diff --git a/SOURCES/xinetd-2.3.15-tcpmux-nameinargs-disable-service.patch b/SOURCES/xinetd-2.3.15-tcpmux-nameinargs-disable-service.patch new file mode 100644 index 0000000..7f8e6e4 --- /dev/null +++ b/SOURCES/xinetd-2.3.15-tcpmux-nameinargs-disable-service.patch @@ -0,0 +1,50 @@ +Xinetd parses and applies its configuration line by line. If a user wants to +specify NAMEINARGS as a flag, it has to be *before* specifying 'server_args'. + +Author: Jan Synacek +Resolves: #1037565 + +--- a/xinetd/parse.c 2013-11-21 10:51:25.025436376 +0100 ++++ b/xinetd/parse.c 2013-11-21 14:45:44.374121057 +0100 +@@ -633,7 +633,28 @@ static status_e identify_attribute( entr + + if ( (*ap->a_parser)( attr_values, scp, op ) == OK ) + { /* This is the normal path. */ +- SC_SPECIFY( scp, ap->a_id ) ; ++ /* If flags contain NAMEINARGS and server_args is already set, disable the service. ++ Server args are already set incorrectly. */ ++ if ( strcmp( ap->a_name, "flags" ) == 0 && ++ SC_SERVER_ARGV( scp ) ) ++ { ++ int i = 0, n = pset_count( attr_values ) ; ++ for ( ; i < n ; i++ ) { ++ char *v = (char *)pset_pointer( attr_values, i ) ; ++ if ( strcmp( v, "NAMEINARGS" ) == 0 ) ++ break ; ++ } ++ ++ if ( i != n ) { ++ parsemsg( LOG_ERR, func, ++ "NAMEINARGS flag is set after server_args - DISABLING SERVICE" ) ; ++ SC_DISABLE( scp ) ; ++ } ++ } ++ else ++ { ++ SC_SPECIFY( scp, ap->a_id ) ; ++ } + } + else if ( entry_type == SERVICE_ENTRY ) + { +--- a/xinetd/xinetd.conf.man 2013-12-03 10:06:35.717977075 +0100 ++++ b/xinetd/xinetd.conf.man 2013-12-03 10:41:14.779089430 +0100 +@@ -106,7 +106,8 @@ + This will cause the first argument in "server_args" to be argv[0] when + executing the server, as specified in "server". This allows you to use + tcpd by putting tcpd in "server" and the name of the server in "server_args" +-like in normal inetd. ++like in normal inetd. This flag has to be specified before "server_args", ++otherwise is not taken into account. + .TP + .B NODELAY + If the service is a tcp service and the NODELAY flag is set, then the diff --git a/SPECS/xinetd.spec b/SPECS/xinetd.spec index 408b2ff..52cc8da 100644 --- a/SPECS/xinetd.spec +++ b/SPECS/xinetd.spec @@ -1,7 +1,7 @@ Summary: A secure replacement for inetd Name: xinetd Version: 2.3.15 -Release: 8%{?dist} +Release: 12%{?dist} License: xinetd Group: System Environment/Daemons Epoch: 2 @@ -57,6 +57,8 @@ Patch27: xinetd-2.3.15-bad-port-check.patch Patch28: xinetd-2.3.15-context-exepath.patch # Fix #1006100 - xinetd: ignores user and group directives for tcpmux services Patch29: xinetd-2.3.15-creds.patch +# Fix #1037565 - xinetd segfaults when connecting to tcpmux service +Patch30: xinetd-2.3.15-tcpmux-nameinargs-disable-service.patch BuildRequires: autoconf, automake BuildRequires: libselinux-devel >= 1.30 @@ -113,6 +115,7 @@ located in the /etc/xinetd.d directory. %patch27 -p1 -b .bad-port-check %patch28 -p1 -b .context-exepath %patch29 -p1 -b .creds +%patch30 -p1 aclocal autoconf @@ -160,6 +163,21 @@ install -m 600 %SOURCE3 $RPM_BUILD_ROOT/etc/sysconfig/xinetd %{_mandir}/*/* %changelog +* Fri Jan 24 2014 Daniel Mach - 2:2.3.15-12 +- Mass rebuild 2014-01-24 + +* Mon Jan 6 2014 Jan Synáček - 2:2.3.15-11 +- fixup of the previous patch +- Related: #1037565 +- Resolves: #1042357 + +* Fri Dec 27 2013 Daniel Mach - 2:2.3.15-10 +- Mass rebuild 2013-12-27 + +* Tue Dec 3 2013 Jan Synáček - 2:2.3.15-9 +- xinetd segfaults when connecting to tcpmux service +- Resolves: #1037565 + * Tue Sep 24 2013 Jan Synáček - 2:2.3.15-8 - Honor user and group directives (re-fix the previous commit) - Resolves: CVE-2013-4342