From 1cceec7736c107ce7864cccce1a98b530da559ad0e53702104ea6323af90ee4b Mon Sep 17 00:00:00 2001
From: Marcus Meissner <meissner@suse.com>
Date: Fri, 2 Jun 2017 09:48:09 +0000
Subject: [PATCH 1/3] Accepting request 495541 from home:Andreas_Schwab:Factory

- svc-freeargs: always call svc_freeargs, even if svc_getargs failed
  (bsc#1037559, CVE-2017-8779)

OBS-URL: https://build.opensuse.org/request/show/495541
OBS-URL: https://build.opensuse.org/package/show/network/rpcbind?expand=0&rev=70
---
 rpcbind.changes    |  6 ++++++
 rpcbind.spec       |  2 ++
 svc-freeargs.patch | 26 ++++++++++++++++++++++++++
 3 files changed, 34 insertions(+)
 create mode 100644 svc-freeargs.patch

diff --git a/rpcbind.changes b/rpcbind.changes
index 7126c2e..936906d 100644
--- a/rpcbind.changes
+++ b/rpcbind.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed May 17 09:14:15 UTC 2017 - schwab@suse.de
+
+- svc-freeargs: always call svc_freeargs, even if svc_getargs failed
+  (bsc#1037559, CVE-2017-8779)
+
 -------------------------------------------------------------------
 Tue May  2 13:58:57 CEST 2017 - kukuk@suse.de
 
diff --git a/rpcbind.spec b/rpcbind.spec
index 48c2f6c..05c164f 100644
--- a/rpcbind.spec
+++ b/rpcbind.spec
@@ -53,6 +53,7 @@ Patch12:        0012-Move-default-state-dir-to-a-subdirectory-of-var-run.patch
 Patch14:        0014-When-using-systemd-redirect-syslog-calls-to-the-syst.patch
 Patch30:        0030-systemd-fix-rmtcall.patch
 Patch31:        0031-rpcbind-manpage.patch
+Patch32:        svc-freeargs.patch
 
 %{?systemd_requires}
 Provides:       portmap
@@ -81,6 +82,7 @@ cp %{SOURCE4} .
 #%patch14 -p1
 #%patch30 -p1
 %patch31 -p1
+%patch32 -p1
 
 %build
 autoreconf -fiv
diff --git a/svc-freeargs.patch b/svc-freeargs.patch
new file mode 100644
index 0000000..a23e145
--- /dev/null
+++ b/svc-freeargs.patch
@@ -0,0 +1,26 @@
+Index: rpcbind-0.2.3/src/rpcb_svc.c
+===================================================================
+--- rpcbind-0.2.3.orig/src/rpcb_svc.c
++++ rpcbind-0.2.3/src/rpcb_svc.c
+@@ -166,7 +166,7 @@ rpcb_service_3(struct svc_req *rqstp, SV
+ 		svcerr_decode(transp);
+ 		if (debugging)
+ 			(void) xlog(LOG_DEBUG, "rpcbind: could not decode");
+-		return;
++		goto done;
+ 	}
+ 
+ 	if (rqstp->rq_proc == RPCBPROC_SET
+Index: rpcbind-0.2.3/src/rpcb_svc_4.c
+===================================================================
+--- rpcbind-0.2.3.orig/src/rpcb_svc_4.c
++++ rpcbind-0.2.3/src/rpcb_svc_4.c
+@@ -220,7 +220,7 @@ rpcb_service_4(struct svc_req *rqstp, SV
+ 		svcerr_decode(transp);
+ 		if (debugging)
+ 			(void) xlog(LOG_DEBUG, "rpcbind: could not decode\n");
+-		return;
++		goto done;
+ 	}
+ 
+ 	if (rqstp->rq_proc == RPCBPROC_SET

From 2f16408ad4759dbbcd4699082460ba3476cc648509ce2357cb8cc679ee898c89 Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <kukuk@suse.com>
Date: Sat, 19 Aug 2017 06:51:37 +0000
Subject: [PATCH 2/3] Accepting request 517652 from home:kukuk:branches:network

- Add BuildRequires libnsl-devel (needed for obsoleting nsl in
  glibc)

OBS-URL: https://build.opensuse.org/request/show/517652
OBS-URL: https://build.opensuse.org/package/show/network/rpcbind?expand=0&rev=71
---
 rpcbind.changes | 6 ++++++
 rpcbind.spec    | 3 +++
 2 files changed, 9 insertions(+)

diff --git a/rpcbind.changes b/rpcbind.changes
index 936906d..58eca6e 100644
--- a/rpcbind.changes
+++ b/rpcbind.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Wed Aug 16 10:34:13 CEST 2017 - kukuk@suse.de
+
+- Add BuildRequires libnsl-devel (needed for obsoleting nsl in 
+  glibc)
+
 -------------------------------------------------------------------
 Wed May 17 09:14:15 UTC 2017 - schwab@suse.de
 
diff --git a/rpcbind.spec b/rpcbind.spec
index 05c164f..ec2df21 100644
--- a/rpcbind.spec
+++ b/rpcbind.spec
@@ -28,6 +28,9 @@ Source2:        sysconfig.rpcbind
 Source3:        rpcbind.xml
 Source4:        pmap_set.c
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+%if 0%{?suse_version} >= 1330
+BuildRequires:  libnsl-devel
+%endif
 BuildRequires:  libtirpc-devel >= 1.0.1
 BuildRequires:  libtool
 BuildRequires:  pkgconfig

From 58a816103f1a17625287d03fe21083273bddc7ab11af724e5f0a03eac09f0108 Mon Sep 17 00:00:00 2001
From: Thorsten Kukuk <kukuk@suse.com>
Date: Sat, 19 Aug 2017 08:34:28 +0000
Subject: [PATCH 3/3] - svc-freeargs.patch: always call svc_freeargs, even if
 svc_getargs   failed (bsc#1037559, CVE-2017-8779)

OBS-URL: https://build.opensuse.org/package/show/network/rpcbind?expand=0&rev=72
---
 rpcbind.changes | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/rpcbind.changes b/rpcbind.changes
index 58eca6e..78fea91 100644
--- a/rpcbind.changes
+++ b/rpcbind.changes
@@ -7,8 +7,8 @@ Wed Aug 16 10:34:13 CEST 2017 - kukuk@suse.de
 -------------------------------------------------------------------
 Wed May 17 09:14:15 UTC 2017 - schwab@suse.de
 
-- svc-freeargs: always call svc_freeargs, even if svc_getargs failed
-  (bsc#1037559, CVE-2017-8779)
+- svc-freeargs.patch: always call svc_freeargs, even if svc_getargs
+  failed (bsc#1037559, CVE-2017-8779)
 
 -------------------------------------------------------------------
 Tue May  2 13:58:57 CEST 2017 - kukuk@suse.de