gentoo resync : 10.11.2019

author: V3n3RiX <venerix@redcorelinux.org> 2019-11-10 13:21:36 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2019-11-10 13:21:36 +0000
commit: 77398e424e45d9e98c1cef3c43bdadb9d56e81ef (patch)
tree: 5aeffd3fc7b92fc615bd2c222fa8831aeda1925b /net-dns/avahi/files
parent: bd4aeefe33e63f613512604e47bfca7b2187697d (diff)
4 files changed, 45 insertions, 134 deletions
diff --git a/net-dns/avahi/files/avahi-0.6.30-optional-gtk-utils.patch b/net-dns/avahi/files/avahi-0.6.30-optional-gtk-utils.patch
deleted file mode 100644
index 2c615a2b3a0a..000000000000
--- a/net-dns/avahi/files/avahi-0.6.30-optional-gtk-utils.patch
+++ /dev/null
@@ -1,83 +0,0 @@
---- avahi-discover-standalone/Makefile.am
-+++ avahi-discover-standalone/Makefile.am
-@@ -23,7 +23,7 @@
- # This cool debug trap works on i386/gcc only
- AM_CFLAGS+='-DDEBUG_TRAP=__asm__("int $$3")'
- 
--if HAVE_GTK2OR3
-+if ENABLE_GTK_UTILS
- if HAVE_GLIB
- bin_PROGRAMS = \
- 	avahi-discover-standalone
---- avahi-ui/Makefile.am
-+++ avahi-ui/Makefile.am
-@@ -76,6 +76,7 @@
- libavahi_ui_gtk3_la_CFLAGS += -DDATABASE_FILE=\"$(pkglibdir)/service-types.db\"
- endif
- 
-+if ENABLE_GTK_UTILS
- bin_PROGRAMS = bssh
- desktop_DATA += bssh.desktop bvnc.desktop
- @INTLTOOL_DESKTOP_RULE@
-@@ -102,6 +103,7 @@
- bvnc.desktop.in: bvnc.desktop.in.in
- 	$(AM_V_GEN)sed -e 's,@bindir\@,$(bindir),g' $< > $@
- 
-+endif # ENABLE_GTK_UTILS
- endif # HAVE_GLIB
- endif
- endif
---- configure.ac
-+++ configure.ac
-@@ -564,7 +564,29 @@
- fi
- AM_CONDITIONAL(HAVE_GTK3, test "x$HAVE_GTK3" = "xyes")
- 
--AM_CONDITIONAL(HAVE_GTK2OR3, test "x$HAVE_GTK3" = "xyes" -o "x$HAVE_GTK" = "xyes" )
-+#
-+# Check for GTK+ Utils
-+#
-+AC_ARG_ENABLE(gtk-utils,
-+        AS_HELP_STRING([--disable-gtk-utils],[Disable GTK+ utilities]),
-+        [case "${enableval}" in
-+                yes) WANT_GTK_UTILS=yes ;;
-+                no)  WANT_GTK_UTILS=no ;;
-+                *) AC_MSG_ERROR(bad value ${enableval} for --enable-gtk-utils) ;;
-+        esac],
-+        [WANT_GTK_UTILS=yes])
-+
-+ENABLE_GTK_UTILS=no
-+HAVE_GTK2OR3=no
-+if test "x$HAVE_GTK3" = "xyes" -o "x$HAVE_GTK" = "xyes"; then
-+	HAVE_GTK2OR3=yes
-+	if test "x$WANT_GTK_UTILS" = "xyes"; then
-+		ENABLE_GTK_UTILS=yes
-+	fi
-+fi
-+
-+AM_CONDITIONAL(HAVE_GTK2OR3, test "x$HAVE_GTK2OR3" = "xyes")
-+AM_CONDITIONAL(ENABLE_GTK_UTILS, test "x$ENABLE_GTK_UTILS" = "xyes")
- 
- #
- # D-Bus
-@@ -1199,11 +1221,6 @@
-    ENABLE_AUTOIPD="no   (You need libdaemon!)"
- fi
- 
--HAVE_GTK2OR3=no
--if test "x$HAVE_GTK" = "xyes" -o "x$HAVE_GTK3" = "xyes" ; then
--   HAVE_GTK2OR3=yes
--fi
--
- BUILD_UI="no"
- if test "x$HAVE_GTK2OR3" = "xyes" -a "x$BUILD_CLIENT" = "xyes" ; then
-    BUILD_UI="yes"
-@@ -1223,7 +1240,7 @@
-     Building avahi-python:              ${BUILD_PYTHON}
-     Building libavahi-glib:             ${HAVE_GLIB}
-     Building libavahi-gobject:          ${BUILD_GOBJECT}
--    Building avahi-discover-standalone: ${HAVE_GTK2OR3}
-+    Building avahi-discover-standalone: ${ENABLE_GTK_UTILS}
-     Building libavahi-qt3:              ${HAVE_QT3}
-     Building libavahi-qt4:              ${HAVE_QT4}
-     Building avahi-sharp:               ${HAVE_MONO}
diff --git a/net-dns/avahi/files/avahi-0.6.31-fix-install-avahi-discover.patch b/net-dns/avahi/files/avahi-0.6.31-fix-install-avahi-discover.patch
deleted file mode 100644
index 62ba967c26ff..000000000000
--- a/net-dns/avahi/files/avahi-0.6.31-fix-install-avahi-discover.patch
+++ /dev/null
@@ -1,31 +0,0 @@
---- avahi-0.6.30.old/avahi-python/avahi-discover/Makefile.am	2010-06-28 23:30:34.000000000 -0400
-+++ avahi-0.6.30/avahi-python/avahi-discover/Makefile.am	2012-04-21 18:02:01.642934527 -0400
-@@ -22,6 +22,7 @@
- 	avahi-discover.py \
- 	avahi-discover.desktop.in.in
- 
-+if ENABLE_GTK_UTILS
- if HAVE_PYTHON
- if HAVE_PYTHON_DBUS
- if HAVE_PYGTK
-@@ -67,3 +68,4 @@
- endif
- endif
- endif
-+endif
---- avahi-0.6.30.old/man/Makefile.am	2012-04-21 18:10:45.690900742 -0400
-+++ avahi-0.6.30/man/Makefile.am	2012-04-21 18:09:15.146906578 -0400
-@@ -65,11 +65,13 @@
- man_MANS += \
- 	avahi-bookmarks.1
- if HAVE_GTK
-+if ENABLE_GTK_UTILS
- man_MANS += \
- 	avahi-discover.1
- endif
- endif
- endif
-+endif
- 
- if ENABLE_AUTOIPD
- if HAVE_LIBDAEMON
diff --git a/net-dns/avahi/files/avahi-0.6.31-fix-locale-build.patch b/net-dns/avahi/files/avahi-0.6.31-fix-locale-build.patch
deleted file mode 100644
index b0e47e907462..000000000000
--- a/net-dns/avahi/files/avahi-0.6.31-fix-locale-build.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-avahi-gobject fails to build under et_EE and possibly other locales.
-
-The regex for a sed in avahi-gobject/Makefile fails under various locales.
-Forcing LC_ALL=C fixes the issue.
-
-X-Gentoo-Bug: 501664
-X-Gentoo-Bug-URL: https://bugs.gentoo.org/501664
-
-diff -Naur avahi-0.6.31.orig/avahi-gobject/Makefile.am avahi-0.6.31/avahi-gobject/Makefile.am
---- avahi-0.6.31.orig/avahi-gobject/Makefile.am	2010-08-25 20:51:39.007153001 -0400
-+++ avahi-0.6.31/avahi-gobject/Makefile.am	2014-09-07 19:00:05.485657990 -0400
-@@ -76,7 +76,7 @@
- 
- signals-marshal.list: $(CORE_SOURCES) Makefile.am
- 	$(AM_V_GEN)( cd $(srcdir) && \
--	sed -n -e 's/.*_ga_signals_marshal_\([A-Z]*__[A-Z_]*\).*/\1/p' \
-+	LC_ALL=C sed -n -e 's/.*_ga_signals_marshal_\([A-Z]*__[A-Z_]*\).*/\1/p' \
- 		$(CORE_SOURCES) ) \
- 		| sed -e 's/__/:/' -e 'y/_/,/' | sort -u > $@.tmp && \
- 	if cmp -s $@.tmp $@; then \
diff --git a/net-dns/avahi/files/avahi-0.7-CVE-2017-6519.patch b/net-dns/avahi/files/avahi-0.7-CVE-2017-6519.patch
new file mode 100644
index 000000000000..5fadfbc28928
--- /dev/null
+++ b/net-dns/avahi/files/avahi-0.7-CVE-2017-6519.patch
@@ -0,0 +1,45 @@
+From e111def44a7df4624a4aa3f85fe98054bffb6b4f Mon Sep 17 00:00:00 2001
+From: Trent Lloyd <trent@lloyd.id.au>
+Date: Sat, 22 Dec 2018 09:06:07 +0800
+Subject: [PATCH] Drop legacy unicast queries from address not on local link
+
+When handling legacy unicast queries, ensure that the source IP is
+inside a subnet on the local link, otherwise drop the packet.
+
+Fixes #145
+Fixes #203
+CVE-2017-6519
+CVE-2018-100084
+---
+ avahi-core/server.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/avahi-core/server.c b/avahi-core/server.c
+index a2cb19a..a2580e3 100644
+--- a/avahi-core/server.c
++++ b/avahi-core/server.c
+@@ -930,6 +930,7 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres
+ 
+     if (avahi_dns_packet_is_query(p)) {
+         int legacy_unicast = 0;
++        char t[AVAHI_ADDRESS_STR_MAX];
+ 
+         /* For queries EDNS0 might allow ARCOUNT != 0. We ignore the
+          * AR section completely here, so far. Until the day we add
+@@ -947,6 +948,13 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres
+             legacy_unicast = 1;
+         }
+ 
++        if (!is_mdns_mcast_address(dst_address) &&
++            !avahi_interface_address_on_link(i, src_address)) {
++
++            avahi_log_debug("Received non-local unicast query from host %s on interface '%s.%i'.", avahi_address_snprint(t, sizeof(t), src_address), i->hardware->name, i->protocol);
++            return;
++        }
++
+         if (legacy_unicast)
+             reflect_legacy_unicast_query_packet(s, p, i, src_address, port);
+ 
+-- 
+2.21.0
+
author	V3n3RiX <venerix@redcorelinux.org>	2019-11-10 13:21:36 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2019-11-10 13:21:36 +0000
commit	77398e424e45d9e98c1cef3c43bdadb9d56e81ef (patch)
tree	5aeffd3fc7b92fc615bd2c222fa8831aeda1925b /net-dns/avahi/files
parent	bd4aeefe33e63f613512604e47bfca7b2187697d (diff)