Hello community, here is the log from the commit of package vsftpd for openSUSE:Factory checked in at 2015-02-27 11:03:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/vsftpd (Old) and /work/SRC/openSUSE:Factory/.vsftpd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "vsftpd" Changes: -------- --- /work/SRC/openSUSE:Factory/vsftpd/vsftpd.changes 2015-01-09 01:11:17.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.vsftpd.new/vsftpd.changes 2015-02-27 11:03:47.000000000 +0100 @@ -1,0 +2,7 @@ +Fri Feb 20 12:13:42 UTC 2015 - tchvatal@suse.com + +- Add service calls for other unit files too +- Udate filter patch to work as expected: + * vsftpd-2.1.0-filter.patch + +------------------------------------------------------------------- @@ -5 +12 @@ - from fedora. bnc#900326 + from fedora. bnc#900326 bnc#915522 CVE-2015-1419 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ vsftpd.spec ++++++ --- /var/tmp/diff_new_pack.NTKCN5/_old 2015-02-27 11:03:48.000000000 +0100 +++ /var/tmp/diff_new_pack.NTKCN5/_new 2015-02-27 11:03:48.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package vsftpd # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -129,16 +129,16 @@ %pre %{_sbindir}/useradd -r -g nogroup -s /bin/false -c "Secure FTP User" -d %{_localstatedir}/lib/empty ftpsecure 2> /dev/null || : -%service_add_pre %{name}.service +%service_add_pre %{name}.service %{name}@.service %{name}.socket %preun -%service_del_preun %{name}.service +%service_del_preun %{name}.service %{name}@.service %{name}.socket %post -%service_add_post %{name}.service +%service_add_post %{name}.service %{name}@.service %{name}.socket %postun -%service_del_postun %{name}.service +%service_del_postun %{name}.service %{name}@.service %{name}.socket %files %defattr(-,root,root) ++++++ vsftpd-2.1.0-filter.patch ++++++ --- /var/tmp/diff_new_pack.NTKCN5/_old 2015-02-27 11:03:48.000000000 +0100 +++ /var/tmp/diff_new_pack.NTKCN5/_new 2015-02-27 11:03:48.000000000 +0100 @@ -1,44 +1,74 @@ -diff -up vsftpd-2.1.0/ls.c.filter vsftpd-2.1.0/ls.c ---- vsftpd-2.1.0/ls.c.filter 2008-02-02 02:30:41.000000000 +0100 -+++ vsftpd-2.1.0/ls.c 2009-01-08 19:31:15.000000000 +0100 -@@ -239,9 +239,31 @@ vsf_filename_passes_filter(const struct +Index: vsftpd-3.0.2/ls.c +=================================================================== +--- vsftpd-3.0.2.orig/ls.c ++++ vsftpd-3.0.2/ls.c +@@ -7,6 +7,7 @@ + * Would you believe, code to handle directory listing. + */ + ++#include <stdlib.h> + #include "ls.h" + #include "access.h" + #include "defs.h" +@@ -243,11 +244,42 @@ vsf_filename_passes_filter(const struct + struct mystr temp_str = INIT_MYSTR; + struct mystr brace_list_str = INIT_MYSTR; + struct mystr new_filter_str = INIT_MYSTR; ++ struct mystr normalize_filename_str = INIT_MYSTR; ++ const char *normname; ++ const char *path; int ret = 0; char last_token = 0; int must_match_at_current_pos = 1; -+ -+ ++ str_copy(&filter_remain_str, p_filter_str); - str_copy(&name_remain_str, p_filename_str); -- -+ -+ if (!str_isempty (&filter_remain_str) && !str_isempty(p_filename_str)) { ++ ++ /* normalize filepath */ ++ path = str_strdup(p_filename_str); ++ normname = realpath(path, NULL); ++ if (normname == NULL) ++ goto out; ++ str_alloc_text(&normalize_filename_str, normname); ++ ++ if (!str_isempty (&filter_remain_str) && !str_isempty(&normalize_filename_str)) { + if (str_get_char_at(p_filter_str, 0) == '/') { -+ if (str_get_char_at(p_filename_str, 0) != '/') { ++ if (str_get_char_at(&normalize_filename_str, 0) != '/') { + str_getcwd (&name_remain_str); -+ ++ + if (str_getlen(&name_remain_str) > 1) /* cwd != root dir */ + str_append_char (&name_remain_str, '/'); -+ -+ str_append_str (&name_remain_str, p_filename_str); ++ ++ str_append_str (&name_remain_str, &normalize_filename_str); + } + else -+ str_copy (&name_remain_str, p_filename_str); ++ str_copy (&name_remain_str, &normalize_filename_str); + } else { + if (str_get_char_at(p_filter_str, 0) != '{') -+ str_basename (&name_remain_str, p_filename_str); ++ str_basename (&name_remain_str, &normalize_filename_str); + else -+ str_copy (&name_remain_str, p_filename_str); ++ str_copy (&name_remain_str, &normalize_filename_str); + } + } else -+ str_copy(&name_remain_str, p_filename_str); -+ ++ str_copy(&name_remain_str, &normalize_filename_str); + while (!str_isempty(&filter_remain_str) && *iters < VSFTP_MATCHITERS_MAX) { - static struct mystr s_match_needed_str; -diff -up vsftpd-2.1.0/str.c.filter vsftpd-2.1.0/str.c ---- vsftpd-2.1.0/str.c.filter 2008-12-17 06:54:16.000000000 +0100 -+++ vsftpd-2.1.0/str.c 2009-01-08 19:31:15.000000000 +0100 -@@ -680,3 +680,14 @@ str_replace_unprintable(struct mystr* p_ +@@ -360,6 +392,9 @@ vsf_filename_passes_filter(const struct + ret = 0; + } + out: ++ free(normname); ++ free(path); ++ str_free(&normalize_filename_str); + str_free(&filter_remain_str); + str_free(&name_remain_str); + str_free(&temp_str); +Index: vsftpd-3.0.2/str.c +=================================================================== +--- vsftpd-3.0.2.orig/str.c ++++ vsftpd-3.0.2/str.c +@@ -770,3 +770,14 @@ str_replace_unprintable(struct mystr* p_ } } @@ -53,10 +83,11 @@ + if (str_isempty(d_str)) + str_copy (d_str, path); +} -diff -up vsftpd-2.1.0/str.h.filter vsftpd-2.1.0/str.h ---- vsftpd-2.1.0/str.h.filter 2008-12-17 06:53:23.000000000 +0100 -+++ vsftpd-2.1.0/str.h 2009-01-08 19:32:14.000000000 +0100 -@@ -100,6 +100,7 @@ void str_replace_unprintable(struct myst +Index: vsftpd-3.0.2/str.h +=================================================================== +--- vsftpd-3.0.2.orig/str.h ++++ vsftpd-3.0.2/str.h +@@ -101,6 +101,7 @@ void str_replace_unprintable(struct myst int str_atoi(const struct mystr* p_str); filesize_t str_a_to_filesize_t(const struct mystr* p_str); unsigned int str_octal_to_uint(const struct mystr* p_str); -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org