diff options
Diffstat (limited to 'meta-openembedded/meta-networking/recipes-netkit')
8 files changed, 78 insertions, 7 deletions
diff --git a/meta-openembedded/meta-networking/recipes-netkit/netkit-ftp/netkit-ftp_0.17.bb b/meta-openembedded/meta-networking/recipes-netkit/netkit-ftp/netkit-ftp_0.17.bb index cf306ec82..628047eee 100644 --- a/meta-openembedded/meta-networking/recipes-netkit/netkit-ftp/netkit-ftp_0.17.bb +++ b/meta-openembedded/meta-networking/recipes-netkit/netkit-ftp/netkit-ftp_0.17.bb @@ -16,7 +16,7 @@ SRC_URI[archive.sha256sum] = "61c913299b81a4671ff089aac821329f7db9bc111aa812993d SRC_URI[patch31.md5sum] = "93d71e28ce70df69e080c7f90da63cac" SRC_URI[patch31.sha256sum] = "4edd46a32d70daa7ba00f0ebf0118dc5d17dff23d6e46aa21a2722be2e22d1c1" -inherit autotools-brokensep +inherit autotools-brokensep update-alternatives CLEANBROKEN = "1" @@ -47,3 +47,7 @@ FILES_${PN}-dbg = "${prefix}/src/debug \ ${bindir}/.debug" RDEPENDS_${PN} = "readline" + +ALTERNATIVE_PRIORITY = "100" +ALTERNATIVE_${PN} = "ftp" +ALTERNATIVE_LINK_NAME[ftp] = "${bindir}/ftp" diff --git a/meta-openembedded/meta-networking/recipes-netkit/netkit-rpc/netkit-rpc_0.17.bb b/meta-openembedded/meta-networking/recipes-netkit/netkit-rpc/netkit-rpc_0.17.bb index ebe867d77..a787e52f7 100644 --- a/meta-openembedded/meta-networking/recipes-netkit/netkit-rpc/netkit-rpc_0.17.bb +++ b/meta-openembedded/meta-networking/recipes-netkit/netkit-rpc/netkit-rpc_0.17.bb @@ -11,6 +11,9 @@ SRC_URI = "http://sources.openembedded.org/${BPN}-${PV}.tar.gz \ " SRC_URI[md5sum] = "67212720482ea1aea9182a98653a9642" SRC_URI[sha256sum] = "421d63b414162237a72867061f1bd3e3752a0d962cd5d30b5e933ddad8a14d3b" + +inherit update-alternatives + CFLAGS += "-I${STAGING_INCDIR}/tirpc" LIBS += "-ltirpc" @@ -42,3 +45,7 @@ do_install () { 'BINDIR=${bindir}' 'SBINDIR=${sbindir}' \ 'MANDIR=${mandir}' install } +ALTERNATIVE_PRIORITY = "100" + +ALTERNATIVE_${PN} = "rpcinfo" +ALTERNATIVE_LINK_NAME[rpcinfo] = "${bindir}/rpcinfo" diff --git a/meta-openembedded/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh_0.17.bb b/meta-openembedded/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh_0.17.bb index a6716d06c..70fb4cf5f 100644 --- a/meta-openembedded/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh_0.17.bb +++ b/meta-openembedded/meta-networking/recipes-netkit/netkit-rsh/netkit-rsh_0.17.bb @@ -31,13 +31,13 @@ PAM_SRC_URI = "file://rexec.pam \ " SRC_URI += "${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)}" -inherit pkgconfig +inherit pkgconfig update-alternatives CFLAGS += " -D_GNU_SOURCE -Wno-deprecated-declarations" LDFLAGS += " -L${STAGING_LIBDIR} -lutil -lcrypt" PACKAGECONFIG ??= "" -PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" +PACKAGECONFIG_append = " ${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" PACKAGECONFIG[pam] = " , --without-pam, libpam, libpam" COMPATIBLE_HOST_libc-musl = 'null' diff --git a/meta-openembedded/meta-networking/recipes-netkit/netkit-rusers/netkit-rusers_0.17.bb b/meta-openembedded/meta-networking/recipes-netkit/netkit-rusers/netkit-rusers_0.17.bb index c39faef8d..eee96d865 100644 --- a/meta-openembedded/meta-networking/recipes-netkit/netkit-rusers/netkit-rusers_0.17.bb +++ b/meta-openembedded/meta-networking/recipes-netkit/netkit-rusers/netkit-rusers_0.17.bb @@ -69,4 +69,4 @@ RDEPENDS_${PN}-server += "tcp-wrappers xinetd rpcbind" # http://errors.yoctoproject.org/Errors/Details/186962/ COMPATIBLE_HOST_libc-musl = 'null' -PNBLACKLIST[netkit-rusers] = "Fails to build rup.c:51:10: fatal error: rstat.h: No such file or directory" +PNBLACKLIST[netkit-rusers] ?= "Fails to build rup.c:51:10: fatal error: rstat.h: No such file or directory" diff --git a/meta-openembedded/meta-networking/recipes-netkit/netkit-rwho/netkit-rwho_0.17.bb b/meta-openembedded/meta-networking/recipes-netkit/netkit-rwho/netkit-rwho_0.17.bb index ad543b0fb..308582398 100644 --- a/meta-openembedded/meta-networking/recipes-netkit/netkit-rwho/netkit-rwho_0.17.bb +++ b/meta-openembedded/meta-networking/recipes-netkit/netkit-rwho/netkit-rwho_0.17.bb @@ -82,8 +82,7 @@ do_install () { mkdir -p -m 755 ${D}${localstatedir}/spool/rwho chown -R rwhod ${D}${localstatedir}/spool/rwho } - -pkg_postinst_${PN}-server() { +pkg_postinst_ontarget_${PN}-server() { ${sysconfdir}/init.d/rwhod start } diff --git a/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/files/0001-telnetd-utility.c-Fix-buffer-overflow-in-netoprintf.patch b/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/files/0001-telnetd-utility.c-Fix-buffer-overflow-in-netoprintf.patch new file mode 100644 index 000000000..8f983e40a --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/files/0001-telnetd-utility.c-Fix-buffer-overflow-in-netoprintf.patch @@ -0,0 +1,56 @@ +From 9c81c8e5bc7782e8ae12c078615abc3c896059f2 Mon Sep 17 00:00:00 2001 +From: Julius Hemanth Pitti <jpitti@cisco.com> +Date: Tue, 14 Jul 2020 22:34:19 -0700 +Subject: [PATCH] telnetd/utility.c: Fix buffer overflow in netoprintf + +As per man page of vsnprintf, when formated +string size is greater than "size"(2nd argument), +then vsnprintf returns size of formated string, +not "size"(2nd argument). + +netoprintf() was not handling a case where +return value of vsnprintf is greater than +"size"(2nd argument), results in buffer overflow +while adjusting "nfrontp" pointer to point +beyond "netobuf" buffer. + +Here is one such case where "nfrontp" +crossed boundaries of "netobuf", and +pointing to another global variable. + +(gdb) p &netobuf[8255] +$5 = 0x55c93afe8b1f <netobuf+8255> "" +(gdb) p nfrontp +$6 = 0x55c93afe8c20 <terminaltype> "\377" +(gdb) p &terminaltype +$7 = (char **) 0x55c93afe8c20 <terminaltype> +(gdb) + +This resulted in crash of telnetd service +with segmentation fault. + +Though this is DoS security bug, I couldn't +find any CVE ID for this. + +Upstream-Status: Pending + +Signed-off-by: Julius Hemanth Pitti <jpitti@cisco.com> +--- + telnetd/utility.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/telnetd/utility.c b/telnetd/utility.c +index b9a46a6..4811f14 100644 +--- a/telnetd/utility.c ++++ b/telnetd/utility.c +@@ -66,7 +66,7 @@ netoprintf(const char *fmt, ...) + len = vsnprintf(nfrontp, maxsize, fmt, ap); + va_end(ap); + +- if (len<0 || len==maxsize) { ++ if (len<0 || len>=maxsize) { + /* didn't fit */ + netflush(); + } +-- +2.19.1 diff --git a/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/netkit-telnet_0.17.bb b/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/netkit-telnet_0.17.bb index 0e92add63..08dd532b6 100644 --- a/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/netkit-telnet_0.17.bb +++ b/meta-openembedded/meta-networking/recipes-netkit/netkit-telnet/netkit-telnet_0.17.bb @@ -13,6 +13,7 @@ SRC_URI = "http://ftp.linux.org.uk/pub/linux/Networking/netkit/${BP}.tar.gz \ file://0001-telnet-telnetd-Fix-print-format-strings.patch \ file://0001-telnet-telnetd-Fix-deadlock-on-cleanup.patch \ file://CVE-2020-10188.patch \ + file://0001-telnetd-utility.c-Fix-buffer-overflow-in-netoprintf.patch \ " UPSTREAM_CHECK_URI = "${DEBIAN_MIRROR}/main/n/netkit-telnet/" diff --git a/meta-openembedded/meta-networking/recipes-netkit/netkit-tftp/netkit-tftp_0.17.bb b/meta-openembedded/meta-networking/recipes-netkit/netkit-tftp/netkit-tftp_0.17.bb index 92c13e850..28e016400 100644 --- a/meta-openembedded/meta-networking/recipes-netkit/netkit-tftp/netkit-tftp_0.17.bb +++ b/meta-openembedded/meta-networking/recipes-netkit/netkit-tftp/netkit-tftp_0.17.bb @@ -16,7 +16,7 @@ SRC_URI[archive.sha256sum] = "3a43c0010d4e61f412563fd83769d4667d8b8e82903526d21c SRC_URI[patch18.md5sum] = "cb29e7a33dd85105ba6e6ec4f971e42c" SRC_URI[patch18.sha256sum] = "092437d27b4fa88c044ef6290372fee5ce06d223607f0e22a6e527065c8930e7" -inherit autotools-brokensep +inherit autotools-brokensep update-alternatives do_configure () { ./configure --prefix=${prefix} @@ -53,3 +53,7 @@ FILES_${PN}-dbg = "${prefix}/src/debug \ ${bindir}/.debug ${sbindir}/.debug" RDEPENDS_${PN}-server = "tcp-wrappers xinetd" + +ALTERNATIVE_PRIORITY = "100" +ALTERNATIVE_${PN}-client = "tftp" +ALTERNATIVE_LINK_NAME[tftp] = "${bindir}/tftp" |