mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-17 09:32:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

xinetd: CVE-2013-4342

Browse Source 
xinetd does not enforce the user and group configuration directives
for TCPMUX services, which causes these services to be run as root
and makes it easier for remote attackers to gain privileges by
leveraging another vulnerability in a service.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4342

the patch come from:
https://bugzilla.redhat.com/attachment.cgi?id=799732&action=diff

(From OE-Core rev: c6ccb09cee54a7b9d953f58fbb8849fd7d7de6a9)

Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Li Wang
2013-12-05 17:52:17 -06:00
committed by Richard Purdie
parent d1cb9ec1c2
commit bd477cd98b
2 changed files with 33 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
meta/recipes-extended/xinetd/xinetd/xinetd-CVE-2013-4342.patch Normal file
View File

@@ -0,0 +1,32 @@
xinetd: CVE-2013-4342
xinetd does not enforce the user and group configuration directives
for TCPMUX services, which causes these services to be run as root
and makes it easier for remote attackers to gain privileges by
leveraging another vulnerability in a service.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4342
the patch come from:
https://bugzilla.redhat.com/attachment.cgi?id=799732&action=diff
Signed-off-by: Li Wang <li.wang@windriver.com>
---
xinetd/builtins.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/xinetd/builtins.c b/xinetd/builtins.c
index 3b85579..34a5bac 100644
--- a/xinetd/builtins.c
+++ b/xinetd/builtins.c
@@ -617,7 +617,7 @@ static void tcpmux_handler( const struct server *serp )
if( SC_IS_INTERNAL( scp ) ) {
SC_INTERNAL(scp, nserp);
} else {
- exec_server(nserp);
+ child_process(nserp);
}
}
--
1.7.9.5

1
meta/recipes-extended/xinetd/xinetd_2.3.15.bb
View File

@@ -16,6 +16,7 @@ SRC_URI = "http://www.xinetd.org/xinetd-${PV}.tar.gz \
file://Various-fixes-from-the-previous-maintainer.patch \
file://Disable-services-from-inetd.conf-if-a-service-with-t.patch \
file://xinetd-should-be-able-to-listen-on-IPv6-even-in-ine.patch \
file://xinetd-CVE-2013-4342.patch \
"
SRC_URI[md5sum] = "77358478fd58efa6366accae99b8b04c"