From 0eb0b0e36ab69f67ef3c6f29918196352f7f311bb39bf912760033a806efb20b Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Thu, 15 Mar 2018 15:26:19 +0000 Subject: [PATCH 1/2] Accepting request 586988 from home:kukuk:branches:Base:System - Update to libtirpc 1.0.3 - clnt_dg_call: Fix a buffer overflow (CVE-2016-4429) - Avoid choosing reserved ports in legacy RPC APIs - rpcinfo: change order of version to be tried to 4, 3, 2 - includes 003-rpc-types.patch - includes 004-replace-bzero-with-memset.patch - includes 005-missing-includes.patch - includes 011-Fix-typo-in-src-libtirpc.map-which-prevents-that-key.patch - includes decls.patch - Drop COPYING.GPLv2, GPLv2 code was removed from library - Adjust include directory [bsc#1083902] OBS-URL: https://build.opensuse.org/request/show/586988 OBS-URL: https://build.opensuse.org/package/show/Base:System/libtirpc?expand=0&rev=69 --- 003-rpc-types.patch | 47 --- 004-replace-bzero-with-memset.patch | 62 ---- 005-missing-includes.patch | 29 -- ...libtirpc.map-which-prevents-that-key.patch | 27 -- COPYING.GPLv2 | 339 ------------------ decls.patch | 12 - libtirpc-1.0.2.tar.bz2 | 3 - libtirpc-1.0.3.tar.bz2 | 3 + libtirpc.changes | 19 + libtirpc.spec | 22 +- 10 files changed, 27 insertions(+), 536 deletions(-) delete mode 100644 003-rpc-types.patch delete mode 100644 004-replace-bzero-with-memset.patch delete mode 100644 005-missing-includes.patch delete mode 100644 011-Fix-typo-in-src-libtirpc.map-which-prevents-that-key.patch delete mode 100644 COPYING.GPLv2 delete mode 100644 decls.patch delete mode 100644 libtirpc-1.0.2.tar.bz2 create mode 100644 libtirpc-1.0.3.tar.bz2 diff --git a/003-rpc-types.patch b/003-rpc-types.patch deleted file mode 100644 index fd72026..0000000 --- a/003-rpc-types.patch +++ /dev/null @@ -1,47 +0,0 @@ -From cc6d414c93d05da7703c377dd7524fd97719b21c Mon Sep 17 00:00:00 2001 -From: Thorsten Kukuk -Date: Mon, 13 Nov 2017 15:50:32 +0100 -Subject: [PATCH 1/1] Add some typedefs to rpc/types.h to allow applications be - compiled with -std=iso9899:1990 - -Signed-off-by: Thorsten Kukuk ---- - tirpc/rpc/types.h | 22 ++++++++++++++++++++++ - 1 file changed, 22 insertions(+) - -diff --git a/tirpc/rpc/types.h b/tirpc/rpc/types.h -index 52c30a2..f069efa 100644 ---- a/tirpc/rpc/types.h -+++ b/tirpc/rpc/types.h -@@ -65,6 +65,28 @@ typedef int32_t rpc_inline_t; - #define mem_alloc(bsize) calloc(1, bsize) - #define mem_free(ptr, bsize) free(ptr) - -+ -+#if defined __APPLE_CC__ || defined __FreeBSD__ -+# define __u_char_defined -+# define __daddr_t_defined -+#endif -+ -+#ifndef __u_char_defined -+typedef __u_char u_char; -+typedef __u_short u_short; -+typedef __u_int u_int; -+typedef __u_long u_long; -+typedef __quad_t quad_t; -+typedef __u_quad_t u_quad_t; -+typedef __fsid_t fsid_t; -+# define __u_char_defined -+#endif -+#ifndef __daddr_t_defined -+typedef __daddr_t daddr_t; -+typedef __caddr_t caddr_t; -+# define __daddr_t_defined -+#endif -+ - #include - #include - #include --- -2.12.3 - diff --git a/004-replace-bzero-with-memset.patch b/004-replace-bzero-with-memset.patch deleted file mode 100644 index fe6b0f3..0000000 --- a/004-replace-bzero-with-memset.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 5356b63005e9d8169e0399cb76f26fbd29a78dee Mon Sep 17 00:00:00 2001 -From: Joshua Kinard -Date: Wed, 23 Aug 2017 14:31:36 -0400 -Subject: [PATCH 1/2] Replace bzero() calls with equivalent memset() calls - -As annotated in the bzero(3) man page, bzero() was marked as LEGACY in -POSIX.1-2001 and removed in POSIX.1-2008, and should be replaced with -memset() calls to write zeros to a memory region. The attached patch -replaces two bzero() calls and one __bzero() call in libtirpc with -equivalent memset() calls. The latter replacement fixes a compile error -under uclibc-ng, which lacks a definition for __bzero() - -Signed-off-by: Joshua Kinard -Signed-off-by: Steve Dickson ---- - src/auth_time.c | 2 +- - src/des_impl.c | 2 +- - src/svc_auth_des.c | 2 +- - 3 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/src/auth_time.c b/src/auth_time.c -index 7f83ab4..69400bc 100644 ---- a/src/auth_time.c -+++ b/src/auth_time.c -@@ -317,7 +317,7 @@ __rpc_get_time_offset(td, srv, thost, uaddr, netid) - sprintf(ipuaddr, "%d.%d.%d.%d.0.111", a1, a2, a3, a4); - useua = &ipuaddr[0]; - -- bzero((char *)&sin, sizeof(sin)); -+ memset(&sin, 0, sizeof(sin)); - if (uaddr_to_sockaddr(useua, &sin)) { - msg("unable to translate uaddr to sockaddr."); - if (needfree) -diff --git a/src/des_impl.c b/src/des_impl.c -index 9dbccaf..15bec2a 100644 ---- a/src/des_impl.c -+++ b/src/des_impl.c -@@ -588,7 +588,7 @@ _des_crypt (char *buf, unsigned len, struct desparams *desp) - } - tin0 = tin1 = tout0 = tout1 = xor0 = xor1 = 0; - tbuf[0] = tbuf[1] = 0; -- __bzero (schedule, sizeof (schedule)); -+ memset (schedule, 0, sizeof (schedule)); - - return (1); - } -diff --git a/src/svc_auth_des.c b/src/svc_auth_des.c -index 2e90146..19a7c60 100644 ---- a/src/svc_auth_des.c -+++ b/src/svc_auth_des.c -@@ -356,7 +356,7 @@ cache_init() - - authdes_cache = (struct cache_entry *) - mem_alloc(sizeof(struct cache_entry) * AUTHDES_CACHESZ); -- bzero((char *)authdes_cache, -+ memset(authdes_cache, 0, - sizeof(struct cache_entry) * AUTHDES_CACHESZ); - - authdes_lru = (short *)mem_alloc(sizeof(short) * AUTHDES_CACHESZ); --- -2.12.3 - diff --git a/005-missing-includes.patch b/005-missing-includes.patch deleted file mode 100644 index 05f5adf..0000000 --- a/005-missing-includes.patch +++ /dev/null @@ -1,29 +0,0 @@ -From 75a49eabb3c71ee8f4a579df4e0199694d086e28 Mon Sep 17 00:00:00 2001 -From: Thorsten Kukuk -Date: Tue, 14 Nov 2017 14:41:33 +0100 -Subject: [PATCH 1/1] Include header files in rpc/pmap_clnt.h, so that this - header file can be used standalone as in the past with sunrpc. - -Signed-off-by: Thorsten Kukuk ---- - tirpc/rpc/pmap_clnt.h | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/tirpc/rpc/pmap_clnt.h b/tirpc/rpc/pmap_clnt.h -index 6abd583..cf1ab61 100644 ---- a/tirpc/rpc/pmap_clnt.h -+++ b/tirpc/rpc/pmap_clnt.h -@@ -64,6 +64,10 @@ - #ifndef _RPC_PMAP_CLNT_H_ - #define _RPC_PMAP_CLNT_H_ - -+#include -+#include -+#include -+ - #ifdef __cplusplus - extern "C" { - #endif --- -2.12.3 - diff --git a/011-Fix-typo-in-src-libtirpc.map-which-prevents-that-key.patch b/011-Fix-typo-in-src-libtirpc.map-which-prevents-that-key.patch deleted file mode 100644 index cc801fc..0000000 --- a/011-Fix-typo-in-src-libtirpc.map-which-prevents-that-key.patch +++ /dev/null @@ -1,27 +0,0 @@ -From d82f4ca72a7fa638d26eaf68c6ef86bbf1f8fe6f Mon Sep 17 00:00:00 2001 -From: Thorsten Kukuk -Date: Mon, 14 Mar 2016 11:04:25 +0100 -Subject: [PATCH 1/1] Fix typo in src/libtirpc.map, which prevents that - key_secretkey_is_set will be exported. - -Signed-off-by: Thorsten Kukuk ---- - src/libtirpc.map | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/libtirpc.map b/src/libtirpc.map -index f385de5..21d6065 100644 ---- a/src/libtirpc.map -+++ b/src/libtirpc.map -@@ -298,7 +298,7 @@ TIRPC_0.3.2 { - key_gendes; - key_get_conv; - key_setsecret; -- key_secret_is_set; -+ key_secretkey_is_set; - key_setnet; - netname2host; - netname2user; --- -1.8.5.6 - diff --git a/COPYING.GPLv2 b/COPYING.GPLv2 deleted file mode 100644 index 88de850..0000000 --- a/COPYING.GPLv2 +++ /dev/null @@ -1,339 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Lesser General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - , 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Lesser General -Public License instead of this License. diff --git a/decls.patch b/decls.patch deleted file mode 100644 index b948b78..0000000 --- a/decls.patch +++ /dev/null @@ -1,12 +0,0 @@ -Index: libtirpc-1.0.1/src/xdr_sizeof.c -=================================================================== ---- libtirpc-1.0.1.orig/src/xdr_sizeof.c -+++ libtirpc-1.0.1/src/xdr_sizeof.c -@@ -39,6 +39,7 @@ - #include - #include - #include -+#include - #include "un-namespace.h" - - /* ARGSUSED */ diff --git a/libtirpc-1.0.2.tar.bz2 b/libtirpc-1.0.2.tar.bz2 deleted file mode 100644 index d534cb5..0000000 --- a/libtirpc-1.0.2.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:723c5ce92706cbb601a8db09110df1b4b69391643158f20ff587e20e7c5f90f5 -size 509601 diff --git a/libtirpc-1.0.3.tar.bz2 b/libtirpc-1.0.3.tar.bz2 new file mode 100644 index 0000000..3bb649e --- /dev/null +++ b/libtirpc-1.0.3.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:86c3a78fc1bddefa96111dd233124c703b22a78884203c55c3e06b3be6a0fd5e +size 509831 diff --git a/libtirpc.changes b/libtirpc.changes index 3751a8d..ae3dbf3 100644 --- a/libtirpc.changes +++ b/libtirpc.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Wed Mar 14 16:03:31 CET 2018 - kukuk@suse.de + +- Update to libtirpc 1.0.3 + - clnt_dg_call: Fix a buffer overflow (CVE-2016-4429) + - Avoid choosing reserved ports in legacy RPC APIs + - rpcinfo: change order of version to be tried to 4, 3, 2 + - includes 003-rpc-types.patch + - includes 004-replace-bzero-with-memset.patch + - includes 005-missing-includes.patch + - includes 011-Fix-typo-in-src-libtirpc.map-which-prevents-that-key.patch + - includes decls.patch +- Drop COPYING.GPLv2, GPLv2 code was removed from library + +------------------------------------------------------------------- +Mon Mar 5 11:58:44 CET 2018 - kukuk@suse.de + +- Adjust include directory [bsc#1083902] + ------------------------------------------------------------------- Thu Feb 22 15:10:39 UTC 2018 - fvogt@suse.com diff --git a/libtirpc.spec b/libtirpc.spec index 702e004..8f5ddb1 100644 --- a/libtirpc.spec +++ b/libtirpc.spec @@ -18,10 +18,10 @@ Name: libtirpc # src/crypt_client.c and tirpc/rpcsvc/crypt.x have the BSD advertising clause -Version: 1.0.2 +Version: 1.0.3 Release: 0 Summary: Transport Independent RPC Library -License: BSD-3-Clause AND GPL-2.0+ +License: BSD-3-Clause Group: Development/Libraries/C and C++ %if 0%{suse_version} >= 1300 BuildRequires: krb5-mini-devel @@ -31,18 +31,12 @@ BuildRequires: krb5-devel BuildRequires: autoconf BuildRequires: libtool BuildRequires: pkg-config -Url: http://sourceforge.net/projects/libtirpc/ +Url: https://sourceforge.net/projects/libtirpc/ Source: %{name}-%{version}.tar.bz2 Source1: baselibs.conf -Source2: COPYING.GPLv2 Patch0: 000-bindresvport_blacklist.patch # only needed on openSUSE >= 13.1, SLE >= 12 Patch1: 001-new-rpcbindsock-path.patch -Patch3: 003-rpc-types.patch -Patch4: 004-replace-bzero-with-memset.patch -Patch5: 005-missing-includes.patch -Patch11: 011-Fix-typo-in-src-libtirpc.map-which-prevents-that-key.patch -Patch12: decls.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %define debug_package_requires libtirpc3 = %{version}-%{release} @@ -91,21 +85,15 @@ TCP over IPv4. %if 0%{suse_version} >= 1310 %patch1 -p1 %endif -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch11 -p1 -%patch12 -p1 %build +sed -i -e 's|@includedir@/tirpc|@includedir@|g' libtirpc.pc.in %configure --disable-static \ --with-pic \ %if 0%{suse_version} < 1200 --disable-gssapi \ %endif --libdir=/%{_lib} -# Copy GPLv2 COPYING -cp %{SOURCE2} . make %{?_smp_mflags} %install @@ -130,7 +118,7 @@ rmdir %{buildroot}%{_includedir}/tirpc %files -n libtirpc3 %defattr(-,root,root) -%license COPYING COPYING.GPLv2 +%license COPYING /%{_lib}/libtirpc.so.3* %files netconfig From b6461de4f2b35e6306ba58bbf89c5235b0b003013361ab29033b97f33af5f171 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Thu, 22 Mar 2018 07:38:09 +0000 Subject: [PATCH 2/2] Accepting request 587685 from home:jengelh:branches:Base:System - Remove ineffective --with-pic. OBS-URL: https://build.opensuse.org/request/show/587685 OBS-URL: https://build.opensuse.org/package/show/Base:System/libtirpc?expand=0&rev=70 --- libtirpc.changes | 5 +++++ libtirpc.spec | 1 - 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/libtirpc.changes b/libtirpc.changes index ae3dbf3..5b36101 100644 --- a/libtirpc.changes +++ b/libtirpc.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Thu Mar 15 23:10:46 UTC 2018 - jengelh@inai.de + +- Remove ineffective --with-pic. + ------------------------------------------------------------------- Wed Mar 14 16:03:31 CET 2018 - kukuk@suse.de diff --git a/libtirpc.spec b/libtirpc.spec index 8f5ddb1..e2ab83e 100644 --- a/libtirpc.spec +++ b/libtirpc.spec @@ -89,7 +89,6 @@ TCP over IPv4. %build sed -i -e 's|@includedir@/tirpc|@includedir@|g' libtirpc.pc.in %configure --disable-static \ - --with-pic \ %if 0%{suse_version} < 1200 --disable-gssapi \ %endif