aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2019-07-16 22:46:19 -0300
committerLeonardo Arena <rnalrd@alpinelinux.org>2019-07-17 06:41:17 +0000
commit02fd5297c8c53f1a397702e43b64d56f9cc574c9 (patch)
treeaa15e7d24e6d94125270a3b6b8a905989447bfc2
parent6357655f38597b1e1e7e2e0f8c4ca7f55ce829b4 (diff)
main/avahi: fix CVE-2017-6519 and CVE-2018-1000845
Fixes #9241
-rw-r--r--main/avahi/APKBUILD14
-rw-r--r--main/avahi/CVE-2017-6519-and-CVE-2018-1000845.patch27
2 files changed, 38 insertions, 3 deletions
diff --git a/main/avahi/APKBUILD b/main/avahi/APKBUILD
index db7e8135a41..27844820328 100644
--- a/main/avahi/APKBUILD
+++ b/main/avahi/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=avahi
pkgver=0.7
-pkgrel=1
+pkgrel=2
pkgdesc="A multicast/unicast DNS-SD framework"
url="https://www.avahi.org/"
arch="all"
@@ -17,9 +17,16 @@ subpackages="$pkgname-dev $pkgname-doc $pkgname-tools $pkgname-glib
$pkgname-libs $pkgname-compat-howl:howl
$pkgname-compat-libdns_sd:lidns_sd $pkgname-lang
py2-avahi:_py2:noarch"
-source="https://github.com/lathiat/avahi/releases/download/v$pkgver/avahi-$pkgver.tar.gz"
+source="https://github.com/lathiat/avahi/releases/download/v$pkgver/avahi-$pkgver.tar.gz
+ CVE-2017-6519-and-CVE-2018-1000845.patch
+ "
builddir="$srcdir/$pkgname-$pkgver"
+# secfixes:
+# 0.7-r2:
+# - CVE-2017-6519
+# - CVE-2018-1000845
+
prepare() {
default_prepare
autoreconf -vif
@@ -128,4 +135,5 @@ _py2() {
mv "$pkgdir"/usr/lib/python2.* "$subpkgdir"/usr/lib/
}
-sha512sums="bae5a1e9204aca90b90e7fd223d19e809e3514d03ba5fa2da1e55bf1d72d3d3b98567f357900c36393613dc17dc98e15ff3ebf0f226f2f6b9766e592452a6ce7 avahi-0.7.tar.gz"
+sha512sums="bae5a1e9204aca90b90e7fd223d19e809e3514d03ba5fa2da1e55bf1d72d3d3b98567f357900c36393613dc17dc98e15ff3ebf0f226f2f6b9766e592452a6ce7 avahi-0.7.tar.gz
+dc5c9fde8d1244e70e3cf1c09bc274b094458d2fad982f5a79bcbf3cbddc43a0cf79e9ba106b3b0446a6f0b006fd3beeee48a03bd3d8a06cf8d9821f6945ffed CVE-2017-6519-and-CVE-2018-1000845.patch"
diff --git a/main/avahi/CVE-2017-6519-and-CVE-2018-1000845.patch b/main/avahi/CVE-2017-6519-and-CVE-2018-1000845.patch
new file mode 100644
index 00000000000..513489fa5b7
--- /dev/null
+++ b/main/avahi/CVE-2017-6519-and-CVE-2018-1000845.patch
@@ -0,0 +1,27 @@
+diff --git a/avahi-core/server.c b/avahi-core/server.c
+index a2cb19a..a2580e3 100644
+--- a/avahi-core/server.c
++++ b/avahi-core/server.c
+@@ -930,6 +930,7 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres
+
+ if (avahi_dns_packet_is_query(p)) {
+ int legacy_unicast = 0;
++ char t[AVAHI_ADDRESS_STR_MAX];
+
+ /* For queries EDNS0 might allow ARCOUNT != 0. We ignore the
+ * AR section completely here, so far. Until the day we add
+@@ -947,6 +948,13 @@ static void dispatch_packet(AvahiServer *s, AvahiDnsPacket *p, const AvahiAddres
+ legacy_unicast = 1;
+ }
+
++ if (!is_mdns_mcast_address(dst_address) &&
++ !avahi_interface_address_on_link(i, src_address)) {
++
++ avahi_log_debug("Received non-local unicast query from host %s on interface '%s.%i'.", avahi_address_snprint(t, sizeof(t), src_address), i->hardware->name, i->protocol);
++ return;
++ }
++
+ if (legacy_unicast)
+ reflect_legacy_unicast_query_packet(s, p, i, src_address, port);
+
+