rpms/libimobiledevice
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Add fix for potential security issue

Browse Source
This commit is contained in:
Bastien Nocera 2016-03-14 14:57:18 +01:00
parent 8f972cf547
commit e44c9b33de
2 changed files with 40 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
0001-common-security-fix-Make-sure-sockets-only-listen-lo.patch Normal file
View File

@ -0,0 +1,34 @@
From df1f5c4d70d0c19ad40072f5246ca457e7f9849e Mon Sep 17 00:00:00 2001
From: Joshua Hill <posixninja@gmail.com>
Date: Tue, 29 Dec 2015 22:27:17 +0100
Subject: [PATCH] common: [security fix] Make sure sockets only listen locally
---
common/socket.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/common/socket.c b/common/socket.c
index b276864..e2968a6 100644
--- a/common/socket.c
+++ b/common/socket.c
@@ -172,7 +172,7 @@ int socket_create(uint16_t port)
memset((void *) &saddr, 0, sizeof(saddr));
saddr.sin_family = AF_INET;
- saddr.sin_addr.s_addr = htonl(INADDR_ANY);
+ saddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
saddr.sin_port = htons(port);
if (0 > bind(sfd, (struct sockaddr *) &saddr, sizeof(saddr))) {
@@ -329,7 +329,7 @@ int socket_accept(int fd, uint16_t port)
memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
- addr.sin_addr.s_addr = htonl(INADDR_ANY);
+ addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
addr.sin_port = htons(port);
addr_len = sizeof(addr);
--
2.5.0

7
libimobiledevice.spec
View File

@ -7,7 +7,7 @@
Name: libimobiledevice
Version: 1.2.0
Release: 5%{?dist}
Release: 6%{?dist}
Summary: Library for connecting to mobile devices
Group: System Environment/Libraries
@ -17,6 +17,7 @@ Source0: http://www.libimobiledevice.org/downloads/%{name}-%{version}.tar.
# Fix the build with gnutls 3.4
Patch0: 0001-Updated-cert-callback-to-gnutls3-API.patch
Patch1: 0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch
Patch2: 0001-common-security-fix-Make-sure-sockets-only-listen-lo.patch
BuildRequires: glib2-devel
BuildRequires: gnutls-devel
@ -67,6 +68,7 @@ Python bindings for libimobiledevice.
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
# Fix dir permissions on html docs
chmod +x docs/html
@ -113,6 +115,9 @@ find %{buildroot} -type f -name "*.la" -delete
%endif
%changelog
* Mon Mar 14 2016 Bastien Nocera <bnocera@redhat.com> 1.2.0-6
- Add fix for potential security issue
* Mon Mar 14 2016 Bastien Nocera <bnocera@redhat.com> 1.2.0-5
- Fix installation proxy usage