[libjgroups-java] 29/38: Disable diagnostic probing by default (CVE-2013-4112) (Closes: #717031)

Emmanuel Bourg Thu, 23 Nov 2017 04:38:21 -0800

This is an automated email from the git hooks/post-receive script.

ebourg-guest pushed a commit to branch master
in repository libjgroups-java.


commit f44de1b33d8b21c62e308bc0b0fbbe552f7c89f0
Author: Emmanuel Bourg <ebo...@apache.org>
Date:   Tue Jul 16 10:42:45 2013 +0000

    Disable diagnostic probing by default (CVE-2013-4112) (Closes: #717031)
---
 debian/changelog                            |   6 ++
 debian/patches/01_disable_diagnostics.patch | 106 ++++++++++++++++++++++++++++
 debian/patches/series                       |   1 +
 3 files changed, 113 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 7c37f61..fb9cf7f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+libjgroups-java (2.12.2.Final-4) unstable; urgency=low
+
+  * Disable diagnostic probing by default (CVE-2013-4112) (Closes: #717031)
+
+ -- Emmanuel Bourg <ebo...@apache.org>  Tue, 16 Jul 2013 12:18:18 +0200
+
 libjgroups-java (2.12.2.Final-3) unstable; urgency=low
 
   * Updated the watch file to match releases > 2.11.0
diff --git a/debian/patches/01_disable_diagnostics.patch 
b/debian/patches/01_disable_diagnostics.patch
new file mode 100644
index 0000000..cc93c77
--- /dev/null
+++ b/debian/patches/01_disable_diagnostics.patch
@@ -0,0 +1,106 @@
+Description: Disable diagnostic probing by default (Fixes CVE-2013-4112)
+Author: Emmanuel Bourg <ebo...@apache.org>
+Forwarded: not-needed
+Bug: http://bugs.debian.org/717031
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4112
+--- a/conf/auth_regex.xml
++++ b/conf/auth_regex.xml
+@@ -25,7 +25,7 @@
+          enable_bundling="true"
+          bundler_capacity="50000"
+          enable_unicast_bundling="true"
+-         enable_diagnostics="true"
++         enable_diagnostics="false"
+          thread_naming_pattern="cl"
+ 
+          timer_type="new"
+--- a/conf/execution-service.xml
++++ b/conf/execution-service.xml
+@@ -20,7 +20,7 @@
+          max_bundle_timeout="30"
+          ip_ttl="${jgroups.udp.ip_ttl:2}"
+          enable_bundling="true"
+-         enable_diagnostics="true"
++         enable_diagnostics="false"
+          thread_naming_pattern="cl"
+ 
+          timer_type="new"
+--- a/conf/fast-local.xml
++++ b/conf/fast-local.xml
+@@ -24,7 +24,7 @@
+          ip_ttl="${jgroups.udp.ip_ttl:0}"
+          enable_bundling="true"
+          enable_unicast_bundling="true"
+-         enable_diagnostics="true"
++         enable_diagnostics="false"
+          thread_naming_pattern="cl"
+ 
+          timer_type="new"
+--- a/conf/flush-udp.xml
++++ b/conf/flush-udp.xml
+@@ -19,7 +19,7 @@
+          max_bundle_timeout="30"
+          ip_ttl="${jgroups.udp.ip_ttl:2}"
+          enable_bundling="true"
+-         enable_diagnostics="true"
++         enable_diagnostics="false"
+          
+          thread_naming_pattern="pl"
+ 
+--- a/conf/sequencer.xml
++++ b/conf/sequencer.xml
+@@ -21,7 +21,7 @@
+          max_bundle_timeout="30"
+          ip_ttl="${jgroups.udp.ip_ttl:2}"
+          enable_bundling="true"
+-         enable_diagnostics="true"
++         enable_diagnostics="false"
+          thread_naming_pattern="cl"
+ 
+          thread_pool.enabled="true"
+--- a/conf/sfc.xml
++++ b/conf/sfc.xml
+@@ -20,7 +20,7 @@
+          max_bundle_timeout="30"
+          ip_ttl="${jgroups.udp.ip_ttl:2}"
+          enable_bundling="true"
+-         enable_diagnostics="true"
++         enable_diagnostics="false"
+          thread_naming_pattern="cl"
+ 
+          thread_pool.enabled="true"
+--- a/conf/udp-largecluster.xml
++++ b/conf/udp-largecluster.xml
+@@ -23,7 +23,7 @@
+          max_bundle_timeout="30"
+          ip_ttl="${jgroups.udp.ip_ttl:8}"
+          enable_bundling="true"
+-         enable_diagnostics="true"
++         enable_diagnostics="false"
+          thread_naming_pattern="cl"
+ 
+          timer_type="new"
+--- a/conf/udp.xml
++++ b/conf/udp.xml
+@@ -21,7 +21,7 @@
+          max_bundle_timeout="30"
+          ip_ttl="${jgroups.udp.ip_ttl:2}"
+          enable_bundling="true"
+-         enable_diagnostics="true"
++         enable_diagnostics="false"
+          thread_naming_pattern="cl"
+ 
+          timer_type="new"
+--- a/src/org/jgroups/protocols/TP.java
++++ b/src/org/jgroups/protocols/TP.java
+@@ -202,8 +202,8 @@
+     @Property(description="Enable bundling of smaller messages into bigger 
ones for unicast messages. Default is false")
+     protected boolean enable_unicast_bundling=false;
+ 
+-    @Property(description="Switch to enable diagnostic probing. Default is 
true")
+-    protected boolean enable_diagnostics=true;
++    @Property(description="Switch to enable diagnostic probing. Default is 
false")
++    protected boolean enable_diagnostics=false;
+ 
+     @Property(description="Address for diagnostic probing. Default is 
224.0.75.75", 
+               defaultValueIPv4="224.0.75.75",defaultValueIPv6="ff0e::0:75:75")
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..1e2e371
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+01_disable_diagnostics.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on 
/srv/git.debian.org/git/pkg-java/libjgroups-java.git

_______________________________________________
pkg-java-commits mailing list
pkg-java-comm...@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-commits

[libjgroups-java] 29/38: Disable diagnostic probing by default (CVE-2013-4112) (Closes: #717031)

Reply via email to