc init script added (#151614)
* Fri Mar 04 2005 Radek Vokal <rvokal@redhat.com> 20020927-20
- arping fix for infiniband (#150156)
* Tue Dec 07 2004 Radek Vokal <rvokal@redhat.com> 20020927-19
- return values fixed - patch from suse.de
* Mon Oct 18 2004 Radek Vokal <rvokal@redhat.com>
- ifenslave.c and README.bonding updated from kernel-2.6.8-1.521 (#136059)
* Mon Oct 11 2004 Radek Vokal <rvokal@redhat.com>
- spec file updated, source fixed (#135193)
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Wed May 12 2004 Phil Knirsch <pknirsch@redhat.com> 20020927-15
- Updated rh patch to enable PIE build of binaries.
* Thu Apr 22 2004 Phil Knirsch <pknirsch@redhat.com> 20020927-14
- Fixed bug with wrong return code check of inet_pton() in traceroute6 (#100684)
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Thu Oct 02 2003 Phil Knirsch <pknirsch@redhat.com> 20020927-12
- Fixed unaligned access problem on ia64 (#101417)
* Wed Sep 10 2003 Phil Knirsch <pknirsch@redhat.com> 20020927-11
- Don't use own headers, use glibc and kernheaders.
* Thu Sep 04 2003 Bill Nottingham <notting@redhat.com> 20020927-10
- fix build with new glibc-kernheaders
* Wed Sep 03 2003 Phil Knirsch <pknirsch@redhat.com> 20020927-9.1
- rebuilt
* Wed Sep 03 2003 Phil Knirsch <pknirsch@redhat.com> 20020927-9
- Start icmp_seq from 0 instead of 1 (Conform with debian and Solaris #100609).
* Thu Jul 31 2003 Phil Knirsch <pknirsch@redhat.com> 20020927-8
- One more update to ifenslave.c
* Mon Jun 16 2003 Phil Knirsch <pknirsch@redhat.com> 20020927-7
- Updated ifenslave.c and README.bonding to latest version.
* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Thu May 15 2003 Phil Knirsch <pknirsch@redhat.com> 20020927-5
- Bumped release and rebuilt
* Thu May 15 2003 Phil Knirsch <pknirsch@redhat.com> 20020927-4
- Fixed DNS lookup problems (#68212).
- Added warning if binding problem failed on subinterface (#81640).
* Tue May 13 2003 Phil Knirsch <pknirsch@redhat.com> 20020927-3
- Removed bonding tarball and replaced it with ifenslave.c and README
- FHS compliance for all tools, now to be found in /bin with compat symlinks to
old places.
* Wed Jan 22 2003 Tim Powers <timp@redhat.com> 20020927-2
- rebuilt
* Fri Nov 29 2002 Phil Knirsch <pknirsch@redhat.com> 20020927-1
- Updated to latest upstream version.
* Fri Jun 21 2002 Tim Powers <timp@redhat.com> 20020124-8
- automated rebuild
* Tue Jun 18 2002 Phil Knirsch <pknirsch@redhat.com> 20020124-7
- Added new BuildPreReqs for docbook-utils and perl-SGMLSpm (#66661)
- Fixed ipv6 error printing problem (#66659).
* Sun May 26 2002 Tim Powers <timp@redhat.com>
- automated rebuild
* Tue May 21 2002 Phil Knirsch <pknirsch@redhat.com>
- Added a patch to activate the rdisc server (#64270).
- Display the countermeasures warning only in verbose (#55236)
* Thu Apr 18 2002 Bill Nottingham <notting@redhat.com>
- quit trying to build HTML versions of the man pages
* Thu Mar 14 2002 Phil Knirsch <pknirsch@redhat.com>
- Added fix by Tom "spot" Callaway to fix buffer overflow problems in stats.
* Wed Feb 27 2002 Phil Knirsch <pknirsch@redhat.com>
- Update to iputils-ss020124.
* Wed Jan 09 2002 Tim Powers <timp@redhat.com>
- automated rebuild
* Mon Aug 27 2001 Philipp Knirsch <pknirsch@redhat.de> 20001110-6
- Fixed buffer overflow problem in traceroute6.c (#51135)
* Mon Jul 02 2001 Philipp Knirsch <pknirsch@redhat.de>
- Made ping6 and traceroute6 setuid (safe as they drop it VERY early) (#46769)
* Thu Jun 28 2001 Philipp Knirsch <pknirsch@redhat.de>
- Fixed ping statistics overflow bug (#43801)
* Tue Jun 26 2001 Philipp Knirsch <pknirsch@redhat.de>
- Fixed a bunch of compiler warnings (#37131)
- Fixed wrong exit code for no packets and deadline (#40323)
- Moved arping to /sbin from /usr/sbin due to ifup call (#45785). Symlink from
/usr/sbin/ provided for backwards compatibility.
* Mon Apr 30 2001 Preston Brown <pbrown@redhat.com>
- install in.rdisc.8c as rdisc.8
* Tue Jan 16 2001 Jeff Johnson <jbj@redhat.com>
- update to ss001110
- doco fixes (#23844).
* Sun Oct 8 2000 Jeff Johnson <jbj@redhat.com>
- update to ss001007.
* Tue Aug 8 2000 Tim Waugh <twaugh@redhat.com>
- fix spelling mistake (#15714).
* Tue Aug 8 2000 Tim Waugh <twaugh@redhat.com>
- turn on -U on machines without TSC (#15223).
* Tue Aug 1 2000 Jeff Johnson <jbj@redhat.com>
- better doco patch (#15050).
* Tue Jul 25 2000 Jakub Jelinek <jakub@redhat.com>
- fix include-glibc/ to work with new glibc 2.2 resolver headers
* Thu Jul 13 2000 Prospector <bugzilla@redhat.com>
- automatic rebuild
* Sun Jun 18 2000 Jeff Johnson <jbj@redhat.com>
- FHS packaging.
- update to ss000418.
- perform reverse DNS lookup only once for same input.
* Sun Mar 5 2000 Jeff Johnson <jbj@redhat.com>
- include README.ifenslave doco.
- "ping -i N" was broke for N >= 3 (#9929).
- update to ss000121:
-- clockdiff: preserve raw socket errno.
-- ping: change error exit code to 1 (used to be 92,93, ...)
-- ping,ping6: if -w specified, transmit until -c limit is reached.
-- ping,ping6: exit code non-zero if some packets not received within deadline.
* Tue Feb 22 2000 Jeff Johnson <jbj@redhat.com>
- man page corrections (#9690).
* Wed Feb 9 2000 Jeff Johnson <jbj@jbj.org>
- add ifenslave.
* Thu Feb 3 2000 Elliot Lee <sopwith@redhat.com>
- List /usr/sbin/rdisc in %%files list.
* Thu Jan 27 2000 Jeff Johnson <jbj@redhat.com>
- add remaining binaries.
- casts to remove compilation warnings.
- terminate if -w deadline is reached exactly (#8724).
* Fri Dec 24 1999 Jeff Johnson <jbj@redhat.com>
- create (only ping for now, traceroute et al soon).