import CS libtirpc-1.3.3-2.el9
This commit is contained in:
parent
811080905f
commit
39a6131dd6
31
SOURCES/libtirpc-1.3.3-dos-sleep.patch
Normal file
31
SOURCES/libtirpc-1.3.3-dos-sleep.patch
Normal file
@ -0,0 +1,31 @@
|
||||
commit f7f0abdf267698de3f74a0285405b1b01f40893b
|
||||
Author: Zhi Li <yieli@redhat.com>
|
||||
Date: Wed Jan 11 11:19:31 2023 -0500
|
||||
|
||||
getnetconfigent: avoid potential DoS issue by removing unnecessary sleep
|
||||
|
||||
By adapting CodeChecker for libtirpc related tests, it complains
|
||||
an improper waiting time for function getnetconfigent with
|
||||
a valid input value, either it should be treated as a wrong
|
||||
input or just take it as a proper value without sleeping
|
||||
|
||||
link: https://bugzilla.redhat.com/show_bug.cgi?id=2150611
|
||||
Signed-off-by: Zhi Li <yieli@redhat.com>
|
||||
Signed-off-by: Steve Dickson <steved@redhat.com>
|
||||
|
||||
diff --git a/src/getnetconfig.c b/src/getnetconfig.c
|
||||
index cfd33c2..d547dce 100644
|
||||
--- a/src/getnetconfig.c
|
||||
+++ b/src/getnetconfig.c
|
||||
@@ -436,11 +436,6 @@ getnetconfigent(netid)
|
||||
fprintf(stderr, "in /etc/netconfig.\n");
|
||||
fprintf(stderr, "Please change this to \"local\" manually ");
|
||||
fprintf(stderr, "or run mergemaster(8).\n");
|
||||
- fprintf(stderr, "See UPDATING entry 20021216 for details.\n");
|
||||
- fprintf(stderr, "Continuing in 10 seconds\n\n");
|
||||
- fprintf(stderr, "This warning will be removed 20030301\n");
|
||||
- sleep(10);
|
||||
-
|
||||
}
|
||||
|
||||
/*
|
@ -2,7 +2,7 @@
|
||||
|
||||
Name: libtirpc
|
||||
Version: 1.3.3
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
Summary: Transport Independent RPC Library
|
||||
License: SISSL and BSD
|
||||
URL: http://git.linux-nfs.org/?p=steved/libtirpc.git;a=summary
|
||||
@ -19,6 +19,11 @@ BuildRequires: make
|
||||
Patch001: libtirpc-1.3.3-blacklist-close.patch
|
||||
Patch002: libtirpc-1.3.3-clnt-raw-ptr.patch
|
||||
|
||||
#
|
||||
# RHEL9.2
|
||||
#
|
||||
Patch003: libtirpc-1.3.3-dos-sleep.patch
|
||||
|
||||
%description
|
||||
This package contains SunLib's implementation of transport-independent
|
||||
RPC (TI-RPC) documentation. This library forms a piece of the base of
|
||||
@ -118,6 +123,9 @@ mv %{buildroot}%{_mandir}/man3 %{buildroot}%{_mandir}/man3t
|
||||
%{_mandir}/*/*
|
||||
|
||||
%changelog
|
||||
* Thu May 18 2023 Steve Dickson <steved@redhat.com> - 1.3.3-2
|
||||
- getnetconfigent: avoid potential DoS (bz 2150611)
|
||||
|
||||
* Thu Nov 03 2022 Steve Dickson <steved@redhat.com> - 1.3.3-1
|
||||
- bindresvport.c: fix a potential resource leakage (bz 2135405)
|
||||
- clnt_raw.c: fix a possible null pointer dereference (bz 2138317)
|
||||
|
Loading…
Reference in New Issue
Block a user