Compare commits
No commits in common. "056276bfa6a1174b0e81bb28b562870a76b17922" and "2d248d52ba04324f20d8d48b6333f4498d6b158f" have entirely different histories.
056276bfa6
...
2d248d52ba
@ -1,48 +0,0 @@
|
||||
Description: Fix remote DoS vulnerability in inetutils-telnetd
|
||||
This is caused by a crash by a NULL pointer dereference when sending the
|
||||
byte sequences «0xff 0xf7» or «0xff 0xf8».
|
||||
Authors:
|
||||
Pierre Kim (original patch),
|
||||
Alexandre Torres (original patch),
|
||||
Erik Auerswald <auerswal@unix-ag.uni-kl.de> (adapted patch),
|
||||
Reviewed-by: Erik Auerswald <auerswal@unix-ag.uni-kl.de>
|
||||
Origin: upstream
|
||||
Ref: https://pierrekim.github.io/blog/2022-08-24-2-byte-dos-freebsd-netbsd-telnetd-netkit-telnetd-inetutils-telnetd-kerberos-telnetd.html
|
||||
Forwarded: https://lists.gnu.org/archive/html/bug-inetutils/2022-08/msg00002.html
|
||||
Last-Update: 2022-08-28
|
||||
|
||||
---
|
||||
telnetd/state.c | 14 +++++++++++---
|
||||
1 file changed, 11 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/telnetd/state.c b/telnetd/state.c
|
||||
index 0dc61a2..befc9d0 100644
|
||||
--- a/telnetd/state.c
|
||||
+++ b/telnetd/state.c
|
||||
@@ -206,12 +206,20 @@ void telrcv(void) {
|
||||
case EC:
|
||||
case EL:
|
||||
{
|
||||
- cc_t ch;
|
||||
+ cc_t ch = (cc_t) (_POSIX_VDISABLE);
|
||||
DIAG(TD_OPTIONS, printoption("td: recv IAC", c));
|
||||
ptyflush(); /* half-hearted */
|
||||
init_termbuf();
|
||||
- if (c == EC) ch = *slctab[SLC_EC].sptr;
|
||||
- else ch = *slctab[SLC_EL].sptr;
|
||||
+ if (c == EC)
|
||||
+ {
|
||||
+ if (slctab[SLC_EC].sptr)
|
||||
+ ch = *slctab[SLC_EC].sptr;
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ if (slctab[SLC_EL].sptr)
|
||||
+ ch = *slctab[SLC_EL].sptr;
|
||||
+ }
|
||||
if (ch != (cc_t)(_POSIX_VDISABLE))
|
||||
*pfrontp++ = (unsigned char)ch;
|
||||
break;
|
||||
--
|
||||
2.33.0
|
||||
|
||||
35
telnet.spec
35
telnet.spec
@ -1,15 +1,17 @@
|
||||
Name: telnet
|
||||
Epoch: 1
|
||||
Version: 0.17
|
||||
Release: 80
|
||||
Release: 76
|
||||
Summary: Client and Server programs for the Telnet communication protocol
|
||||
License: BSD
|
||||
Url: http://web.archive.org/web/20070819111735/www.hcs.harvard.edu/~dholland/computers/old-netkit.html
|
||||
Source0: https://ftp.linux.org.uk/pub/linux/Networking/netkit/netkit-telnet-0.17.tar.gz
|
||||
Source0: ftp://ftp.uk.linux.org/pub/linux/Networking/netkit/netkit-telnet-%{version}.tar.gz
|
||||
#sources form fedora/redhat
|
||||
Source1: telnet-client.tar.gz
|
||||
Source2: telnet@.service
|
||||
Source3: telnet.socket
|
||||
|
||||
#patches from fedora/redhat repositories
|
||||
Patch0001: telnet-client-cvs.patch
|
||||
Patch0002: telnetd-0.17.diff
|
||||
Patch0003: telnet-0.17-env.patch
|
||||
@ -37,7 +39,6 @@ Patch0024: netkit-telnet-0.17-gcc7.patch
|
||||
Patch0025: netkit-telnet-0.17-manpage.patch
|
||||
Patch0026: netkit-telnet-0.17-telnetrc.patch
|
||||
Patch0027: CVE-2020-10188.patch
|
||||
Patch0028: backport-CVE-2022-39028.patch
|
||||
|
||||
BuildRequires: gcc-c++ ncurses-devel systemd
|
||||
Requires: systemd
|
||||
@ -64,11 +65,11 @@ mv -f telnet telnet-NETKIT
|
||||
%autosetup -T -D -a 1 -n netkit-telnet-%{version} -p1
|
||||
|
||||
%build
|
||||
%{_configure} --with-c-compiler=%{__cc} --prefix=%{_prefix} --exec-prefix=%{_exec_prefix}
|
||||
%{_configure} --with-c-compiler=gcc --prefix=%{_prefix} --exec-prefix=%{_exec_prefix}
|
||||
sed -i 's,-O2,\$(CC_FLAGS),;s,LDFLAGS=.*,LDFLAGS=\$(LD_FLAGS),;s,^MANDIR=.*$,MANDIR=%{_mandir},' MCONFIG
|
||||
sed -i 's,install [+-]s,install,g' ./telnet/GNUmakefile ./telnetd/Makefile ./telnetlogin/Makefile ./telnet-NETKIT/Makefile
|
||||
|
||||
%make_build CC_FLAGS="$RPM_OPT_FLAGS -fpie -Wno-error=int-conversion" LD_FLAGS="$LD_FLAGS -z now -pie"
|
||||
%make_build CC_FLAGS="$RPM_OPT_FLAGS -fpie" LD_FLAGS="$LD_FLAGS -z now -pie"
|
||||
|
||||
%install
|
||||
install -d %{buildroot}{%{_bindir},%{_sbindir},%{_mandir}/man{1,5,8}}
|
||||
@ -101,30 +102,6 @@ install -pm644 %{SOURCE3} %{buildroot}%{_unitdir}/telnet.socket
|
||||
%{_mandir}/man1/telnet.1*
|
||||
|
||||
%changelog
|
||||
* Mon Apr 01 2024 gaihuiying <eaglegai@163.com> - 1:0.17-80
|
||||
- Type:cves
|
||||
- CVE:CVE-2022-39028
|
||||
- SUG:NA
|
||||
- DESC:fix CVE-2022-39028
|
||||
|
||||
* Wed Aug 30 2023 renyi <977713017@qq.com> - 1:0.17-79
|
||||
- Type:Feature
|
||||
- ID:NA
|
||||
- SUG:NA
|
||||
- DESC:add clang compile support
|
||||
|
||||
* Tue Dec 15 2020 xihaochen <xihaochen@huawei.com> - 1:0.17-78
|
||||
- Type:requirement
|
||||
- ID:NA
|
||||
- SUG:NA
|
||||
- DESC:remove sensitive words
|
||||
|
||||
* Fri Sep 11 2020 lunankun <lunankun@huawei.com> - 1:0.17-77
|
||||
- Type:bugfix
|
||||
- ID:NA
|
||||
- SUG:NA
|
||||
- DESC:fix source0 url
|
||||
|
||||
* Mon Apr 27 2020 openEuler Buildteam <buildteam@openeuler.org> - 1:0.17-76
|
||||
- Type:cves
|
||||
- ID:CVE-2020-10188
|
||||
|
||||
@ -1,5 +0,0 @@
|
||||
version_control: NA
|
||||
src_repo:
|
||||
tag_prefix:
|
||||
separator:
|
||||
url: https://ftp.linux.org.uk/pub/linux/Networking/netkit
|
||||
Loading…
x
Reference in New Issue
Block a user