[arch-commits] Commit in libusbmuxd/trunk (CVE-2016-5104.patch PKGBUILD)
Jan de Groot
jgc at archlinux.org
Sun Jun 4 22:35:29 UTC 2017
Date: Sunday, June 4, 2017 @ 22:35:28
Author: jgc
Revision: 297790
upgpkg: libusbmuxd 1.0.10-2
Add security fix for CVE-2016-5104
Added:
libusbmuxd/trunk/CVE-2016-5104.patch
Modified:
libusbmuxd/trunk/PKGBUILD
---------------------+
CVE-2016-5104.patch | 31 +++++++++++++++++++++++++++++++
PKGBUILD | 14 ++++++++++----
2 files changed, 41 insertions(+), 4 deletions(-)
Added: CVE-2016-5104.patch
===================================================================
--- CVE-2016-5104.patch (rev 0)
+++ CVE-2016-5104.patch 2017-06-04 22:35:28 UTC (rev 297790)
@@ -0,0 +1,31 @@
+From 4397b3376dc4e4cb1c991d0aed61ce6482614196 Mon Sep 17 00:00:00 2001
+From: Joshua Hill <posixninja at gmail.com>
+Date: Tue, 29 Dec 2015 23:09:37 +0100
+Subject: [PATCH] common: [security fix] Make sure sockets only listen locally
+
+---
+ common/socket.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/common/socket.c b/common/socket.c
+index 27b93ba..4cdefd6 100644
+--- a/common/socket.c
++++ b/common/socket.c
+@@ -203,7 +203,7 @@ int socket_create(uint16_t port)
+
+ memset((void *) &saddr, 0, sizeof(saddr));
+ saddr.sin_family = AF_INET;
+- saddr.sin_addr.s_addr = htonl(INADDR_ANY);
++ saddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+ saddr.sin_port = htons(port);
+
+ if (0 > bind(sfd, (struct sockaddr *) &saddr, sizeof(saddr))) {
+@@ -368,7 +368,7 @@ int socket_accept(int fd, uint16_t port)
+
+ memset(&addr, 0, sizeof(addr));
+ addr.sin_family = AF_INET;
+- addr.sin_addr.s_addr = htonl(INADDR_ANY);
++ addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+ addr.sin_port = htons(port);
+
+ addr_len = sizeof(addr);
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2017-06-04 22:33:07 UTC (rev 297789)
+++ PKGBUILD 2017-06-04 22:35:28 UTC (rev 297790)
@@ -1,4 +1,3 @@
-# $Id: $
# Maintainer: Ionut Biru <ibiru at archlinux.org>
# Maintainer: Jan de Groot <jgc at archlinux.org>
# Contributor: Gabriel Martinez < reitaka at gmail dot com >
@@ -5,7 +4,7 @@
pkgname=libusbmuxd
pkgver=1.0.10
-pkgrel=1
+pkgrel=2
pkgdesc="USB Multiplex Daemon"
url="http://marcansoft.com/blog/iphonelinux/usbmuxd/"
arch=('i686' 'x86_64')
@@ -12,9 +11,16 @@
license=('LGPL2.1' 'GPL2')
depends=('libusb' 'libplist')
conflicts=('usbmuxd<1.0.9')
-source=(http://www.libimobiledevice.org/downloads/libusbmuxd-$pkgver.tar.bz2)
-md5sums=('e5351ff6f6eedcb50701e02d91cc480c')
+source=(http://www.libimobiledevice.org/downloads/libusbmuxd-$pkgver.tar.bz2
+ CVE-2016-5104.patch)
+sha256sums=('1aa21391265d2284ac3ccb7cf278126d10d354878589905b35e8102104fec9f2'
+ '9f3a84c8d0a32df13985f6574f5f0e86af435a67606612c0811df631070a97e3')
+prepare() {
+ cd libusbmuxd-${pkgver}
+ patch -Np1 -i ../CVE-2016-5104.patch
+}
+
build() {
cd libusbmuxd-${pkgver}
./configure --prefix=/usr
More information about the arch-commits
mailing list