Accepting request 862448 from home:dirkmueller:branches:network:utilities

- update to 1.7.4.1: Security: * Buffer size option (-b) is internally doubled for CR-CRLF conversion, but not checked for integer overflow. This could lead to heap based buffer overflow, assuming the attacker could provide this parameter. * Many further bugfixes and new features, see the CHANGES file OBS-URL: https://build.opensuse.org/request/show/862448 OBS-URL: https://build.opensuse.org/package/show/network:utilities/socat?expand=0&rev=56
2021-01-25 10:11:49 +00:00 · 2021-01-25 10:11:49 +00:00 · d258c3f182
commit d258c3f182
parent b46595f05a
6 changed files with 29 additions and 30 deletions
--- a/socat-1.7.3.4.tar.bz2
+++ b/socat-1.7.3.4.tar.bz2
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:972374ca86f65498e23e3259c2ee1b8f9dbeb04d12c2a78c0c9b5d1cb97dfdfc
-size 490552
--- a/socat-1.7.4.1.tar.bz2
+++ b/socat-1.7.4.1.tar.bz2
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3faca25614e89123dff5045680549ecef519d02e331aaf3c4f5a8f6837c675e9
+size 510101
--- a/socat-common-fixes.patch
+++ b/socat-common-fixes.patch
@ -1,7 +1,7 @@
-Index: socat-1.7.3.4/filan.c
+Index: socat-1.7.4.1/filan.c
 ===================================================================
--- socat-1.7.3.4.orig/filan.c
-+++ socat-1.7.3.4/filan.c
+--- socat-1.7.4.1.orig/filan.c
+++ socat-1.7.4.1/filan.c
@@ -20,6 +20,10 @@
 
 #include "filan.h"
@ -13,21 +13,10 @@ Index: socat-1.7.3.4/filan.c
 
 struct sockopt {
    int so;
-@@ -28,10 +32,6 @@ struct sockopt {
- 
- static int filan_streams_analyze(int fd, FILE *outfile);
- 
-/* dirty workaround so we dont get an error on AIX when being linked with
-   libwrap */
-int allow_severity, deny_severity;
-
- /* global variables for configuring filan */
- bool filan_followsymlinks;
- bool filan_rawoutput;
-Index: socat-1.7.3.4/procan.c
+Index: socat-1.7.4.1/procan.c
 ===================================================================
--- socat-1.7.3.4.orig/procan.c
-+++ socat-1.7.3.4/procan.c
+--- socat-1.7.4.1.orig/procan.c
+++ socat-1.7.4.1/procan.c
@@ -16,6 +16,9 @@
 #include "filan.h"
 
@ -38,10 +27,10 @@ Index: socat-1.7.3.4/procan.c
 
 #include "procan.h"
 
-Index: socat-1.7.3.4/xio-tcpwrap.c
+Index: socat-1.7.4.1/xio-tcpwrap.c
 ===================================================================
--- socat-1.7.3.4.orig/xio-tcpwrap.c
-+++ socat-1.7.3.4/xio-tcpwrap.c
+--- socat-1.7.4.1.orig/xio-tcpwrap.c
+++ socat-1.7.4.1/xio-tcpwrap.c
@@ -13,6 +13,7 @@
 #include "xio-tcpwrap.h"
 
--- a/socat-ignore-tests-failure-boo1078346.patch
+++ b/socat-ignore-tests-failure-boo1078346.patch
@ -10,12 +10,12 @@ Signed-off-by: Michel Normand <normand@linux.vnet.ibm.com>
 test.sh |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

-Index: socat-1.7.3.4/test.sh
+Index: socat-1.7.4.1/test.sh
 ===================================================================
--- socat-1.7.3.4.orig/test.sh
-+++ socat-1.7.3.4/test.sh
-@@ -13224,7 +13224,7 @@ echo "summary: $((N-1)) tests, $((numOK+
- 
+--- socat-1.7.4.1.orig/test.sh
+++ socat-1.7.4.1/test.sh
+@@ -15042,7 +15042,7 @@ if [ "$numCANT" -gt 0 ]; then
+ fi
 if [ "$numFAIL" -gt 0 ]; then
     echo "FAILED: $listFAIL"
 -    exit 1
--- a/socat.changes
+++ b/socat.changes
@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Mon Jan 11 22:24:07 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.7.4.1:
+  Security:
+  * Buffer size option (-b) is internally doubled for CR-CRLF conversion,
+    but not checked for integer overflow. This could lead to heap based buffer
+    overflow, assuming the attacker could provide this parameter. 
+  * Many further bugfixes and new features, see the CHANGES file
+
 -------------------------------------------------------------------
 Fri Apr 17 06:58:23 UTC 2020 - Martin Pluskal <mpluskal@suse.com>

--- a/socat.spec
+++ b/socat.spec
@ -1,7 +1,7 @@
 #
 # spec file for package socat
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
 # Copyright (c) 2010 Pascal Bleser <pascal.bleser@opensuse.org>
 #
 # All modifications and additions to the file contributed by third parties
@ -18,7 +18,7 @@


 Name:           socat
-Version:        1.7.3.4
+Version:        1.7.4.1
 Release:        0
 Summary:        Multipurpose relay for bidirectional data transfer
 License:        SUSE-GPL-2.0-with-openssl-exception AND MIT