Import from AlmaLinux stable repository
This commit is contained in:
parent
f17f5bb0db
commit
2305568992
@ -1 +0,0 @@
|
|||||||
bc5c6c8022187511be5665b3818d919be5987dcc SOURCES/traceroute-2.1.0.tar.gz
|
|
68
SOURCES/001-traceroute-CVE-2023-46316.patch
Normal file
68
SOURCES/001-traceroute-CVE-2023-46316.patch
Normal file
@ -0,0 +1,68 @@
|
|||||||
|
From 9a605da8a6c72f0f52f505f38adb3133b7e726f8 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Jan Macku <jamacku@redhat.com>
|
||||||
|
Date: Mon, 30 Oct 2023 12:55:43 +0100
|
||||||
|
Subject: [PATCH] Fix command line parsing in wrappers
|
||||||
|
|
||||||
|
Resolves: CVE-2023-46316
|
||||||
|
---
|
||||||
|
wrappers/tcptraceroute | 2 +-
|
||||||
|
wrappers/tracepath | 2 +-
|
||||||
|
wrappers/traceproto | 2 +-
|
||||||
|
wrappers/traceroute-nanog | 2 +-
|
||||||
|
4 files changed, 4 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/wrappers/tcptraceroute b/wrappers/tcptraceroute
|
||||||
|
index b4fc810..9063886 100755
|
||||||
|
--- a/wrappers/tcptraceroute
|
||||||
|
+++ b/wrappers/tcptraceroute
|
||||||
|
@@ -26,7 +26,7 @@ usage () {
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
-PARSED=`getopt 'hvdnNi:l:f:Fm:p:q:w:s:t:SAE' "$@"`
|
||||||
|
+PARSED=`getopt -- 'hvdnNi:l:f:Fm:p:q:w:s:t:SAE' "$@"`
|
||||||
|
[ $? != 0 ] && exit 2
|
||||||
|
|
||||||
|
eval set -- "$PARSED"
|
||||||
|
diff --git a/wrappers/tracepath b/wrappers/tracepath
|
||||||
|
index 987b998..448f031 100755
|
||||||
|
--- a/wrappers/tracepath
|
||||||
|
+++ b/wrappers/tracepath
|
||||||
|
@@ -25,7 +25,7 @@ usage () {
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
-PARSED=`getopt 'hnbl:' "$@"`
|
||||||
|
+PARSED=`getopt -- 'hnbl:' "$@"`
|
||||||
|
[ $? != 0 ] && exit 2
|
||||||
|
|
||||||
|
eval set -- "$PARSED"
|
||||||
|
diff --git a/wrappers/traceproto b/wrappers/traceproto
|
||||||
|
index 988fdc5..5dfd9a7 100755
|
||||||
|
--- a/wrappers/traceproto
|
||||||
|
+++ b/wrappers/traceproto
|
||||||
|
@@ -38,7 +38,7 @@ warning () {
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
-PARSED=`getopt 'cCTfAhvRp:d:D:s:S:m:M:w:W:a:P:F:k:I:H:i:o:t:' "$@"`
|
||||||
|
+PARSED=`getopt -- 'cCTfAhvRp:d:D:s:S:m:M:w:W:a:P:F:k:I:H:i:o:t:' "$@"`
|
||||||
|
[ $? != 0 ] && exit 2
|
||||||
|
|
||||||
|
eval set -- "$PARSED"
|
||||||
|
diff --git a/wrappers/traceroute-nanog b/wrappers/traceroute-nanog
|
||||||
|
index 29fd2a4..aac4c83 100755
|
||||||
|
--- a/wrappers/traceroute-nanog
|
||||||
|
+++ b/wrappers/traceroute-nanog
|
||||||
|
@@ -31,7 +31,7 @@ warning () {
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
-PARSED=`getopt 'adnruvAMOPQU$w:S:m:p:q:g:t:s:I:f:T:' "$@"`
|
||||||
|
+PARSED=`getopt -- 'adnruvAMOPQU$w:S:m:p:q:g:t:s:I:f:T:' "$@"`
|
||||||
|
[ $? != 0 ] && {
|
||||||
|
usage
|
||||||
|
exit 2
|
||||||
|
--
|
||||||
|
2.41.0
|
||||||
|
|
@ -2,12 +2,14 @@ Summary: Traces the route taken by packets over an IPv4/IPv6 network
|
|||||||
Name: traceroute
|
Name: traceroute
|
||||||
Epoch: 3
|
Epoch: 3
|
||||||
Version: 2.1.0
|
Version: 2.1.0
|
||||||
Release: 6%{?dist}
|
Release: 8%{?dist}
|
||||||
Group: Applications/Internet
|
Group: Applications/Internet
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
URL: http://traceroute.sourceforge.net
|
URL: http://traceroute.sourceforge.net
|
||||||
Source0: http://downloads.sourceforge.net/project/traceroute/traceroute/traceroute-%{version}/traceroute-%{version}.tar.gz
|
Source0: http://downloads.sourceforge.net/project/traceroute/traceroute/traceroute-%{version}/traceroute-%{version}.tar.gz
|
||||||
|
|
||||||
|
Patch001: 001-traceroute-CVE-2023-46316.patch
|
||||||
|
|
||||||
Provides: tcptraceroute = 1.5-1
|
Provides: tcptraceroute = 1.5-1
|
||||||
Obsoletes: tcptraceroute < 1.5-1
|
Obsoletes: tcptraceroute < 1.5-1
|
||||||
|
|
||||||
@ -25,7 +27,7 @@ problems.
|
|||||||
|
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%autosetup -p1
|
||||||
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
@ -59,6 +61,12 @@ popd
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Nov 27 2023 Jan Macku <jamacku@redhat.com> - 3:2.1.0-8
|
||||||
|
- add gating.yaml
|
||||||
|
|
||||||
|
* Mon Oct 30 2023 Jan Macku <jamacku@redhat.com> - 3:2.1.0-7
|
||||||
|
- fix improper command line parsing (CVE-2023-46316)
|
||||||
|
|
||||||
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3:2.1.0-6
|
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3:2.1.0-6
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user