commit: eae6e7a80bc2934ae1557731fc0ad71cd92af99b
Author: Patrick McLean <chutzpah <AT> gentoo <DOT> org>
AuthorDate: Mon May 8 18:39:36 2017 +0000
Commit: Patrick McLean <chutzpah <AT> gentoo <DOT> org>
CommitDate: Mon May 8 18:39:36 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=eae6e7a8
net-nds/rpcbind: Revision bump to pull in patch for CVE-2017-8779
Gentoo-Bug: 617472
Package-Manager: Portage-2.3.5, Repoman-2.3.2
.../files/rpcbind-0.2.4-CVE-2017-8779.patch | 21 ++++++++
net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild | 59 ++++++++++++++++++++++
2 files changed, 80 insertions(+)
diff --git a/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch
b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch
new file mode 100644
index 00000000000..cef088badc9
--- /dev/null
+++ b/net-nds/rpcbind/files/rpcbind-0.2.4-CVE-2017-8779.patch
@@ -0,0 +1,21 @@
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index 5862c26..e11f61b 100644
+--- a/src/rpcb_svc_com.c
++++ b/src/rpcb_svc_com.c
+@@ -48,6 +48,7 @@
+ #include <rpc/rpc.h>
+ #include <rpc/rpcb_prot.h>
+ #include <rpc/svc_dg.h>
++#include <rpc/rpc_com.h>
+ #include <netconfig.h>
+ #include <errno.h>
+ #include <syslog.h>
+@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rqstp
/*__unused*/,
+ static bool_t
+ xdr_encap_parms(XDR *xdrs, struct encap_parms *epp)
+ {
+- return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0));
++ return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen),
RPC_MAXDATASIZE));
+ }
+
+ /*
diff --git a/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild
b/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild
new file mode 100644
index 00000000000..5c16cb5c982
--- /dev/null
+++ b/net-nds/rpcbind/rpcbind-0.2.4-r1.ebuild
@@ -0,0 +1,59 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="5"
+
+inherit eutils systemd
+
+if [[ ${PV} == "9999" ]] ; then
+ EGIT_REPO_URI="git://linux-nfs.org/~steved/rpcbind.git"
+ inherit autotools git-r3
+else
+ SRC_URI="mirror://sourceforge/${PN}/${P}.tar.bz2"
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390
~sh ~sparc ~x86"
+fi
+
+DESCRIPTION="portmap replacement which supports RPC over various protocols"
+HOMEPAGE="https://sourceforge.net/projects/rpcbind/";
+
+LICENSE="BSD"
+SLOT="0"
+IUSE="debug selinux systemd tcpd warmstarts"
+
+CDEPEND=">=net-libs/libtirpc-1.0:=
+ systemd? ( sys-apps/systemd:= )
+ tcpd? ( sys-apps/tcp-wrappers )"
+DEPEND="${CDEPEND}
+ virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-rpcbind )"
+
+PATCHES=(
+ "${FILESDIR}/${P}-CVE-2017-8779.patch"
+)
+
+src_prepare() {
+ [[ ${PV} == "9999" ]] && eautoreconf
+ epatch "${PATCHES[@]}"
+ epatch_user
+}
+
+src_configure() {
+ econf \
+ --bindir="${EPREFIX}"/sbin \
+ --with-statedir="${EPREFIX}"/run/${PN} \
+ --with-rpcuser=root \
+ --with-systemdsystemunitdir=$(usex systemd
"$(systemd_get_unitdir)" "no") \
+ $(use_enable tcpd libwrap) \
+ $(use_enable debug) \
+ $(use_enable warmstarts)
+}
+
+src_install() {
+ default
+
+ newinitd "${FILESDIR}"/${PN}.initd ${PN}
+ newconfd "${FILESDIR}"/${PN}.confd ${PN}
+
+ systemd_dounit "${FILESDIR}"/${PN}.service
+}
