summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--abs/extra/xinetd/PKGBUILD26
-rw-r--r--abs/extra/xinetd/fix-CVE-2013-4342.patch13
-rw-r--r--abs/extra/xinetd/xinetd.service2
3 files changed, 30 insertions, 11 deletions
diff --git a/abs/extra/xinetd/PKGBUILD b/abs/extra/xinetd/PKGBUILD
index 3ed7dee..53d5b93 100644
--- a/abs/extra/xinetd/PKGBUILD
+++ b/abs/extra/xinetd/PKGBUILD
@@ -1,10 +1,10 @@
-# $Id: PKGBUILD 162234 2012-06-24 05:44:41Z tpowa $
+# $Id: PKGBUILD 196783 2013-10-19 06:36:43Z tpowa $
# Maintainer: Tobias Powalowski <tpowa@archlinux.org>
# Contributor: Judd <jvinet@zeroflux.org>
pkgname=xinetd
pkgver=2.3.15
-pkgrel=2
+pkgrel=4
pkgdesc="A secure replacement for inetd"
arch=('i686' 'x86_64')
url="http://www.xinetd.org/"
@@ -13,29 +13,35 @@ optdepends=('perl: for xconv.pl script')
backup=('etc/xinetd.conf' 'etc/xinetd.d/servers' 'etc/xinetd.d/services')
source=(http://www.xinetd.org/xinetd-$pkgver.tar.gz
xinetd.conf
- xinetd
servers
services
- xinetd.service)
+ xinetd.service
+ fix-CVE-2013-4342.patch)
md5sums=('77358478fd58efa6366accae99b8b04c'
'f109f699a07bc8cfb5791060f5e87f9e'
- 'ea37a2794f202e6b953d9b6956dad16a'
'21f47b4aa20921cfaddddd9f9a407f81'
'9fa2061dc7dd738c8424251deb86f81e'
- '08466ed714ea8ba42ad81f6fb3aa62e7')
+ '38be35b6e7146dc59902e243d9063b4c'
+ 'b14615c73753ceffbcc96d5e08f3c18d')
-build() {
+prepare() {
cd $srcdir/$pkgname-$pkgver
sed -i "s#${prefix}/man#${prefix}/share/man#" configure
- ./configure --prefix=/usr --without-libwrap
+ # fix #37310
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1006100#c
+ patch -Np1 -i $srcdir/fix-CVE-2013-4342.patch
+}
+
+build() {
+ cd $srcdir/$pkgname-$pkgver
+ ./configure --prefix=/usr --sbindir=/usr/bin --without-libwrap
make
}
package() {
cd $srcdir/$pkgname-$pkgver
- make prefix=$pkgdir/usr install
+ make prefix=$pkgdir/usr DAEMONDIR=$pkgdir/usr/bin install
- install -Dm755 $srcdir/xinetd $pkgdir/etc/rc.d/xinetd
install -Dm644 $srcdir/xinetd.conf $pkgdir/etc/xinetd.conf
install -Dm644 $srcdir/servers $pkgdir/etc/xinetd.d/servers
install -Dm644 $srcdir/services $pkgdir/etc/xinetd.d/services
diff --git a/abs/extra/xinetd/fix-CVE-2013-4342.patch b/abs/extra/xinetd/fix-CVE-2013-4342.patch
new file mode 100644
index 0000000..83506c9
--- /dev/null
+++ b/abs/extra/xinetd/fix-CVE-2013-4342.patch
@@ -0,0 +1,13 @@
+diff --git a/xinetd/builtins.c b/xinetd/builtins.c
+index e61502f..a414cf3 100644
+--- a/xinetd/builtins.c
++++ b/xinetd/builtins.c
+@@ -695,7 +695,7 @@ static void tcpmux_handler( const struct server *serp )
+ if( SC_IS_INTERNAL( scp ) ) {
+ SC_INTERNAL(scp, nserp);
+ } else {
+- exec_server(nserp);
++ child_process(nserp);
+ }
+ }
+
diff --git a/abs/extra/xinetd/xinetd.service b/abs/extra/xinetd/xinetd.service
index c6f6271..1c587e2 100644
--- a/abs/extra/xinetd/xinetd.service
+++ b/abs/extra/xinetd/xinetd.service
@@ -3,7 +3,7 @@ Description=A secure replacement for inetd
After=network.target
[Service]
-ExecStart=/usr/sbin/xinetd -dontfork
+ExecStart=/usr/bin/xinetd -dontfork
ExecReload=/bin/kill -HUP $MAINPID
[Install]