os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add revised patch and advisory.

Browse source
This commit is contained in:
Xin LI 2015-10-02 16:50:00 +00:00
parent 204763e697
commit 60948361ad
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=47490
3 changed files with 75 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

59
share/security/advisories/FreeBSD-SA-15:24.rpcbind.asc
View file

@ -5,23 +5,28 @@ Hash: SHA512
FreeBSD-SA-15:24.rpcbind Security Advisory
The FreeBSD Project
Topic: rpcbind(8) remote denial of service
Topic: rpcbind(8) remote denial of service [REVISED]
Category: core
Module: rpcbind
Announced: 2015-09-29
Announced: 2015-09-29, revised on 2015-10-02
Affects: All supported versions of FreeBSD.
Corrected: 2015-09-29 18:06:27 UTC (stable/10, 10.2-STABLE)
2015-09-29 18:07:18 UTC (releng/10.2, 10.2-RELEASE-p4)
2015-09-29 18:07:18 UTC (releng/10.1, 10.1-RELEASE-p21)
2015-09-29 18:06:27 UTC (stable/9, 9.3-STABLE)
2015-09-29 18:07:18 UTC (releng/9.3, 9.3-RELEASE-p27)
Corrected: 2015-10-02 16:36:16 UTC (stable/10, 10.2-STABLE)
2015-10-02 16:37:06 UTC (releng/10.2, 10.2-RELEASE-p5)
2015-10-02 16:37:06 UTC (releng/10.1, 10.1-RELEASE-p22)
2015-10-02 16:36:16 UTC (stable/9, 9.3-STABLE)
2015-10-02 16:37:06 UTC (releng/9.3, 9.3-RELEASE-p28)
CVE Name: CVE-2015-7236
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:https://security.FreeBSD.org/>.
0. Revision history
v1.0 2015-09-29 Initial release.
v1.1 2015-10-02 Revised patch to address a regression related to NIS usage
I. Background
Sun RPC is a remote procedure call framework which allows clients to invoke
@ -94,6 +99,10 @@ detached PGP signature using your PGP utility.
# fetch https://security.FreeBSD.org/patches/SA-15:24/rpcbind.patch.asc
# gpg --verify rpcbind.patch.asc
# fetch https://security.FreeBSD.org/patches/SA-15:24/rpcbind-00.patch
# fetch https://security.FreeBSD.org/patches/SA-15:24/rpcbind-00.patch.asc
# gpg --verify rpcbind-00.patch.asc
b) Apply the patch. Execute the following commands as root:
# cd /usr/src
@ -111,11 +120,11 @@ affected branch.
Branch/path Revision
- -------------------------------------------------------------------------
stable/9/ r288384
releng/9.3/ r288385
stable/10/ r288384
releng/10.1/ r288385
releng/10.2/ r288385
stable/9/ r288511
releng/9.3/ r288512
stable/10/ r288511
releng/10.1/ r288512
releng/10.2/ r288512
- -------------------------------------------------------------------------
To see which files were modified by a particular revision, run the
@ -139,17 +148,17 @@ The latest revision of this advisory is available at
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.8 (FreeBSD)
iQIcBAEBCgAGBQJWCtQJAAoJEO1n7NZdz2rnqrcQAMpVQGhgOE2Qz7seLSeKyorU
lYjMQteAxsYFF7t6BCQxMcfnKVYS9fTUwega6bvBMVQqG7bWg3IKr/esH/pExC22
XbVemdOKot63Qvu+qdQ33DMr0mb4B9NqWQDV4cFu2sj1yHtZjwufFsvTDC8B89Za
OfJsKrdxFbR57uOPnm1jhbb/m46O2q6HnD0GsPCXAA9SWAAk6hrjtVsRURjs654e
iuHa6umSADKeVj0FYiFOyrBM0FgyxmSpBikJD3aaLJa1qCFTPDrGG29283krtSlp
JgbWm0+dj9O6pl9NapuE2dKtXmp/bdjLzWKnj2qDWMpsX31uqLFSzcP6/AxxiIiI
S9Uvb9ucQJRqidJ5jgQkicLd7IIM20HWXOltA4uMovoqF8xOVkCyLZ5Nyg4Yiueg
vsjQ5lQipsOJQBtDO11HjLhZTm4a8c3pHASt0HadvxstNYjB0Kqtm2YySQGdk9H/
/mvjsWE227fJkqwayBlmUviOX39Cz/9AzpkPtaQYsYKNUEOy0hr04i/yIF40RH/Z
wIChfTR10KkRvr4dAWT7Kg2bm2Xd0Gs6bEI5YX3PE3aROVwnwmVWCd/rpdkrnVsV
Pi5MWtPHNATPwRa2UmKbYtwB9mF3GXuBOSssW3K+DfPS+0/ZfYa5CedyeHA3aDGW
f5ih6/YFCvSB/NURgvcU
=WO98
iQIcBAEBCgAGBQJWDrUCAAoJEO1n7NZdz2rnYU0QAL5iWj6a9z50ZGTDJLuE0+Zw
gDyW9gggo0eBPPuYCOpLr4IIt+0B0AvCVHJKCCc5r7DMptuBDAUtWHeyhvRH4XmU
rGnweLqI3AzfCSq+CnFV/meJEs+6EaaEGXEarMl+/3YysEMkNEOqO5dEryNaDjK+
+jF+d2Xv13RZ+i2aDWwteQW+8LLdzhYHXWWM9NV70TubPITyq7iL5TXLTKlfRJKP
eOyphNeV/x+hpAL8zq5Kyu0AS8FoMWjR1rD/OtumraCI0zJsAxonZTY95WqM7Jl9
mQwrsxvxUTUmLm+CieNEAAmFMiMBBRv6JeucvVn7I59dIFDSTo2REsVzc+y4zTta
5PJyy6txlwFSrsNiJrn8aklF3voYQMYuE08jRiHAOqNqGwMuPjDjysMfiK/a1WZM
7XKgSjQwGjX3ZEk9XIWqE3DjKjpyW24rceNL/AM1gRv4Hw9UDMQLlzoAh6RM8F/3
GwiU6I5DuXIV942JX25ciHLfCkhoCyE9aEMR90ICQUgxV5xix0PpU5pukPgM9rZN
CeKKbX3v7GfmIy3oWNc3yby6guqZbWbeDimiyz6WboWVvmiZOTPTjtMLuXLbcaSQ
KbidUmkNU8SDzHMGXJypZ4DX9wlLFK2Wv3anaQsE/hxwgNPKpSMEZujysJ0tyTc9
F4iUcG0fCsWryp8DydvE
=J1ex
-----END PGP SIGNATURE-----

24
share/security/patches/SA-15:24/rpcbind-00.patch Normal file
View file

@ -0,0 +1,24 @@
Index: usr.sbin/rpcbind/rpcb_svc_com.c
===================================================================
--- usr.sbin/rpcbind/rpcb_svc_com.c (revision 288434)
+++ usr.sbin/rpcbind/rpcb_svc_com.c (working copy)
@@ -1052,12 +1052,15 @@ static bool_t
netbuf_copybuf(struct netbuf *dst, const struct netbuf *src)
{
- assert(dst->buf == NULL);
+ if (dst->len != src->len || dst->buf == NULL) {
+ if (dst->buf != NULL)
+ free(dst->buf);
+ if ((dst->buf = malloc(src->len)) == NULL)
+ return (FALSE);
- if ((dst->buf = malloc(src->len)) == NULL)
- return (FALSE);
+ dst->maxlen = dst->len = src->len;
+ }
- dst->maxlen = dst->len = src->len;
memcpy(dst->buf, src->buf, src->len);
return (TRUE);
}

17
share/security/patches/SA-15:24/rpcbind-00.patch.asc Normal file
View file

@ -0,0 +1,17 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.1.8 (FreeBSD)
iQIcBAABCgAGBQJWDrUSAAoJEO1n7NZdz2rn6wcQAMwZnPApGypEU3zD4Q/010WV
s5bUpa1a9jDd1k0xT8jlMTKkV6W+2G1L/OACdRnVPUvwBgAixHwnA1MoeCqwdfGw
9AcZ9yFyLMfvcmY/HrJy/Aopkvhwp3XrNDhtUFjM27UvAewa52GH0imi/+xg9cBR
kRp+Yl6F6a6U46QnmQbCqU+gU7tLH0xwVdMRQGQlOSNR694rYlc4IfbleEr8i8Lz
CF92f7GB+FVj5fKWtPBMsYCHulMAWuYeGHzb2YQc3BdjlPC2hUe8eIdOp4Zg0G7w
kCNClNr9GzRcCiHfZKvl9GCdjw97HWw0R6SpERWxJ5oYq5psWm4tOlKnVpagFUVj
WmYFnV0uWQxs2sjztLQm5vuuFTMikmZ/UAhzDXGnUDWjjGe//oWQ8j8NtpjjWT+5
x2qnytkH5YHy3e/HaGZmdAMxkyrlwjdy9imBgMxtv3k8J3M+RTncYLN2k5qCBzUS
FTnVUTBOH/n0CHBhgIuA7CYncItS+c1AmD+fy36LxBDD+7/38inm8tL4edyPQsYD
sg2StdHOsWXpLucibWhWW3CwTGZJN19RxswPXm294Aj9/zl0uxtc0PrVSJeyLqwO
a1A+MyEZ8uE18kwasWJY6tLhkw2AC/usvXNEz62sSUAPcg+YcAQkqC2k7XMuAf1r
U4Wbwgf8Ye3rvn2NjLPK
=Pv1R
-----END PGP SIGNATURE-----