forked from pool/libimobiledevice
Accepting request 398366 from home:dimstar:Factory
- Add libimobiledevice-CVE-2016-5104.patch: Make sure sockets only listen locally (CVE-2016-5104, boo#982014). OBS-URL: https://build.opensuse.org/request/show/398366 OBS-URL: https://build.opensuse.org/package/show/hardware/libimobiledevice?expand=0&rev=8
This commit is contained in:
parent
16c12c266a
commit
bbcef2e4b5
32
libimobiledevice-CVE-2016-5104.patch
Normal file
32
libimobiledevice-CVE-2016-5104.patch
Normal file
@ -0,0 +1,32 @@
|
||||
From df1f5c4d70d0c19ad40072f5246ca457e7f9849e Mon Sep 17 00:00:00 2001
|
||||
From: Joshua Hill <posixninja@gmail.com>
|
||||
Date: Tue, 29 Dec 2015 22:27:17 +0100
|
||||
Subject: [PATCH] common: [security fix] Make sure sockets only listen locally
|
||||
|
||||
---
|
||||
common/socket.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/common/socket.c b/common/socket.c
|
||||
index b276864..e2968a6 100644
|
||||
--- a/common/socket.c
|
||||
+++ b/common/socket.c
|
||||
@@ -172,7 +172,7 @@ int socket_create(uint16_t port)
|
||||
|
||||
memset((void *) &saddr, 0, sizeof(saddr));
|
||||
saddr.sin_family = AF_INET;
|
||||
- saddr.sin_addr.s_addr = htonl(INADDR_ANY);
|
||||
+ saddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
|
||||
saddr.sin_port = htons(port);
|
||||
|
||||
if (0 > bind(sfd, (struct sockaddr *) &saddr, sizeof(saddr))) {
|
||||
@@ -329,7 +329,7 @@ int socket_accept(int fd, uint16_t port)
|
||||
|
||||
memset(&addr, 0, sizeof(addr));
|
||||
addr.sin_family = AF_INET;
|
||||
- addr.sin_addr.s_addr = htonl(INADDR_ANY);
|
||||
+ addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
|
||||
addr.sin_port = htons(port);
|
||||
|
||||
addr_len = sizeof(addr);
|
||||
|
@ -1,3 +1,9 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri May 27 13:10:37 UTC 2016 - dimstar@opensuse.org
|
||||
|
||||
- Add libimobiledevice-CVE-2016-5104.patch: Make sure sockets only
|
||||
listen locally (CVE-2016-5104, boo#982014).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 29 06:06:53 UTC 2015 - i@marguerite.su
|
||||
|
||||
|
@ -26,6 +26,9 @@ Group: System/Libraries
|
||||
Url: http://www.libimobiledevice.org
|
||||
Source: http://www.libimobiledevice.org/downloads/%{name}-%{version}.tar.bz2
|
||||
Source1: baselibs.conf
|
||||
Patch0: libimobiledevice-nosslv3.patch
|
||||
# PATCH-FIX-UPSTREAM libimobiledevice-CVE-2016-5104.patch CVE-2016-5104 boo#982014 dimstar@opensuse.org - Make sure sockets only listen locally
|
||||
Patch1: libimobiledevice-CVE-2016-5104.patch
|
||||
BuildRequires: fdupes
|
||||
BuildRequires: gcc-c++
|
||||
BuildRequires: libopenssl-devel
|
||||
@ -39,7 +42,6 @@ BuildRequires: python-devel
|
||||
BuildRequires: python-plist
|
||||
BuildRequires: readline-devel
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
Patch0: libimobiledevice-nosslv3.patch
|
||||
|
||||
%description
|
||||
libimobiledevice is a software library that talks the protocols to support
|
||||
@ -106,6 +108,7 @@ Contains Python bindings for developing applications that use %{name}.
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
autoreconf -fi
|
||||
sed -i -e '/Requires:/d' src/%{name}-1.0.pc.in
|
||||
sed -i -e 's/-L${libdir}//' src/%{name}-1.0.pc.in
|
||||
|
Loading…
x
Reference in New Issue
Block a user