Hello community,
here is the log from the commit of package tftp.1597 for openSUSE:12.2:Update checked in at 2013-04-24 17:28:48
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.2:Update/tftp.1597 (Old)
and /work/SRC/openSUSE:12.2:Update/.tftp.1597.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "tftp.1597", Maintainer is ""
Changes:
--------
New Changes file:
--- /dev/null 2013-04-05 00:01:41.916011506 +0200
+++ /work/SRC/openSUSE:12.2:Update/.tftp.1597.new/tftp.changes 2013-04-24 17:28:51.000000000 +0200
@@ -0,0 +1,396 @@
+-------------------------------------------------------------------
+Thu Apr 18 09:57:36 UTC 2013 - vcizek@suse.com
+
+- change ownership of /srv/tftpboot to tftp:tftp, otherwise tftp
+ daemon can't write there (bnc#813226)
+
+-------------------------------------------------------------------
+Wed Jan 2 13:18:32 UTC 2013 - vcizek@suse.com
+
+- tftp-hpa-0.48-macros-crash.patch:
+ prevent buffer overflow in handling of \x macro (bnc#793883)
+- tftp-hpa-0.48-macros-v6mapped.patch:
+ for \i and \x, expand v6-mapped addresses as native IPv4
+ (bnc#793883)
+- patches come from Michal Kubecek
+
+-------------------------------------------------------------------
+Mon Sep 3 12:53:06 UTC 2012 - vcizek@suse.com
+
+- properly get destination address when listening on secondary
+ interface (bnc#774861)
+
+-------------------------------------------------------------------
+Tue Dec 20 20:30:25 UTC 2011 - coolo@suse.com
+
+- add autoconf as buildrequire to avoid implicit dependency
+
+-------------------------------------------------------------------
+Fri Nov 11 14:51:55 UTC 2011 - vcizek@suse.com
+
+- added rules for SuSEfirewall2 (bnc#729793)
+ thanks to Lukas Ocilka
+
+-------------------------------------------------------------------
+Tue Sep 6 13:01:31 UTC 2011 - vcizek@suse.com
+
+- added missing PreReq: pwdutils
+
+-------------------------------------------------------------------
+Fri Jun 24 07:09:50 UTC 2011 - puzel@novell.com
+
+- unbreak tftp by changing to user to run as in tftpd itself,
+ not via xinetd (bnc#682340)
+
+-------------------------------------------------------------------
+Thu Jun 23 12:17:37 UTC 2011 - puzel@novell.com
+
+- update to version-5.1
+ - Add -P option to write a PID file. Patch by Ferenc Wagner.
+ - Bounce the syslog socket in standalone mode, in case the
+ syslog daemon has been restarted. Patch by Ferenc Wagner.
+ - Build fixes.
+ - Fix handling of block number wraparound after a successful
+ options negotiation.
+ - Fix a buffer overflow in option parsing.
+- fixes bnc#699714, CVE-2011-2199
+
+-------------------------------------------------------------------
+Sat Dec 11 00:00:00 UTC 2010 - chris@computersalat.de
+
+- fix spec
+ o added missing path /srv/tftpboot in files section
+
+-------------------------------------------------------------------
+Fri Dec 3 13:51:50 UTC 2010 - puzel@novell.com
+
+- update to version 5.0
+ * Try to on platforms with getaddrinfo() without AI_ADDRCONFIG or
+ AI_CANONNAME.
+ * Implement the "rollover" option, for clients which want block
+ number to rollover to anything other than zero.
+ * Correctly disable PMTU in standalone mode.
+ * Add IPv6 support. Patch by Karsten Keil.
+ * Support systems with editline instead of readline.
+ * Support long options in the server.
+- drop tftp-hpa-0.43_readline.diff (not needed)
+- drop tftp-hpa-0.46_libedit.patch (solved in upstream)
+- build with readline support
+- clean up specfile
+
+-------------------------------------------------------------------
+Fri Oct 29 23:33:18 UTC 2010 - chris@computersalat.de
+
+- fix pre
+ o no check before addding group/user (darix)
+- fix files
+ o provide /srv/tftpboot
+
+-------------------------------------------------------------------
+Wed Oct 13 21:05:23 UTC 2010 - chris@computersalat.de
+
+- add group/user tftp (bnc#472283)
+- set TFTP default DIR to /srv/tftpboot (bnc#248008,507011)
+- added Conflicts atftp, cause of overlapping binaries
+
+-------------------------------------------------------------------
+Fri Oct 1 12:07:50 UTC 2010 - puzel@novell.com
+
+- add tftp-hpa-0.48-tzfix.patch (bnc#630297)
+
+-------------------------------------------------------------------
+Tue Jun 29 08:57:01 UTC 2010 - puzel@novell.com
+
+- add tftp-hpa-0.49-fortify-strcpy-crash.patch (bnc#617675)
+
+-------------------------------------------------------------------
+Mon Sep 1 14:45:15 CEST 2008 - mrueckert@suse.de
+
+- drop lineedit support again
+- fix build to include %{optflags} with using configure
+
+-------------------------------------------------------------------
+Wed Aug 27 16:20:32 CEST 2008 - olh@suse.de
+
+- do not require autoconf 2.61
+ binutils-devel is not available in 11.0 or earlier
+
+-------------------------------------------------------------------
+Wed Aug 6 16:04:07 CEST 2008 - kkeil@suse.de
+
+- Update to current git version with enhanced IPv6 support included
+
+-------------------------------------------------------------------
+Fri Jul 18 17:56:28 CEST 2008 - kkeil@suse.de
+
+- Update to git version 0.48 for mainline compatibility; code is
+ still the same but formatting was cleaned up
+- Implement IPv6 (fate #304343)
+
+-------------------------------------------------------------------
+Thu Feb 1 21:05:23 CET 2007 - mrueckert@suse.de
+
+- update to version 0.48:
+ - Unbreak -l -s in the server, which was broken in 0.47.
+- additional changes from 0.47:
+ - Add -L option to the server to run standalone without
+ detaching from the shell.
+ - Parallel make fix.
+
+-------------------------------------------------------------------
+Tue Jan 9 11:37:58 CET 2007 - mrueckert@suse.de
+
+- update to version 0.46:
+ - Minor portability improvements.
+- additional change from 0.45:
+ Add -l (literal) option to the client, to override the special
+ treatment of the colon (:) character as a hostname separator.
+- replaced tftp-hpa-0.43_syntax.diff with tftp-hpa-0.46_colon_check.patch:
+ restore a behavior which was broken with 0.35
+- merged tftp-hpa-0.43_signdness.patch with
+ tftp-hpa-0.43_bcopy_secfix.patch. new patch:
+ tftp-hpa-0.46_bcopy_secfix.patch.
+- added tftp-hpa-0.46_libedit.patch:
+ Build against libedit to enable lineediting support.
+
+-------------------------------------------------------------------
+Thu Dec 7 04:09:55 CET 2006 - mrueckert@suse.de
+
+- update to version 0.44:
+ - Allow the client to specify a range of local port numbers, just
+ like the server can.
+ - Fix sending SIGHUP to update the regular expression table.
+
+-------------------------------------------------------------------
+Fri Oct 20 19:04:32 CEST 2006 - mrueckert@suse.de
+
+- update to version 0.43:
+ - Fix double-free error on ^c in client.
+ - Try to deal with clients that send TFTP requests to broadcasts
+ (apparently some recent Sun boxes do this instead of using the
+ address told by DHCP. Bad Sun! Bad Sun!)
+ - Portability fixes.
+- removed first chunk from tftp-hpa-0.40.diff and renamed it to
+ tftp-hpa-0.43_include_sys_params.patch. the first chunk was
+ fixed upstream.
+- patches rediffed and renamed:
+ tftp-bcopy-secfix.diff -> tftp-hpa-0.43_bcopy_secfix.patch
+ tftp-hpa-0.40.readline.diff -> tftp-hpa-0.43_readline.diff
+ tftp-hpa-0.40-syntax.diff -> tftp-hpa-0.43_syntax.diff
+- added tftp-hpa-0.43_signdness.patch:
+ fixed signedness warnings which where mostlikely caused by the
+ bcopy fixes.
+
+-------------------------------------------------------------------
+Tue Mar 14 08:24:26 CET 2006 - mrueckert@suse.de
+
+- update to version 0.42:
+ o Try to disable path MTU discovery for TFTP connections (it's
+ useless anyway.) (0.42)
+ o Add a hack to allow the admin to specify a range of local port
+ numbers to use. (0.42)
+ o Fix local IP number handling on systems which present
+ IP_RECVDSTADDR in recvmsg(). (0.42)
+ o Fix bug by which patterns of the form \U\1 weren't converted
+ correctly. (0.41)
+
+-------------------------------------------------------------------
++++ 199 more lines (skipped)
++++ between /dev/null
++++ and /work/SRC/openSUSE:12.2:Update/.tftp.1597.new/tftp.changes
New:
----
tftp-get_dst_address.patch
tftp-hpa-0.43_include_sys_params.patch
tftp-hpa-0.43_old-autoconf.diff
tftp-hpa-0.46_colon_check.patch
tftp-hpa-0.48-tzfix.patch
tftp-hpa-0.49-fortify-strcpy-crash.patch
tftp-hpa-5.1.tar.bz2
tftp-hpa-5.2-macros-crash.patch
tftp-hpa-5.2-macros-v6mapped.patch
tftp.changes
tftp.fw
tftp.spec
tftp.xinetd
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ tftp.spec ++++++
#
# spec file for package tftp
#
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
%define _fwdefdir /etc/sysconfig/SuSEfirewall2.d/services
Name: tftp
Version: 5.1
Release: 0
Summary: Trivial File Transfer Protocol (TFTP)
License: BSD-3-Clause
Group: Productivity/Networking/Ftp/Clients
Url: http://www.kernel.org/pub/software/network/tftp/
Source: http://www.kernel.org/pub/software/network/tftp/tftp-hpa-%{version}.tar.bz2
Source1: tftp.xinetd
Source2: tftp.fw
Patch0: tftp-hpa-0.43_include_sys_params.patch
Patch1: tftp-hpa-0.46_colon_check.patch
Patch4: tftp-hpa-0.49-fortify-strcpy-crash.patch
Patch5: tftp-hpa-0.48-tzfix.patch
Patch6: tftp-get_dst_address.patch
# PATCH-FIX-UPSTREAM fix macros handling (bnc#793883)
Patch7: tftp-hpa-5.2-macros-crash.patch
Patch8: tftp-hpa-5.2-macros-v6mapped.patch
Patch42: tftp-hpa-0.43_old-autoconf.diff
PreReq: pwdutils
BuildRequires: autoconf
BuildRequires: pwdutils
BuildRequires: tcpd-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%if 0%{?suse_version} > 1110
BuildRequires: binutils-devel
%endif
Requires: inet-daemon
Requires: netcfg
Conflicts: atftp
%description
The Trivial File Transfer Protocol (TFTP) is normally used only for
booting diskless workstations and for getting or saving network
component configuration files.
%prep
%setup -n %{name}-hpa-%{version}
%patch0
%patch1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%patch8 -p1
%if 0%{?suse_version} < 1030
%patch42
%endif
%build
autoreconf -fi
%configure \
--enable-largefile \
--with-tcpwrappers \
--with-remap \
--without-editline \
--with-ipv6
make
%install
%makeinstall INSTALLROOT=%{buildroot} MANDIR="%{_mandir}"
install -D -m 0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/xinetd.d/tftp
mkdir -p $RPM_BUILD_ROOT/%{_fwdefdir}
install -m 644 %SOURCE2 $RPM_BUILD_ROOT/%{_fwdefdir}/tftp
install -d -m 0750 %{buildroot}/srv/tftpboot
%pre
# This group/user is shared with atftp, so please
# keep this in sync with atftp.spec
# add group
%{_sbindir}/groupadd -r tftp 2>/dev/null || :
# add user
%{_sbindir}/useradd -c "TFTP account" -d /srv/tftpboot -G tftp -g tftp \
-r -s /bin/false tftp 2>/dev/null || :
%clean
rm -rf %{buildroot};
%files
%defattr(-,root,root)
%doc README README.security tftpd/sample.rules
%{_bindir}/tftp
%{_sbindir}/in.tftpd
%{_mandir}/man1/tftp.1.gz
%{_mandir}/man8/in.tftpd.8.gz
%{_mandir}/man8/tftpd.8.gz
%config(noreplace) %{_sysconfdir}/xinetd.d/tftp
%config %{_fwdefdir}/tftp
%dir %attr(0750,tftp,tftp) /srv/tftpboot
%changelog
++++++ tftp-get_dst_address.patch ++++++
Index: tftp-hpa-git-0.48/tftpd/recvfrom.c
===================================================================
--- tftp-hpa-git-0.48.orig/tftpd/recvfrom.c 2008-07-31 12:46:57.000000000 +0200
+++ tftp-hpa-git-0.48/tftpd/recvfrom.c 2012-08-21 21:23:29.729823813 +0200
@@ -81,6 +81,14 @@ static int address_is_local(const union
if (sockfd < 0)
goto err;
+
+ /* check if we can bind to that address */
+ if (bind(sockfd, &addr->sa, SOCKLEN(addr)) == 0) {
+ /* success -> stop the testing */
+ rv = 1;
+ goto err;
+ }
+
if (connect(sockfd, &addr->sa, SOCKLEN(addr)))
goto err;
@@ -88,6 +96,10 @@ static int address_is_local(const union
if (getsockname(sockfd, (struct sockaddr *)&sa, &addrlen))
goto err;
+ /* if the request came via a secondary address,
+ * the following tests fail, because connect
+ * binds to the primary address for datagram sockets
+ */
if (addr->sa.sa_family == AF_INET)
rv = sa.si.sin_addr.s_addr == addr->si.sin_addr.s_addr;
#ifdef HAVE_IPV6
@@ -142,16 +154,13 @@ myrecvfrom(int s, void *buf, int len, un
/* Try to enable getting the return address */
#ifdef IP_RECVDSTADDR
- if (from->sa_family == AF_INET)
setsockopt(s, IPPROTO_IP, IP_RECVDSTADDR, &on, sizeof(on));
#endif
#ifdef IP_PKTINFO
- if (from->sa_family == AF_INET)
setsockopt(s, IPPROTO_IP, IP_PKTINFO, &on, sizeof(on));
#endif
#ifdef HAVE_IPV6
#ifdef IPV6_RECVPKTINFO
- if (from->sa_family == AF_INET6)
setsockopt(s, IPPROTO_IPV6, IPV6_RECVPKTINFO, &on, sizeof(on));
#endif
#endif
@@ -160,6 +169,7 @@ myrecvfrom(int s, void *buf, int len, un
msg.msg_controllen = sizeof(control_un);
msg.msg_flags = 0;
+ /* note: from is not initialized when receiving first request */
msg.msg_name = from;
msg.msg_namelen = *fromlen;
iov.iov_base = buf;
++++++ tftp-hpa-0.43_include_sys_params.patch ++++++
Index: tftp/main.c
===================================================================
--- tftp/main.c.orig
+++ tftp/main.c
@@ -39,6 +39,7 @@
* TFTP User Program -- Command Interface.
*/
#include