summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2015-11-03 10:02:36 -0500
committerMike Frysinger <vapier@gentoo.org>2015-11-03 10:08:07 -0500
commit426002bfe2789fb6213fba832c8bfee634d68d02 (patch)
treea91c01c335532611b881065096f0c93387d25760
parentsys-apps/xinetd: add subslot on libtirpc dep (diff)
downloadgentoo-426002bfe2789fb6213fba832c8bfee634d68d02.tar.gz
gentoo-426002bfe2789fb6213fba832c8bfee634d68d02.tar.bz2
gentoo-426002bfe2789fb6213fba832c8bfee634d68d02.zip
sys-apps/xinetd: add fix from Fedora for CVE-2013-4342 #488158
-rw-r--r--sys-apps/xinetd/files/xinetd-2.3.15-creds.patch17
-rw-r--r--sys-apps/xinetd/xinetd-2.3.15-r2.ebuild55
2 files changed, 72 insertions, 0 deletions
diff --git a/sys-apps/xinetd/files/xinetd-2.3.15-creds.patch b/sys-apps/xinetd/files/xinetd-2.3.15-creds.patch
new file mode 100644
index 00000000000..39df3caf115
--- /dev/null
+++ b/sys-apps/xinetd/files/xinetd-2.3.15-creds.patch
@@ -0,0 +1,17 @@
+https://bugs.gentoo.org/488158
+
+taken from Fedora
+
+Patch by Thomas Swan <thomas.swan@gmail.com>
+
+--- a/xinetd/builtins.c
++++ b/xinetd/builtins.c
+@@ -695,7 +695,7 @@ static void tcpmux_handler( const struct server *serp )
+ if( SC_IS_INTERNAL( scp ) ) {
+ SC_INTERNAL(scp, nserp);
+ } else {
+- exec_server(nserp);
++ child_process(nserp);
+ }
+ }
+
diff --git a/sys-apps/xinetd/xinetd-2.3.15-r2.ebuild b/sys-apps/xinetd/xinetd-2.3.15-r2.ebuild
new file mode 100644
index 00000000000..edd9a748195
--- /dev/null
+++ b/sys-apps/xinetd/xinetd-2.3.15-r2.ebuild
@@ -0,0 +1,55 @@
+# Copyright 1999-2014 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI="5"
+
+inherit eutils flag-o-matic systemd toolchain-funcs
+
+DESCRIPTION="powerful replacement for inetd"
+HOMEPAGE="http://www.xinetd.org/"
+SRC_URI="http://www.xinetd.org/${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd"
+IUSE="perl rpc tcpd"
+
+DEPEND="tcpd? ( >=sys-apps/tcp-wrappers-7.6-r2 )
+ rpc? ( net-libs/libtirpc:= )"
+RDEPEND="${DEPEND}
+ perl? ( dev-lang/perl )"
+DEPEND="${DEPEND}
+ virtual/pkgconfig"
+
+src_prepare() {
+ epatch "${FILESDIR}"/${PN}-2.3.14-DESTDIR.patch
+ epatch "${FILESDIR}"/${PN}-2.3.14-install-contrib.patch
+ epatch "${FILESDIR}"/${PN}-2.3.14-config.patch
+ epatch "${FILESDIR}"/${PN}-2.3.15-creds.patch #488158
+ find -name Makefile.in -exec sed -i 's:\<ar\>:$(AR):' {} +
+}
+
+src_configure() {
+ if ! use rpc ; then
+ append-cppflags -DNO_RPC
+ export ac_cv_header_{rpc_{rpc,rpcent,pmap_clnt},netdb}_h=no
+ fi
+ tc-export AR PKG_CONFIG
+ LIBS=$(${PKG_CONFIG} --libs libtirpc) \
+ econf \
+ $(use_with tcpd libwrap) \
+ --with-loadavg
+}
+
+src_install() {
+ emake DESTDIR="${ED}" install install-contrib
+ use perl || rm -f "${ED}"/usr/sbin/xconv.pl
+
+ newinitd "${FILESDIR}"/xinetd.rc6 xinetd
+ newconfd "${FILESDIR}"/xinetd.confd xinetd
+ systemd_dounit "${FILESDIR}/${PN}.service"
+
+ newdoc contrib/xinetd.conf xinetd.conf.dist.sample
+ dodoc AUDIT INSTALL README TODO CHANGELOG
+}