pool/socat
SHA256
3
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 862448 from home:dirkmueller:branches:network:utilities

Browse Source 
- update to 1.7.4.1:
  Security:
  * Buffer size option (-b) is internally doubled for CR-CRLF conversion,
    but not checked for integer overflow. This could lead to heap based buffer
    overflow, assuming the attacker could provide this parameter. 
  * Many further bugfixes and new features, see the CHANGES file

OBS-URL: https://build.opensuse.org/request/show/862448
OBS-URL: https://build.opensuse.org/package/show/network:utilities/socat?expand=0&rev=56
This commit is contained in:
Marcus Meissner 2021-01-25 10:11:49 +00:00 committed by Git OBS Bridge
parent b46595f05a
commit d258c3f182
6 changed files with 29 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
socat-1.7.3.4.tar.bz2
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:972374ca86f65498e23e3259c2ee1b8f9dbeb04d12c2a78c0c9b5d1cb97dfdfc
size 490552

3
socat-1.7.4.1.tar.bz2 Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:3faca25614e89123dff5045680549ecef519d02e331aaf3c4f5a8f6837c675e9
size 510101

29
socat-common-fixes.patch
View File

@ -1,7 +1,7 @@
Index: socat-1.7.3.4/filan.c Index: socat-1.7.4.1/filan.c
=================================================================== ===================================================================
--- socat-1.7.3.4.orig/filan.c --- socat-1.7.4.1.orig/filan.c
+++ socat-1.7.3.4/filan.c +++ socat-1.7.4.1/filan.c
@@ -20,6 +20,10 @@ @@ -20,6 +20,10 @@
#include "filan.h" #include "filan.h"
@ -13,21 +13,10 @@ Index: socat-1.7.3.4/filan.c
struct sockopt { struct sockopt {
int so; int so;
@@ -28,10 +32,6 @@ struct sockopt { Index: socat-1.7.4.1/procan.c
static int filan_streams_analyze(int fd, FILE *outfile);
-/* dirty workaround so we dont get an error on AIX when being linked with
- libwrap */
-int allow_severity, deny_severity;
-
/* global variables for configuring filan */
bool filan_followsymlinks;
bool filan_rawoutput;
Index: socat-1.7.3.4/procan.c
=================================================================== ===================================================================
--- socat-1.7.3.4.orig/procan.c --- socat-1.7.4.1.orig/procan.c
+++ socat-1.7.3.4/procan.c +++ socat-1.7.4.1/procan.c
@@ -16,6 +16,9 @@ @@ -16,6 +16,9 @@
#include "filan.h" #include "filan.h"
@ -38,10 +27,10 @@ Index: socat-1.7.3.4/procan.c
#include "procan.h" #include "procan.h"
Index: socat-1.7.3.4/xio-tcpwrap.c Index: socat-1.7.4.1/xio-tcpwrap.c
=================================================================== ===================================================================
--- socat-1.7.3.4.orig/xio-tcpwrap.c --- socat-1.7.4.1.orig/xio-tcpwrap.c
+++ socat-1.7.3.4/xio-tcpwrap.c +++ socat-1.7.4.1/xio-tcpwrap.c
@@ -13,6 +13,7 @@ @@ -13,6 +13,7 @@
#include "xio-tcpwrap.h" #include "xio-tcpwrap.h"

10
socat-ignore-tests-failure-boo1078346.patch
View File

@ -10,12 +10,12 @@ Signed-off-by: Michel Normand <normand@linux.vnet.ibm.com>
test.sh | 2 +- test.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-) 1 file changed, 1 insertion(+), 1 deletion(-)
Index: socat-1.7.3.4/test.sh Index: socat-1.7.4.1/test.sh
=================================================================== ===================================================================
--- socat-1.7.3.4.orig/test.sh --- socat-1.7.4.1.orig/test.sh
+++ socat-1.7.3.4/test.sh +++ socat-1.7.4.1/test.sh
@@ -13224,7 +13224,7 @@ echo "summary: $((N-1)) tests, $((numOK+ @@ -15042,7 +15042,7 @@ if [ "$numCANT" -gt 0 ]; then
fi
if [ "$numFAIL" -gt 0 ]; then if [ "$numFAIL" -gt 0 ]; then
echo "FAILED: $listFAIL" echo "FAILED: $listFAIL"
- exit 1 - exit 1

10
socat.changes
View File

@ -1,3 +1,13 @@
-------------------------------------------------------------------
Mon Jan 11 22:24:07 UTC 2021 - Dirk Müller <dmueller@suse.com>
- update to 1.7.4.1:
Security:
* Buffer size option (-b) is internally doubled for CR-CRLF conversion,
but not checked for integer overflow. This could lead to heap based buffer
overflow, assuming the attacker could provide this parameter.
* Many further bugfixes and new features, see the CHANGES file
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Apr 17 06:58:23 UTC 2020 - Martin Pluskal <mpluskal@suse.com> Fri Apr 17 06:58:23 UTC 2020 - Martin Pluskal <mpluskal@suse.com>

4
socat.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package socat # spec file for package socat
# #
# Copyright (c) 2020 SUSE LLC # Copyright (c) 2021 SUSE LLC
# Copyright (c) 2010 Pascal Bleser <pascal.bleser@opensuse.org> # Copyright (c) 2010 Pascal Bleser <pascal.bleser@opensuse.org>
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
@ -18,7 +18,7 @@
Name: socat Name: socat
Version: 1.7.3.4 Version: 1.7.4.1
Release: 0 Release: 0
Summary: Multipurpose relay for bidirectional data transfer Summary: Multipurpose relay for bidirectional data transfer
License: SUSE-GPL-2.0-with-openssl-exception AND MIT License: SUSE-GPL-2.0-with-openssl-exception AND MIT