Accepting request 862448 from home:dirkmueller:branches:network:utilities

- update to 1.7.4.1:
  Security:
  * Buffer size option (-b) is internally doubled for CR-CRLF conversion,
    but not checked for integer overflow. This could lead to heap based buffer
    overflow, assuming the attacker could provide this parameter. 
  * Many further bugfixes and new features, see the CHANGES file

OBS-URL: https://build.opensuse.org/request/show/862448
OBS-URL: https://build.opensuse.org/package/show/network:utilities/socat?expand=0&rev=56

socat-1.7.3.4.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:972374ca86f65498e23e3259c2ee1b8f9dbeb04d12c2a78c0c9b5d1cb97dfdfc
-size 490552

socat-1.7.4.1.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3faca25614e89123dff5045680549ecef519d02e331aaf3c4f5a8f6837c675e9
+size 510101

socat-common-fixes.patch

@@ -1,7 +1,7 @@
-Index: socat-1.7.3.4/filan.c
+Index: socat-1.7.4.1/filan.c
 ===================================================================
---- socat-1.7.3.4.orig/filan.c
-+++ socat-1.7.3.4/filan.c
+--- socat-1.7.4.1.orig/filan.c
++++ socat-1.7.4.1/filan.c
 @@ -20,6 +20,10 @@
  
  #include "filan.h"
@@ -13,21 +13,10 @@ Index: socat-1.7.3.4/filan.c
  
  struct sockopt {
     int so;
-@@ -28,10 +32,6 @@ struct sockopt {
- 
- static int filan_streams_analyze(int fd, FILE *outfile);
- 
--/* dirty workaround so we dont get an error on AIX when being linked with
--   libwrap */
--int allow_severity, deny_severity;
--
- /* global variables for configuring filan */
- bool filan_followsymlinks;
- bool filan_rawoutput;
-Index: socat-1.7.3.4/procan.c
+Index: socat-1.7.4.1/procan.c
 ===================================================================
---- socat-1.7.3.4.orig/procan.c
-+++ socat-1.7.3.4/procan.c
+--- socat-1.7.4.1.orig/procan.c
++++ socat-1.7.4.1/procan.c
 @@ -16,6 +16,9 @@
  #include "filan.h"
  
@@ -38,10 +27,10 @@ Index: socat-1.7.3.4/procan.c
  
  #include "procan.h"
  
-Index: socat-1.7.3.4/xio-tcpwrap.c
+Index: socat-1.7.4.1/xio-tcpwrap.c
 ===================================================================
---- socat-1.7.3.4.orig/xio-tcpwrap.c
-+++ socat-1.7.3.4/xio-tcpwrap.c
+--- socat-1.7.4.1.orig/xio-tcpwrap.c
++++ socat-1.7.4.1/xio-tcpwrap.c
 @@ -13,6 +13,7 @@
  #include "xio-tcpwrap.h"
  

socat-ignore-tests-failure-boo1078346.patch

@@ -10,12 +10,12 @@ Signed-off-by: Michel Normand <normand@linux.vnet.ibm.com>
  test.sh |    2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
-Index: socat-1.7.3.4/test.sh
+Index: socat-1.7.4.1/test.sh
 ===================================================================
---- socat-1.7.3.4.orig/test.sh
-+++ socat-1.7.3.4/test.sh
-@@ -13224,7 +13224,7 @@ echo "summary: $((N-1)) tests, $((numOK+
- 
+--- socat-1.7.4.1.orig/test.sh
++++ socat-1.7.4.1/test.sh
+@@ -15042,7 +15042,7 @@ if [ "$numCANT" -gt 0 ]; then
+ fi
  if [ "$numFAIL" -gt 0 ]; then
      echo "FAILED: $listFAIL"
 -    exit 1

socat.changes

@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Mon Jan 11 22:24:07 UTC 2021 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.7.4.1:
+  Security:
+  * Buffer size option (-b) is internally doubled for CR-CRLF conversion,
+    but not checked for integer overflow. This could lead to heap based buffer
+    overflow, assuming the attacker could provide this parameter. 
+  * Many further bugfixes and new features, see the CHANGES file
+
 -------------------------------------------------------------------
 Fri Apr 17 06:58:23 UTC 2020 - Martin Pluskal <mpluskal@suse.com>
 

socat.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package socat
 #
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
 # Copyright (c) 2010 Pascal Bleser <pascal.bleser@opensuse.org>
 #
 # All modifications and additions to the file contributed by third parties
@@ -18,7 +18,7 @@
 
 
 Name:           socat
-Version:        1.7.3.4
+Version:        1.7.4.1
 Release:        0
 Summary:        Multipurpose relay for bidirectional data transfer
 License:        SUSE-GPL-2.0-with-openssl-exception AND MIT