Debian Patches

Status for tcp-wrappers/7.6.q-31

Patch Description Author Forwarded Bugs Origin Last update
00_man_quoting.diff diff -ruN tcp_wrappers_7.6.orig/hosts_access.5 tcp_wrappers_7.6/hosts_access.5 no
00_man_typos diff -ruNp tcp_wrappers_7.6.orig/hosts_access.5 tcp_wrappers_7.6/hosts_access.5 no
01_man_portability diff -ruNp tcp_wrappers_7.6.orig/hosts_access.3 tcp_wrappers_7.6/hosts_access.3 no
05_wildcard_matching See https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=17847
(Though the original code needs to be patched to be case-insensitive.)
no
06_fix_gethostbyname * Mon Feb 5 2001 Preston Brown <pbrown@redhat.com>
- fix gethostbyname to work better with dot "." notation (#16949)
no
10_usagi-ipv6 no
11_tcpd_blacklist TCP Wrapper Blacklist Extension
The patch below adds a new host pattern to the TCP Wrapper access
control language. Instead of a host name or address pattern, you
can specify an external /file/name with host name or address
patterns. The feature can be used recursively.

The /file/name extension makes it easy to blacklist bad sites, for
example, to block unwanted electronic mail when libwrap is linked
into sendmail. Adding hosts to a simple text file is much easier
than having to edit a more complex hosts.allow/deny file.

I developed this a year or so ago as a substitute for NIS netgroups.
At that time, I did not consider it of sufficient interest for
inclusion in the TCP Wrapper distribution. How times have changed.

The patch is relative to TCP Wrappers version 7.6. The main archive
site is ftp://ftp.win.tue.nl/pub/security/tcp_wrappers_7.6.tar.gz

Thanks to the Debian LINUX folks for expressing their interest in
this patch.

Wietse


[diff updated by Md]

diff -ruN tcp_wrappers_7.6.orig/hosts_access.5 tcp_wrappers_7.6/hosts_access.5
Wietse Venema <wietse@((no)(spam)(please))wzv.win.tue.nl> no 1997-09-08
11_usagi_fix diff -uN tcp_wrappers_7.6/hosts_access.c tcp_wrappers_7.6.new/hosts_access.c no
12_makefile_config no
13_shlib_weaksym no
14_cidr_support diff -ruN tcp_wrappers_7.6.orig/hosts_access.5 tcp_wrappers_7.6/hosts_access.5 no
15_match_clarify diff -ruN tcp_wrappers_7.6.orig/hosts_access.5 tcp_wrappers_7.6/hosts_access.5 no
musl_support no
aclexec diff -ruNp tcp_wrappers_7.6.orig/hosts_access.c tcp_wrappers_7.6/hosts_access.c no
expand_remote_port diff -ruN tcp_wrappers_7.6.orig/eval.c tcp_wrappers_7.6/eval.c no
catch-sigchld no
fix_warnings no
have_strerror diff -ruN tcp_wrappers_7.6.orig/percent_m.c tcp_wrappers_7.6/percent_m.c no
man_fromhost diff -ruN tcp_wrappers_7.6.orig/hosts_access.3 tcp_wrappers_7.6/hosts_access.3 no
more_man_pages no
match_port diff -ruNp tcp_wrappers_7.6.orig/hosts_access.c tcp_wrappers_7.6/hosts_access.c no
restore_sigalarm diff -ruN tcp_wrappers_7.6.orig/rfc931.c tcp_wrappers_7.6/rfc931.c no
rfc931.diff diff -ruNp tcp_wrappers_7.6.orig/scaffold.c tcp_wrappers_7.6/scaffold.c no
safe_finger no
sig_fix * Fri May 6 2005 Thomas Woerner <twoerner@redhat.com> 7.6-39
- fixed sig patch (#141110). Thanks to Nikita Shulga for the patch

* Mon Feb 10 2003 Harald Hoyer <harald@redhat.de> 7.6-29
- added security patch tcp_wrappers-7.6-sig.patch

diff -ruNp tcp_wrappers_7.6.orig/hosts_access.c tcp_wrappers_7.6/hosts_access.c
no
siglongjmp diff -ruNp tcp_wrappers_7.6.orig/rfc931.c tcp_wrappers_7.6/rfc931.c no
size_t no
tcpdchk_libwrapped diff -ruN tcp_wrappers_7.6.orig/tcpdchk.c tcp_wrappers_7.6/tcpdchk.c no
fix_static no
fix_parsing_long_lines Fix parsing of lines longer than 2047 characters If a line in /etc/hosts.{allow,deny} is longer than BUFLEN-1 (2047)
characters then len will be set to 1 at the end of the xgets() loop.
.
At the next iteration, fgets will be passed a buffer of length 1, so it
will only be able to read an empty string (the buffer must always have
space for the trailing NUL).
.
strlen(3) on the empty string will return 0, so len will not be modified
anymore and the last step will repeat forever.
.
To reproduce:
perl -e 'print "#sshd: " . ("127.0.0.1, " x 210) . "\n"' > hosts.deny
tcpdmatch -d test localhost
Marco d'Itri <md@linux.it> no debian
initgroups diff -up tcp_wrappers_7.6/options.c.initgroups tcp_wrappers_7.6/options.c no
ignore_missing_inetdconf no
fix_warnings2 no

All known versions for source package 'tcp-wrappers'

Links