From 6bb55ce0ecdcde91ea510529448cba9fdab81a7c64edbf641229f6c5c4fc0ec5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Mon, 30 Sep 2024 10:46:45 +0200 Subject: [PATCH] Sync from SUSE:SLFO:Main telnet revision 44f93eea00a3dc6f4197d2d0fd7253f0 --- .gitattributes | 23 +++ CVE-2022-39028.patch | 45 +++++ telnet-bsd-1.2-fix-infinite-loop.patch | 110 +++++++++++ telnet-bsd-1.2-hostalias.patch | 48 +++++ telnet-bsd-1.2-man-page.patch | 12 ++ telnet-bsd-1.2-no_gethostbyname.patch | 53 ++++++ telnet-bsd-1.2-suppress_hostname.patch | 92 ++++++++++ telnet-bsd-1.2.tar.bz2 | 3 + telnet.changes | 244 +++++++++++++++++++++++++ telnet.socket | 11 ++ telnet.spec | 124 +++++++++++++ telnet.target | 2 + telnet@.service | 8 + 13 files changed, 775 insertions(+) create mode 100644 .gitattributes create mode 100644 CVE-2022-39028.patch create mode 100644 telnet-bsd-1.2-fix-infinite-loop.patch create mode 100644 telnet-bsd-1.2-hostalias.patch create mode 100644 telnet-bsd-1.2-man-page.patch create mode 100644 telnet-bsd-1.2-no_gethostbyname.patch create mode 100644 telnet-bsd-1.2-suppress_hostname.patch create mode 100644 telnet-bsd-1.2.tar.bz2 create mode 100644 telnet.changes create mode 100644 telnet.socket create mode 100644 telnet.spec create mode 100644 telnet.target create mode 100644 telnet@.service diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/CVE-2022-39028.patch b/CVE-2022-39028.patch new file mode 100644 index 0000000..a37e9fb --- /dev/null +++ b/CVE-2022-39028.patch @@ -0,0 +1,45 @@ +Description: Fix remote DoS vulnerability in inetutils-telnetd + This is caused by a crash by a NULL pointer dereference when sending the + byte sequences «0xff 0xf7» or «0xff 0xf8». +Authors: + Pierre Kim (original patch), + Alexandre Torres (original patch), + Erik Auerswald (adapted patch), +Reviewed-by: Erik Auerswald +Origin: upstream +Ref: https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html +Forwarded: https://lists.gnu.org/archive/html/bug-inetutils/2022-08/msg00002.html +Last-Update: 2022-08-28 + + +diff --git a/telnetd/state.c b/telnetd/state.c +index ffc6cbaf..c2d760f8 100644 +--- a/telnetd/state.c ++++ b/telnetd/state.c +@@ -185,16 +185,22 @@ telrcv (void) + case EC: + case EL: + { +- cc_t ch; ++ cc_t ch = (cc_t) (_POSIX_VDISABLE); + + DIAG(TD_OPTIONS, + printoption("td: recv IAC", c)); + ptyflush(); /* half-hearted */ + init_termbuf(); + if (c == EC) +- ch = *slctab[SLC_EC].sptr; ++ { ++ if (slctab[SLC_EC].sptr) ++ ch = *slctab[SLC_EC].sptr; ++ } + else +- ch = *slctab[SLC_EL].sptr; ++ { ++ if (slctab[SLC_EL].sptr) ++ ch = *slctab[SLC_EL].sptr; ++ } + if (ch != (cc_t)(_POSIX_VDISABLE)) + *pfrontp++ = (unsigned char)ch; + break; + diff --git a/telnet-bsd-1.2-fix-infinite-loop.patch b/telnet-bsd-1.2-fix-infinite-loop.patch new file mode 100644 index 0000000..1c5af77 --- /dev/null +++ b/telnet-bsd-1.2-fix-infinite-loop.patch @@ -0,0 +1,110 @@ +diff -urN telnet-bsd-1.2/telnet/commands.c telnet-bsd-1.2_patched/telnet/commands.c +--- telnet-bsd-1.2/telnet/commands.c 2005-06-02 10:12:51.000000000 +0200 ++++ telnet-bsd-1.2_patched/telnet/commands.c 2014-09-30 16:07:39.772644812 +0200 +@@ -2534,8 +2534,7 @@ + env_export ((unsigned char *) "USER"); + } + call (status, "status", "notmuch", 0); +- if (sigsetjmp (peerdied, 1) == 0) +- telnet (user); ++ telnet (user); + NetClose (net); + ExitString ("Connection closed by foreign host.\r\n", 1); + /*NOTREACHED*/ return 0; +diff -urN telnet-bsd-1.2/telnet/externs.h telnet-bsd-1.2_patched/telnet/externs.h +--- telnet-bsd-1.2/telnet/externs.h 2005-06-01 13:42:23.000000000 +0200 ++++ telnet-bsd-1.2_patched/telnet/externs.h 2014-09-30 16:09:03.141437234 +0200 +@@ -174,7 +174,6 @@ + SetNetTrace (char *); /* Function to change where debugging goes */ + + extern sigjmp_buf +- peerdied, + toplevel; /* For error conditions. */ + + /* authenc.c */ +diff -urN telnet-bsd-1.2/telnet/network.c telnet-bsd-1.2_patched/telnet/network.c +--- telnet-bsd-1.2/telnet/network.c 2004-02-13 22:52:24.000000000 +0100 ++++ telnet-bsd-1.2_patched/telnet/network.c 2014-09-30 16:10:05.365071096 +0200 +@@ -142,7 +142,7 @@ + perror(hostname); + (void)NetClose(net); + ring_clear_mark(&netoring); +- siglongjmp(peerdied, -1); ++ ExitString("Connection closed by foreign host.\n", 1); + /*NOTREACHED*/ + } + n = 0; +diff -urN telnet-bsd-1.2/telnet/sys_bsd.c telnet-bsd-1.2_patched/telnet/sys_bsd.c +--- telnet-bsd-1.2/telnet/sys_bsd.c 2004-02-14 14:20:04.000000000 +0100 ++++ telnet-bsd-1.2_patched/telnet/sys_bsd.c 2014-09-30 16:30:14.601380247 +0200 +@@ -778,15 +778,6 @@ + + /* ARGSUSED */ + static void +-deadpeer (int sig) +-{ +- (void) sig; +- setcommandmode (); +- siglongjmp (peerdied, -1); +-} +- +- /* ARGSUSED */ +-static void + intr (int sig) + { + (void) sig; +@@ -856,7 +847,7 @@ + { + (void) signal (SIGINT, intr); + (void) signal (SIGQUIT, intr2); +- (void) signal (SIGPIPE, deadpeer); ++ (void) signal(SIGPIPE, SIG_IGN); + #ifdef SIGWINCH + (void) signal (SIGWINCH, sendwin); + #endif +diff -urN telnet-bsd-1.2/telnet/telnet.c telnet-bsd-1.2_patched/telnet/telnet.c +--- telnet-bsd-1.2/telnet/telnet.c 2005-06-02 10:09:46.000000000 +0200 ++++ telnet-bsd-1.2_patched/telnet/telnet.c 2014-09-30 16:13:57.158453184 +0200 +@@ -107,7 +107,6 @@ + static int telrcv_state; + + sigjmp_buf toplevel; +-sigjmp_buf peerdied; + + int flushline; + int linemode; +diff -urN telnet-bsd-1.2/telnet/terminal.c telnet-bsd-1.2_patched/telnet/terminal.c +--- telnet-bsd-1.2/telnet/terminal.c 2005-06-01 17:33:09.000000000 +0200 ++++ telnet-bsd-1.2_patched/telnet/terminal.c 2014-09-30 16:17:52.934863547 +0200 +@@ -88,7 +88,8 @@ + + + /* +- * Send as much data as possible to the terminal. ++ * Send as much data as possible to the terminal, else exits if ++ * it encounters a permanent failure when writing to the tty. + * + * Return value: + * -1: No useful work done, data waiting to go out. +@@ -130,8 +131,19 @@ + } + ring_consumed(&ttyoring, n); + } +- if (n < 0) +- return -1; ++ if (n < 0) { ++ if (errno == EAGAIN || errno == EINTR) { ++ return -1; ++ } else { ++ ring_consumed(&ttyoring, ring_full_count(&ttyoring)); ++ setconnmode(0); ++ setcommandmode(); ++ NetClose(net); ++ fprintf(stderr, "Write error on local output.\n"); ++ exit(1); ++ } ++ return -1; ++ } + if (n == n0) { + if (n0) + return -1; diff --git a/telnet-bsd-1.2-hostalias.patch b/telnet-bsd-1.2-hostalias.patch new file mode 100644 index 0000000..646c6ca --- /dev/null +++ b/telnet-bsd-1.2-hostalias.patch @@ -0,0 +1,48 @@ +Index: telnet-bsd-1.2/telnet/commands.c +=================================================================== +--- telnet-bsd-1.2.orig/telnet/commands.c ++++ telnet-bsd-1.2/telnet/commands.c +@@ -2450,17 +2450,21 @@ tn (int argc, char *argv[]) + error = getaddrinfo (aliasp, "0", &ahints, &ares); + if (error) + { ++ printf ("Couldn't get address for %s\n", aliasp); + warn ("%s: %s", aliasp, gai_strerror (error)); + close (net); +- freeaddrinfo (ares); ++ net = -1; + continue; + } + + if (bind (net, ares->ai_addr, ares->ai_addrlen) < 0) + { ++ printf ("Couldn't bind to %s\n", aliasp); + perror (aliasp); + close (net); /* dump descriptor */ +- return 0; ++ net = -1; ++ freeaddrinfo (ares); ++ continue; + } + freeaddrinfo (ares); + } +Index: telnet-bsd-1.2/telnet/telnet.1 +=================================================================== +--- telnet-bsd-1.2.orig/telnet/telnet.1 ++++ telnet-bsd-1.2/telnet/telnet.1 +@@ -121,12 +121,11 @@ The name used is that of the current use + .Xr getlogin 2 + if it agrees with the current user ID, + otherwise it is the name associated with the user ID. +-.It Fl b Ar hostalias ++.It Fl b Ar ip_address + Uses + .Xr bind 2 +-on the local socket to bind it to an aliased address (see +-.Xr ifconfig 8 +-and the ``alias'' specifier) or to the address of ++on the local socket to bind it to an aliased ip address ++or to the ip address of + another interface than the one naturally chosen by + .Xr connect 2 . + This can be useful when connecting to services which use IP addresses diff --git a/telnet-bsd-1.2-man-page.patch b/telnet-bsd-1.2-man-page.patch new file mode 100644 index 0000000..7dac01d --- /dev/null +++ b/telnet-bsd-1.2-man-page.patch @@ -0,0 +1,12 @@ +--- telnet/telnet.1 ++++ telnet/telnet.1 +@@ -609,7 +609,8 @@ + in the + user's home directory is opened. Lines beginning with a ``#'' are + comment lines. Blank lines are ignored. Lines that begin +-without white space are the start of a machine entry. The ++without white space are the start of a machine entry, use DEFAULT ++as machine name to match every connection. The + first thing on the line is the name of the machine that is + being connected to. The rest of the line, and successive + lines that begin with white space are assumed to be diff --git a/telnet-bsd-1.2-no_gethostbyname.patch b/telnet-bsd-1.2-no_gethostbyname.patch new file mode 100644 index 0000000..403c16c --- /dev/null +++ b/telnet-bsd-1.2-no_gethostbyname.patch @@ -0,0 +1,53 @@ +Index: telnet/commands.c +=================================================================== +--- telnet/commands.c.orig 2005-06-02 10:12:51.000000000 +0200 ++++ telnet/commands.c 2009-05-22 01:27:21.108685000 +0200 +@@ -1850,9 +1850,16 @@ env_init (void) + /* If this is not the full name, try to get it via DNS */ + if (strchr (hbuf, '.') == 0) + { +- struct hostent *he = gethostbyname (hbuf); +- if (he != 0) +- strncpy (hbuf, he->h_name, sizeof hbuf - 1); ++ struct addrinfo hints; ++ struct addrinfo *res; ++ memset (&hints, '\0', sizeof (hints)); ++ hints.ai_flags = AI_V4MAPPED | AI_ADDRCONFIG | AI_CANONNAME; ++ if (getaddrinfo (hbuf, NULL, &hints, &res) == 0) { ++ if (res->ai_canonname != NULL) ++ strncpy(hbuf, res->ai_canonname, sizeof hbuf-1); ++ freeaddrinfo (res); ++ } ++ + hbuf[sizeof hbuf - 1] = '\0'; + } + +@@ -2919,19 +2926,16 @@ sourceroute (char *arg, char **cpp, int + } + if (!c) + cp2 = 0; ++ struct addrinfo hints; ++ memset (&hints, '\0', sizeof (hints)); ++ // XXX The code here seems to allow only IPv4 addresses. ++ hints.ai_family = AF_INET; ++ hints.ai_flags = AI_ADDRCONFIG; ++ struct addrinfo *aires; ++ if (getaddrinfo (cp, NULL, &hints, &aires) == 0) { ++ sin_addr = ((struct sockaddr_in *) aires->ai_addr)->sin_addr; ++ freeaddrinfo (aires); + +- if ((tmp = inet_addr (cp)) != -1) +- { +- sin_addr.s_addr = tmp; +- } +- else if ((host = gethostbyname (cp))) +- { +-#if defined(h_addr) +- memmove ((caddr_t) & sin_addr, +- host->h_addr_list[0], sizeof (sin_addr)); +-#else +- memmove ((caddr_t) & sin_addr, host->h_addr, sizeof (sin_addr)); +-#endif + } + else + { diff --git a/telnet-bsd-1.2-suppress_hostname.patch b/telnet-bsd-1.2-suppress_hostname.patch new file mode 100644 index 0000000..2544243 --- /dev/null +++ b/telnet-bsd-1.2-suppress_hostname.patch @@ -0,0 +1,92 @@ +Index: telnetd/global.c +=================================================================== +--- telnetd/global.c.orig 2012-01-02 23:23:52.000000000 +0000 ++++ telnetd/global.c 2012-01-02 23:23:55.000000000 +0000 +@@ -38,6 +38,7 @@ char do_dont_resp[256]; + char will_wont_resp[256]; + int linemode; /* linemode on/off */ + int utmp_len = MAXHOSTNAMELEN; ++int login_suppress_hostname; /* Pass -H to /bin/login */ + + #ifdef LINEMODE + int uselinemode; /* what linemode to use (on/off) */ +Index: telnetd/sys_term.c +=================================================================== +--- telnetd/sys_term.c.orig 2012-01-02 23:23:52.000000000 +0000 ++++ telnetd/sys_term.c 2012-01-02 23:23:55.000000000 +0000 +@@ -767,6 +767,10 @@ start_login (const char *host) + } + } + closelog (); ++ ++ if (login_suppress_hostname) ++ addarg(&avs, "-H"); ++ + /* execv() should really take char const* const *, but it can't */ + /*argvfoo = argv */ ; + memcpy (&argvfoo, &avs.argv, sizeof (argvfoo)); +Index: telnetd/telnetd.c +=================================================================== +--- telnetd/telnetd.c.orig 2012-01-02 23:23:52.000000000 +0000 ++++ telnetd/telnetd.c 2012-01-02 23:23:55.000000000 +0000 +@@ -65,7 +65,7 @@ extern void usage (void); + * that only the actual options that we support will be + * passed off to getopt(). + */ +-char *valid_opts = "d:L:hnS:u:UD:46" ++char *valid_opts = "d:L:hnS:u:UD:46H" + #ifdef LINEMODE + "kl" + #endif +@@ -176,6 +176,9 @@ main (int argc, char *argv[], char *env[ + case '6': + family = AF_INET6; + break; ++ case 'H': ++ login_suppress_hostname = 1; ++ break; + + default: + fprintf(stderr, "telnetd: %c: unknown option\n", ch); +@@ -290,6 +293,7 @@ usage() + syslog(LOG_ERR, "usage: telnetd [-debug]" + " [-D (options|report|exercise|netdata|ptydata)]\n\t" + " [-h]" ++ " [-H]" + #if defined(LINEMODE) && defined(KLUDGELINEMODE) + " [-k]" + #endif +Index: telnetd/ext.h +=================================================================== +--- telnetd/ext.h.orig 2012-01-02 23:23:52.000000000 +0000 ++++ telnetd/ext.h 2012-01-02 23:23:55.000000000 +0000 +@@ -36,6 +36,7 @@ extern char do_dont_resp[256]; + extern char will_wont_resp[256]; + extern int linemode; /* linemode on/off */ + extern int utmp_len; ++extern int login_suppress_hostname; + + #ifdef LINEMODE + extern int uselinemode; /* what linemode to use (on/off) */ +Index: telnetd/in.telnetd.8 +=================================================================== +--- telnetd/in.telnetd.8.orig 2012-01-02 23:23:52.000000000 +0000 ++++ telnetd/in.telnetd.8 2012-01-02 23:23:55.000000000 +0000 +@@ -36,7 +36,7 @@ + protocol server + .Sh SYNOPSIS + .Nm in.telnetd +-.Op Fl Uhlkn46 ++.Op Fl Uhlkn46H + .Op Fl D Ar debugmode + .Op Fl I Ns Ar initid + .Op Fl S Ar tos +@@ -118,6 +118,8 @@ in + .It Fl h + Disables the printing of host-specific information before + login has been completed. ++.It Fl H ++Instruct the login program to suppress printing the hostname before the prompt. + .It Fl I Ar initid + This option is only applicable to + .Tn UNICOS diff --git a/telnet-bsd-1.2.tar.bz2 b/telnet-bsd-1.2.tar.bz2 new file mode 100644 index 0000000..093f139 --- /dev/null +++ b/telnet-bsd-1.2.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d6a9d26740ef75565cb1ed8ff11e327d240e6734748b2d1d2e96c126849e4733 +size 194518 diff --git a/telnet.changes b/telnet.changes new file mode 100644 index 0000000..cdd50b8 --- /dev/null +++ b/telnet.changes @@ -0,0 +1,244 @@ +------------------------------------------------------------------- +Mon Feb 26 12:33:43 UTC 2024 - pgajdos@suse.com + +- Use %patch -P N instead of deprecated %patchN. + +------------------------------------------------------------------- +Fri Oct 21 14:47:08 UTC 2022 - Danilo Spinella + +- Fix CVE-2022-39028, NULL pointer dereference in telnetd + (CVE-2022-39028, bsc#1203759) + CVE-2022-39028.patch + +------------------------------------------------------------------- +Wed Dec 15 17:52:32 UTC 2021 - Danilo Spinella + +- Update Source location to use Gentoo mirror, fixes bsc#1129925 +- Run spec-cleaner + +------------------------------------------------------------------- +Thu Oct 31 10:05:12 UTC 2019 - Fabian Vogt + +- Move netcfg and systemd requires to -server subpackage + +------------------------------------------------------------------- +Fri Jul 26 10:54:10 UTC 2019 - matthias.gerstner@suse.com + +- removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by + firewalld, see [1]. + + [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html + +------------------------------------------------------------------- +Tue May 29 14:04:29 UTC 2018 - kstreitova@suse.com + +- add telnet.target that incorporates telnet.socket and + telnet@.service. Adjust systemd service_* macros parameters and + use this target instead of telnet@.service for stop/restart cases + where telnet@.service cannot be used but telnet.target can + [bsc#1093174] + +------------------------------------------------------------------- +Fri Jun 16 11:05:56 UTC 2017 - aliouliaki@suse.com + +- Removed xinetd service +- Added telnet@.service and telnet.socket +- Cleanup of telnet.spec + +------------------------------------------------------------------- +Thu Feb 2 15:12:48 UTC 2017 - dimstar@opensuse.org + +- Switch to ncurses6: use ncurses6-config to find the correct + CFLAGS and libraries. + +------------------------------------------------------------------- +Wed Oct 15 12:25:31 UTC 2014 - kstreitova@suse.com + +- added telnet-bsd-1.2-fix-infinite-loop.patch that fixes the + generating an infinite loop (bnc#898481) + +------------------------------------------------------------------- +Mon Oct 6 09:06:29 UTC 2014 - kstreitova@suse.com + +- url was repaired + +------------------------------------------------------------------- +Fri Oct 3 18:26:38 UTC 2014 - kstreitova@suse.com + +- spec-cleaner used for cleaning the specfile up +- "export NO_BRP_STRIP_DEBUG=true" removed from specfile + +------------------------------------------------------------------- +Fri Apr 5 10:33:01 UTC 2013 - idonmez@suse.com + +- Add Source URL, see https://en.opensuse.org/SourceUrls + +------------------------------------------------------------------- +Mon Jan 2 23:44:46 UTC 2012 - andreas.stieger@gmx.de + +- removed telnet-bsd-1.2-tinfo.patch + Replacing -lncurses with -ltinfo doesn't seem to be required and + it actually breaks builds +- refresh telnet-bsd-1.2-suppress_hostname.patch +- remove makros from patch names +- use makros for configure, make and make install + +------------------------------------------------------------------- +Thu Nov 24 11:06:45 UTC 2011 - vcizek@suse.com + +- added -ltinfo instead of -lncurses + +------------------------------------------------------------------- +Thu Jun 30 09:29:53 UTC 2011 - vcizek@novell.com + +- exit cleanly, when hostalias cannot be resolved (bnc#700229) +- made manpage more clear about the -b option + +------------------------------------------------------------------- +Wed Sep 30 13:29:18 UTC 2009 - crrodriguez@opensuse.org + +- telnet-server does require xinetd + +------------------------------------------------------------------- +Fri May 22 14:18:35 CEST 2009 - crrodriguez@suse.de + +- do not use gethostbyname(3) but getaddrinfo(3) patch by Ulrich Drepper. + +------------------------------------------------------------------- +Sat Aug 30 20:13:23 CEST 2008 - cthiel@suse.de + +- fix build with latests ncurses + +------------------------------------------------------------------- +Wed Apr 9 12:02:40 CEST 2008 - jsrain@suse.cz + +- fixed description for ports information for SuSEfirewall + (bnc #373969) + +------------------------------------------------------------------- +Mon Jan 7 11:33:21 CET 2008 - mskibbe@suse.de + +- Bug 351197 - several packages use wrong dir for SuSEfirewall2 + services files + +------------------------------------------------------------------- +Thu Mar 29 13:22:24 CEST 2007 - dmueller@suse.de + +- add ncurses-devel BuildRequires + +------------------------------------------------------------------- +Fri Mar 2 13:22:34 CET 2007 - mskibbe@suse.de + +- telnet-server : Support for FATE #300687: Ports for SuSEfirewall + added via packages (#250570) + +------------------------------------------------------------------- +Mon Dec 4 10:09:24 CET 2006 - mskibbe@suse.de + +- fix Bug #224847(telnet man page does not mention DEFAULT for + .telnetrc) + +------------------------------------------------------------------- +Fri May 19 13:55:02 CEST 2006 - kssingvo@suse.de + +- added option -H to suppress hostname (bugzilla#175376) + +------------------------------------------------------------------- +Wed Jan 25 21:42:03 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Thu Jun 16 10:14:20 CEST 2005 - mmj@suse.de + +- Compile with -fpie, link with -pie + +------------------------------------------------------------------- +Thu Jun 2 10:24:48 CEST 2005 - kukuk@suse.de + +- Update to version 1.2 (-fpie/-pie support, latest security fixes) + +------------------------------------------------------------------- +Tue Apr 5 08:12:10 CEST 2005 - mmj@suse.de + +- execl(..., 0) -> execl(..., NULL) + +------------------------------------------------------------------- +Fri Jun 11 17:17:41 CEST 2004 - mmj@suse.de + +- Apply patch to avoid deadlock [#41864] + +------------------------------------------------------------------- +Wed Feb 25 15:56:05 CET 2004 - schwab@suse.de + +- Make sure _POSIX_VDISABLE is properly defined. + +------------------------------------------------------------------- +Sat Feb 14 15:00:48 CET 2004 - kukuk@suse.de + +- Update to telnet-bsd 1.1: + - Fix -L option + - Fix missing prototypes + - Merge all patches + +------------------------------------------------------------------- +Thu Oct 16 11:52:26 CEST 2003 - mmj@suse.de + +- Don't build as root + +------------------------------------------------------------------- +Tue May 13 10:32:01 CEST 2003 - mmj@suse.de + +- Use %defattr + +------------------------------------------------------------------- +Fri Mar 7 15:46:35 CET 2003 - ro@suse.de + +- remove empty server_args line in xinetd config file + +------------------------------------------------------------------- +Fri Jan 24 12:16:51 CET 2003 - mmj@suse.de + +- Dont use permission 755 for the xinetd file + +------------------------------------------------------------------- +Fri Jan 24 11:41:26 CET 2003 - mmj@suse.de + +- Add xinetd configuration file + +------------------------------------------------------------------- +Wed Dec 4 15:56:17 CET 2002 - mmj@suse.de + +- Fix one version of strcpy, gotten from the OpenBSD tree + +------------------------------------------------------------------- +Wed Feb 13 16:58:55 MET 2002 - mmj@suse.de + +- Increased the temporary buffer size in telnet to fix problem + with long hostnames when telnetting to a Solaris box. + +------------------------------------------------------------------- +Tue Aug 14 13:54:53 CEST 2001 - kukuk@suse.de + +- Add more fixes for possible security problems + +------------------------------------------------------------------- +Fri Jul 27 11:09:03 CEST 2001 - kukuk@suse.de + +- Add fix for possible problems with buffer overruns + +------------------------------------------------------------------- +Mon Apr 2 09:48:04 CEST 2001 - kukuk@suse.de + +- Add Obsolete for nkitserv + +------------------------------------------------------------------- +Thu Mar 22 18:51:02 CET 2001 - ro@suse.de + +- added split-aliases as provides + +------------------------------------------------------------------- +Tue Mar 13 16:29:27 CET 2001 - kukuk@suse.de + +- Initial package, split from nkitb + diff --git a/telnet.socket b/telnet.socket new file mode 100644 index 0000000..254d8cc --- /dev/null +++ b/telnet.socket @@ -0,0 +1,11 @@ +[Unit] +Description=Telnet Server Activation Socket +Documentation=man:telnetd(8) +PartOf=telnet.target + +[Socket] +ListenStream=23 +Accept=true + +[Install] +WantedBy=sockets.target diff --git a/telnet.spec b/telnet.spec new file mode 100644 index 0000000..9a869d3 --- /dev/null +++ b/telnet.spec @@ -0,0 +1,124 @@ +# +# spec file for package telnet +# +# Copyright (c) 2022 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: telnet +Version: 1.2 +Release: 0 +Summary: A client program for the telnet remote login protocol +License: BSD-3-Clause +Group: Productivity/Networking/Other +URL: https://svnweb.freebsd.org/base/head/contrib/telnet/ +Source: http://distfiles.gentoo.org/distfiles/f3/telnet-bsd-%{version}.tar.bz2 +Source3: telnet.socket +Source4: telnet@.service +Source5: telnet.target +Patch1: telnet-bsd-1.2-suppress_hostname.patch +Patch2: telnet-bsd-1.2-man-page.patch +Patch3: telnet-bsd-1.2-no_gethostbyname.patch +#PATCH-FIX-UPSTREAM fix crash when using -b option bnc#700229 +Patch4: telnet-bsd-1.2-hostalias.patch +#PATCH-FIX-UPSTREAM bnc#898481 kstreitova@suse.com -- fix the infinite loop consumes an entire CPU +Patch5: telnet-bsd-1.2-fix-infinite-loop.patch +# PATCH-FIX-SECURITY bsc#1203759 danilo.spinella@suse.com CVE-2022-39028 +# NULL pointer dereference in telnetd +Patch6: CVE-2022-39028.patch +BuildRequires: ncurses-devel +BuildRequires: systemd-rpm-macros +Provides: nkitb:%{_bindir}/telnet + +%description +Telnet is an old protocol for logging into remote systems. It is +rarely used, since the transfer is not encrypted (ssh is mostly used +these days). The telnet client is often used for debugging other +network services. The command + +telnet localhost 25 + +connects to the local smtp server, for example. + +%package server +Summary: A Server Program for the Telnet Remote Login Protocol +Group: Productivity/Networking/Other +Requires: netcfg +Provides: nkitserv:%{_sbindir}/in.telnetd +Obsoletes: nkitserv +%{?systemd_requires} + +%description server +Telnet is a popular protocol for logging into remote systems. This +package provides the telnet daemon, which will allow remote logins into +this machine. + +%prep +%setup -q -n telnet-bsd-%{version} +%patch -P 1 +%patch -P 2 +%patch -P 3 +%patch -P 4 -p1 +%patch -P 5 -p1 +%patch -P 6 -p1 + +%build +export CFLAGS="%{optflags} -fpie $(ncurses6-config --cflags)" +export LDFLAGS="-pie $(ncurses6-config --libs)" +%configure +%make_build + +%install +install -d -m 755 %{buildroot}%{_bindir} +install -d -m 755 %{buildroot}%{_sbindir} +install -d -m 755 %{buildroot}%{_mandir}/man1 +install -d -m 755 %{buildroot}%{_mandir}/man5 +install -d -m 755 %{buildroot}%{_mandir}/man8 +%make_install +install -D -m 644 %{SOURCE3} %{buildroot}/%{_unitdir}/telnet.socket +install -D -m 644 %{SOURCE4} %{buildroot}/%{_unitdir}/telnet@.service +install -D -m 644 %{SOURCE5} %{buildroot}/%{_unitdir}/telnet.target + +%files +%defattr(644,root,root,755) +%license COPYING +%doc ChangeLog README NEWS +%attr(755,root,root) %{_bindir}/telnet +%{_mandir}/man1/telnet.1%{?ext_man} + +%files server +%defattr(644,root,root,755) +%license COPYING +%doc ChangeLog README NEWS +%{_mandir}/man8/in.telnetd.8%{?ext_man} +%{_mandir}/man8/telnetd.8%{?ext_man} +%{_mandir}/man5/issue.net.5%{?ext_man} +%attr(755,root,root) %{_sbindir}/in.telnetd +%{_unitdir}/telnet@.service +%{_unitdir}/telnet.socket +%{_unitdir}/telnet.target + +%pre server +%service_add_pre telnet.socket + +%post server +%service_add_post telnet.socket + +%preun server +%service_del_preun telnet.target + +%postun server +%service_del_postun telnet.target + +%changelog diff --git a/telnet.target b/telnet.target new file mode 100644 index 0000000..c68843a --- /dev/null +++ b/telnet.target @@ -0,0 +1,2 @@ +[Unit] +Description=Telnet target allowing to control multi setup diff --git a/telnet@.service b/telnet@.service new file mode 100644 index 0000000..4147d36 --- /dev/null +++ b/telnet@.service @@ -0,0 +1,8 @@ +[Unit] +Description=Telnet Server +After=local-fs.target +PartOf=telnet.target + +[Service] +ExecStart=-/usr/sbin/in.telnetd +StandardInput=socket