[arch-commits] Commit in rpcbind/trunk (CVE-2017-8779.diff PKGBUILD)

Andreas Radke andyrtr at archlinux.org
Fri May 5 18:28:57 UTC 2017 

    Date: Friday, May 5, 2017 @ 18:28:56
  Author: andyrtr
Revision: 295331

upgpkg: rpcbind 0.2.4-3

apply fix for CVE-2017-8779; FS#53928

Added:
  rpcbind/trunk/CVE-2017-8779.diff
Modified:
  rpcbind/trunk/PKGBUILD

--------------------+
 CVE-2017-8779.diff |   21 +++++++++++++++++++++
 PKGBUILD           |   10 +++++++---
 2 files changed, 28 insertions(+), 3 deletions(-)

Added: CVE-2017-8779.diff
===================================================================
--- CVE-2017-8779.diff	                        (rev 0)
+++ CVE-2017-8779.diff	2017-05-05 18:28:56 UTC (rev 295331)
@@ -0,0 +1,21 @@
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index 5862c26..e11f61b 100644
+--- a/src/rpcb_svc_com.c
++++ b/src/rpcb_svc_com.c
+@@ -48,6 +48,7 @@
+ #include <rpc/rpc.h>
+ #include <rpc/rpcb_prot.h>
+ #include <rpc/svc_dg.h>
++#include <rpc/rpc_com.h>
+ #include <netconfig.h>
+ #include <errno.h>
+ #include <syslog.h>
+@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp /*__unused*/,
+ static bool_t
+ xdr_encap_parms(XDR *xdrs, struct encap_parms *epp)
+ {
+-	return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0));
++	return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXDATASIZE));
+ }
+ 
+ /*

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2017-05-05 18:22:07 UTC (rev 295330)
+++ PKGBUILD	2017-05-05 18:28:56 UTC (rev 295331)
@@ -4,7 +4,7 @@
 
 pkgname=rpcbind
 pkgver=0.2.4
-pkgrel=2
+pkgrel=3
 pkgdesc="portmap replacement which supports RPC over various protocols"
 arch=(i686 x86_64)
 backup=('etc/conf.d/rpcbind')
@@ -17,12 +17,14 @@
 source=(https://downloads.sourceforge.net/sourceforge/$pkgname/$pkgname-$pkgver.tar.bz2
         rpcbind-sunrpc.patch
         rpcbind.conf
-        systemd_service.diff)
+        systemd_service.diff
+        CVE-2017-8779.diff)
 install=rpcbind.install
 sha1sums=('8a6045dd3397e9f71bf3a7c9d269e255cca537bd'
           '1b997ce76f9727efc8c72fc5f97189591c9a60e2'
           '08246ff18d12cee01e5c9391c6ba8f5597cac936'
-          '3ebfcf09d01e41c70135124e68b3db681c768aa0')
+          '3ebfcf09d01e41c70135124e68b3db681c768aa0'
+          '38044ce8f3376a0b69da8e078e988fd1645bd435')
 
 prepare() {
   cd $srcdir/$pkgname-$pkgver
@@ -30,6 +32,8 @@
   patch -Np1 -i ../rpcbind-sunrpc.patch
   # use distro config file; FS#52058
   patch -Np1 -i ../systemd_service.diff
+  # http://seclists.org/oss-sec/2017/q2/209
+  patch -Np1 -i ../CVE-2017-8779.diff
 }
 
 build() {

More information about the arch-commits mailing list