.gitignore

@@ -1 +1 @@
-SOURCES/traceroute-2.1.0.tar.gz
+SOURCES/traceroute-2.1.1.tar.gz

.traceroute.metadata

@@ -1 +1 @@
-bc5c6c8022187511be5665b3818d919be5987dcc SOURCES/traceroute-2.1.0.tar.gz
+74cad59c5b698e9686913b501559203de94e4099 SOURCES/traceroute-2.1.1.tar.gz

SOURCES/001-review-of-CWE-170-CWE-772.patch

@@ -0,0 +1,57 @@
+From 4bbfd43121e4c1f59074b1b0def9804c1890b2dc Mon Sep 17 00:00:00 2001
+From: Jan Macku <jamacku@redhat.com>
+Date: Mon, 19 Jul 2021 09:48:19 +0200
+Subject: [PATCH] review of CWE-170, CWE-772
+
+Resolves: #1938887
+---
+ libsupp/clif.c          | 2 ++
+ traceroute/traceroute.c | 7 ++++++-
+ 2 files changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/libsupp/clif.c b/libsupp/clif.c
+index 4ef20e4..60ec291 100644
+--- a/libsupp/clif.c
++++ b/libsupp/clif.c
+@@ -229,10 +229,12 @@ static void err_bad_arg (const CLIF_option *optn, char c, int n) {
+ 
+ 	if (c) {
+ 	    s = show_short (&tmp);	/*  always without arg...  */
++	    /* coverity[buffer_size_warning] - not a bug, s ends with '\0', see line 97 */
+ 	    strncpy (ss, s, sizeof (ss));
+ 	    s = show_short (optn);
+ 	} else {
+ 	    s = show_long (&tmp);	/*  always without arg...  */
++	    /* coverity[buffer_size_warning] - not a bug, s ends with '\0', see line 97 */
+ 	    strncpy (ss, s, sizeof (ss));
+ 	    s = show_long (optn);
+ 	}
+diff --git a/traceroute/traceroute.c b/traceroute/traceroute.c
+index 4be9b24..0a29e36 100644
+--- a/traceroute/traceroute.c
++++ b/traceroute/traceroute.c
+@@ -217,8 +217,12 @@ static int getaddr (const char *name, sockaddr_any *addr) {
+ 	}
+ 	if (!ai)  ai = res;	/*  anything...  */
+ 
+-	if (ai->ai_addrlen > sizeof (*addr))
++	if (ai->ai_addrlen > sizeof (*addr)) {
++		/* Avoid of leaking res (CWE-772) */
++		freeaddrinfo (res);
+ 		return -1;	/*  paranoia   */
++	}
++
+ 	memcpy (addr, ai->ai_addr, ai->ai_addrlen);
+ 
+ 	freeaddrinfo (res);
+@@ -244,6 +248,7 @@ static void make_fd_used (int fd) {
+ 	    close (nfd);
+ 	}
+ 
++	/* coverity[leaked_handle] - not a bug, see line 665 */
+ 	return;
+ }
+ 
+-- 
+2.31.1
+

SOURCES/002-traceroute-2.1.1-return-back-more-robust.patch

@@ -1,44 +0,0 @@
-diff --color -u -r traceroute-2.1.0/traceroute/poll.c traceroute-2.1.1/traceroute/poll.c
---- traceroute-2.1.0/traceroute/poll.c	2016-03-07 17:20:56.000000000 +0100
-+++ traceroute-2.1.1/traceroute/poll.c	2022-12-27 01:00:18.000000000 +0100
-@@ -64,28 +64,23 @@
- 
- 
- void do_poll (double timeout, void (*callback) (int fd, int revents)) {
--	int nfds;
--	int msecs = ceil (timeout * 1000);
-+	int nfds, n, i;
- 
--	while ((nfds = cleanup_polls ()) > 0) {
--	    int i, n;
-+	nfds = cleanup_polls ();
- 
--	    n = poll (pfd, nfds, msecs);
-+	if (!nfds)  return;
- 
--	    if (n <= 0) {
--		if (n == 0 || errno == EINTR)
--			return;
--		error ("poll");
--	    }
-+	n = poll (pfd, nfds, ceil(timeout * 1000));
-+	if (n < 0) {
-+	    if (errno == EINTR)  return;
-+	    error ("poll");
-+	}
- 
--	    for (i = 0; n && i < num_polls; i++) {
--		if (pfd[i].revents) {
--		    callback (pfd[i].fd, pfd[i].revents);
--		    n--;
--		}
-+	for (i = 0; n && i < num_polls; i++) {
-+	    if (pfd[i].revents) {
-+		callback (pfd[i].fd, pfd[i].revents);
-+		n--;
- 	    }
--
--	    msecs = 0;	    /*  no more wait, just eat all the pending   */
- 	}
- 
- 	return;

SOURCES/100-make-traceroute-follow-RFC-3484-conditionally.patch

@@ -0,0 +1,40 @@
+From 614edd1ad7e5d2ec2f5f6c43dc6cae05ac893f48 Mon Sep 17 00:00:00 2001
+From: Jan Macku <jamacku@redhat.com>
+Date: Wed, 18 Sep 2024 13:02:48 +0200
+Subject: [PATCH] make traceroute follow RFC-3484 conditionally
+
+RFC-3484 - Is defining rules for IPv6 address selection.
+https://www.rfc-editor.org/info/rfc3484
+
+This patch is adding option to allow traceroute to follow RFC-3484 for IPv6 address selection by setting the environment variable TRACEROUTE_USE_RFC3484.
+
+Modification of upstream patch released in 2.1.6 - upstream tracker https://sourceforge.net/p/traceroute/bugs/16/
+
+Resolves: RHEL-59444
+---
+ traceroute/traceroute.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/traceroute/traceroute.c b/traceroute/traceroute.c
+index 0a29e36..f755a24 100644
+--- a/traceroute/traceroute.c
++++ b/traceroute/traceroute.c
+@@ -210,10 +210,15 @@ static int getaddr (const char *name, sockaddr_any *addr) {
+ 	}
+ 
+ 	for (ai = res; ai; ai = ai->ai_next) {
++	  if (!getenv("TRACEROUTE_USE_RFC3484")) {
+ 	    if (ai->ai_family == af)  break;
+ 	    /*  when af not specified, choose DEF_AF if present   */
+ 	    if (!af && ai->ai_family == DEF_AF)
+ 		    break;
++	  } else {
++	    if (!af || ai->ai_family == af)
++		    break;
++	  }
+ 	}
+ 	if (!ai)  ai = res;	/*  anything...  */
+ 
+-- 
+2.46.0
+

SPECS/traceroute.spec

@@ -1,19 +1,24 @@
 Summary: Traces the route taken by packets over an IPv4/IPv6 network
 Name: traceroute
 Epoch: 3
-Version: 2.1.0
-Release: 9%{?dist}
-Group: Applications/Internet
+Version: 2.1.1
+Release: 1%{?dist}
 License: GPLv2+
 URL:  http://traceroute.sourceforge.net
-Source0: http://downloads.sourceforge.net/project/traceroute/traceroute/traceroute-%{version}/traceroute-%{version}.tar.gz
+Source0: https://downloads.sourceforge.net/project/traceroute/traceroute/traceroute-%{version}/traceroute-%{version}.tar.gz
 
-Patch001: 001-traceroute-CVE-2023-46316.patch
-Patch002: 002-traceroute-2.1.1-return-back-more-robust.patch
+Patch001: 001-review-of-CWE-170-CWE-772.patch
+Patch002: 002-traceroute-CVE-2023-46316.patch
+
+# Downstream only patches
+Patch100: 100-make-traceroute-follow-RFC-3484-conditionally.patch
 
 Provides: tcptraceroute = 1.5-1
 Obsoletes: tcptraceroute < 1.5-1
 
+BuildRequires: make
+BuildRequires: gcc
+
 
 %description
 The traceroute utility displays the route used by IP packets on their
@@ -32,45 +37,80 @@ problems.
 
 
 %build
-make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"
+%make_build CFLAGS="$RPM_OPT_FLAGS" LDFLAGS="$RPM_LD_FLAGS"
 
 
 %install
-
-install -d $RPM_BUILD_ROOT/bin
-install -m755 traceroute/traceroute $RPM_BUILD_ROOT/bin
-pushd $RPM_BUILD_ROOT/bin
-ln -s traceroute traceroute6
-popd
-
-install -d $RPM_BUILD_ROOT%{_bindir}
-install -m755 wrappers/tcptraceroute $RPM_BUILD_ROOT%{_bindir}
-
-install -d $RPM_BUILD_ROOT%{_mandir}/man8
-install -p -m644 traceroute/traceroute.8 $RPM_BUILD_ROOT%{_mandir}/man8
-pushd $RPM_BUILD_ROOT%{_mandir}/man8
-ln -s traceroute.8 traceroute6.8
-ln -s traceroute.8 tcptraceroute.8
-popd
+install -D -p -m755 traceroute/traceroute $RPM_BUILD_ROOT%{_bindir}/traceroute
+ln -s traceroute $RPM_BUILD_ROOT%{_bindir}/traceroute6
+install -D -p -m755 wrappers/tcptraceroute $RPM_BUILD_ROOT%{_bindir}/tcptraceroute
+install -D -p -m644 traceroute/traceroute.8 $RPM_BUILD_ROOT%{_mandir}/man8/traceroute.8
+ln -s traceroute.8 $RPM_BUILD_ROOT%{_mandir}/man8/traceroute6.8
+ln -s traceroute.8 $RPM_BUILD_ROOT%{_mandir}/man8/tcptraceroute.8
 
 
 %files
-%doc COPYING README TODO CREDITS
-/bin/*
+%license COPYING
+%doc README TODO CREDITS
 %{_bindir}/*
 %{_mandir}/*/*
 
 
 %changelog
-* Wed Dec 18 2024 Jan Macku <jamacku@redhat.com> - 3:2.1.0-9
-- avoid consuming 100% CPU when running traceroute in loop (RHEL-71510)
+* Mon Dec 02 2024 Jan Macku <jamacku@redhat.com> - 3:2.1.1-1
+- rebase to 2.1.1 (RHEL-67117)
+    Interpret ipv4-mapped ipv6 addresses (::ffff:A.B.C.D) as true ipv4.
 
-* Mon Nov 27 2023 Jan Macku <jamacku@redhat.com> - 3:2.1.0-8
+	   There are no ipv4-mapped addresses in the real network which we
+	   operate on, so use just ipv4 in such cases, but allow users
+	   to specify it this way for convenience.
+
+	  Return back more robast poll(2) loop handling.
+
+* Wed Sep 18 2024 Jan Macku <jamacku@redhat.com> - 3:2.1.0-19
+- make traceroute follow RFC-3484 conditionally (RHEL-58449)
+
+* Mon Nov 27 2023 Jan Macku <jamacku@redhat.com> - 3:2.1.0-18
 - add gating.yaml
 
-* Mon Oct 30 2023 Jan Macku <jamacku@redhat.com> - 3:2.1.0-7
+* Mon Oct 30 2023 Jan Macku <jamacku@redhat.com> - 3:2.1.0-17
 - fix improper command line parsing (CVE-2023-46316)
 
+* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 3:2.1.0-16
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Mon Jul 19 2021 Jan Macku <jamacku@redhat.com> - 3:2.1.0-15
+- review of CWE-170 and CWE-772 (#1938887)
+
+* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 3:2.1.0-14
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3:2.1.0-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Wed Jan 13 2021 Dmitry Butskoy <Dmitry@Butskoy.name> - 3:2.1.0-13
+- Install into %{_bindir} (#1915614)
+
+* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3:2.1.0-12
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 3:2.1.0-11
+- Use make macros
+- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
+
+* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3:2.1.0-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3:2.1.0-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3:2.1.0-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3:2.1.0-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
 * Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3:2.1.0-6
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild