From 11f7f19cb8456cc9a5e01d1791279307b57828d0 Mon Sep 17 00:00:00 2001 From: Anibal Monsalve Salazar Date: Fri, 6 Mar 2009 13:36:45 +1100 Subject: [PATCH] Imported Debian patch 1.1.5-1 --- debian/changelog | 18 ++++++++++++++++++ .../05-default-use-old-mount-interface.patch | 14 -------------- debian/patches/06-dont-check-exec-bit.patch | 15 --------------- debian/patches/09-492827-cache.c.patch | 17 ----------------- debian/watch | 2 +- 5 files changed, 19 insertions(+), 47 deletions(-) delete mode 100644 debian/patches/05-default-use-old-mount-interface.patch delete mode 100644 debian/patches/06-dont-check-exec-bit.patch delete mode 100644 debian/patches/09-492827-cache.c.patch diff --git a/debian/changelog b/debian/changelog index 66472bb..27271f4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +nfs-utils (1:1.1.5-1) experimental; urgency=low + + * New upstream release + * Update debian/watch + + -- Anibal Monsalve Salazar Fri, 06 Mar 2009 13:36:45 +1100 + nfs-utils (1:1.1.4-1) unstable; urgency=low * New upstream release. Patch status: @@ -39,6 +46,17 @@ nfs-utils (1:1.1.3-1) unstable; urgency=low -- Anibal Monsalve Salazar Tue, 29 Jul 2008 18:08:42 +1000 +nfs-utils (1:1.1.2-6lenny1) testing-proposed-updates; urgency=high + + * Fix CVE-2008-4552 + nfs-utils 1.1.2, and possibly other versions before 1.1.3, invokes the + host_ctl function with the wrong order of arguments, which causes TCP + Wrappers to ignore netgroups and allows remote attackers to bypass + intended access restrictions. + Closes: #502680 + + -- Anibal Monsalve Salazar Sun, 19 Oct 2008 13:37:33 +1100 + nfs-utils (1:1.1.2-6) unstable; urgency=high * Load nfsd.ko before starting idmapd, to hopefully fix NFSv4 export issues. diff --git a/debian/patches/05-default-use-old-mount-interface.patch b/debian/patches/05-default-use-old-mount-interface.patch deleted file mode 100644 index 798505b..0000000 --- a/debian/patches/05-default-use-old-mount-interface.patch +++ /dev/null @@ -1,14 +0,0 @@ -Index: nfs-utils-1.1.2/utils/mount/mount.c -=================================================================== ---- nfs-utils-1.1.2.orig/utils/mount/mount.c 2008-07-11 18:56:00.000000000 +0200 -+++ nfs-utils-1.1.2/utils/mount/mount.c 2008-07-11 18:56:06.000000000 +0200 -@@ -189,9 +189,6 @@ - } - if (nfs_mount_data_version > NFS_MOUNT_VERSION) - nfs_mount_data_version = NFS_MOUNT_VERSION; -- else -- if (kernel_version > MAKE_VERSION(2, 6, 22)) -- string++; - } - - static void print_one(char *spec, char *node, char *type, char *opts) diff --git a/debian/patches/06-dont-check-exec-bit.patch b/debian/patches/06-dont-check-exec-bit.patch deleted file mode 100644 index 28606e2..0000000 --- a/debian/patches/06-dont-check-exec-bit.patch +++ /dev/null @@ -1,15 +0,0 @@ -Index: nfs-utils-1.1.2/utils/mount/mount.c -=================================================================== ---- nfs-utils-1.1.2.orig/utils/mount/mount.c 2008-07-11 18:59:58.000000000 +0200 -+++ nfs-utils-1.1.2/utils/mount/mount.c 2008-07-11 18:59:58.000000000 +0200 -@@ -381,10 +381,6 @@ - mount_error(NULL, mount_point, ENOTDIR); - return 1; - } -- if (access(mount_point, X_OK) < 0) { -- mount_error(NULL, mount_point, errno); -- return 1; -- } - - return 0; - } diff --git a/debian/patches/09-492827-cache.c.patch b/debian/patches/09-492827-cache.c.patch deleted file mode 100644 index 0d0086b..0000000 --- a/debian/patches/09-492827-cache.c.patch +++ /dev/null @@ -1,17 +0,0 @@ -http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=492827 -Patch by Neil Brown - -diff --git a/utils/mountd/cache.c b/utils/mountd/cache.c -index f555dcc..48d737b 100644 ---- a/utils/mountd/cache.c -+++ b/utils/mountd/cache.c -@@ -158,7 +158,8 @@ void auth_unix_gid(FILE *f) - qword_printint(f, ngroups); - for (i=0; i