From 8537ca13f042d84b63f14419673adae4cfb4f4aa Mon Sep 17 00:00:00 2001 From: Petr Šabata Date: Mar 22 2012 14:59:36 +0000 Subject: 3.3.0 bump --- diff --git a/.gitignore b/.gitignore index fe738c5..102c98b 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ iproute2-2.6.35.tar.bz2 /iproute2-2.6.39.tar.gz /iproute2-3.1.0.tar.bz2 /iproute2-3.2.0.tar.bz2 +/iproute2-3.3.0.tar.gz diff --git a/iproute.spec b/iproute.spec index fb013e2..761a654 100644 --- a/iproute.spec +++ b/iproute.spec @@ -1,11 +1,11 @@ %global cbq_version v0.7.3 Summary: Advanced IP routing and network device configuration tools Name: iproute -Version: 3.2.0 -Release: 3%{?dist} +Version: 3.3.0 +Release: 1%{?dist} Group: Applications/System -URL: http://kernel.org/pub/linux/utils/networking/%{name}2/ -Source0: http://kernel.org/pub/linux/utils/networking/%{name}2/%{name}2-%{version}.tar.bz2 +URL: http://kernel.org/pub/linux/utils/net/%{name}2/ +Source0: http://kernel.org/pub/linux/utils/net/%{name}2/%{name}2-%{version}.tar.gz Source1: cbq-0000.example Source2: avpkt Patch0: man-pages.patch @@ -19,8 +19,6 @@ Patch7: iproute2-2.6.35-print-route.patch Patch8: iproute2-print-route-u32.patch Patch9: iproute2-2.6.39-create-peer-veth-without-a-name.patch Patch10: iproute2-2.6.39-lnstat-dump-to-stdout.patch -Patch11: iproute2-3.2.0-Dont-put-configure-files-in-tmp.patch -Patch12: iproute2-3.2.0-dhcp-client-script-dont-use-tmp.patch License: GPLv2+ and Public Domain BuildRequires: tex(latex) tex(dvips) linuxdoc-tools BuildRequires: flex linux-atm-libs-devel psutils db4-devel bison @@ -67,8 +65,6 @@ sed -i "s/_VERSION_/%{version}/" man/man8/ss.8 %patch8 -p1 -b .print-route-u32 %patch9 -p1 -b .peer-veth-without-name %patch10 -p1 -b .lnstat-dump-to-stdout -%patch11 -p1 -b .tmp -%patch12 -p1 -b .tmp-dhcp %build export LIBDIR=/%{_libdir} @@ -178,6 +174,10 @@ done %{_includedir}/libnetlink.h %changelog +* Thu Mar 22 2012 Petr Šabata - 3.3.0-1 +- 3.3.0 bump +- Update source URL + * Mon Feb 27 2012 Petr Šabata - 3.2.0-3 - Address dangerous /tmp files security issue (CVE-2012-1088, #797881, #797878) diff --git a/iproute2-3.2.0-Dont-put-configure-files-in-tmp.patch b/iproute2-3.2.0-Dont-put-configure-files-in-tmp.patch deleted file mode 100644 index 6b81f33..0000000 --- a/iproute2-3.2.0-Dont-put-configure-files-in-tmp.patch +++ /dev/null @@ -1,165 +0,0 @@ -From e557d1ac3a156ba7521ba44b0b412af4542f83f8 Mon Sep 17 00:00:00 2001 -From: Stephen Hemminger -Date: Wed, 15 Feb 2012 10:03:39 -0800 -Subject: [PATCH] Don't put configure files in /tmp - -Based on patch by Vasiliy Kulikov -Don't use /tmp since it is dangerous, instead put temporary files -from configure script in build directory. This is what autoconf -generated configure does. ---- - .gitignore | 1 + - configure | 34 +++++++++++++++++++--------------- - 2 files changed, 20 insertions(+), 15 deletions(-) - -diff --git a/.gitignore b/.gitignore -index c784159..3ba2632 100644 ---- a/.gitignore -+++ b/.gitignore -@@ -1,4 +1,5 @@ - static-syms.h -+config.* - Config - *.o - *.a -diff --git a/configure b/configure -index 09a6987..0f4444f 100755 ---- a/configure -+++ b/configure -@@ -3,9 +3,13 @@ - # - INCLUDE=${1:-"$PWD/include"} - -+# Make a temp directory in build tree. -+TMPDIR=$(mktemp -d config.XXXXXX) -+trap 'status=$?; rm -rf $TMPDIRa; exit $status' EXIT HUP INT QUIT TERM -+ - check_atm() - { --cat >/tmp/atmtest.c <$TMPDIR/atmtest.c < - int main(int argc, char **argv) { - struct atm_qos qos; -@@ -13,7 +17,7 @@ int main(int argc, char **argv) { - return 0; - } - EOF --gcc -I$INCLUDE -o /tmp/atmtest /tmp/atmtest.c -latm >/dev/null 2>&1 -+gcc -I$INCLUDE -o $TMPDIR/atmtest $TMPDIR/atmtest.c -latm >/dev/null 2>&1 - if [ $? -eq 0 ] - then - echo "TC_CONFIG_ATM:=y" >>Config -@@ -21,13 +25,13 @@ then - else - echo no - fi --rm -f /tmp/atmtest.c /tmp/atmtest -+rm -f $TMPDIR/atmtest.c $TMPDIR/atmtest - } - - check_xt() - { - #check if we have xtables from iptables >= 1.4.5. --cat >/tmp/ipttest.c <$TMPDIR/ipttest.c < - #include - static struct xtables_globals test_globals = { -@@ -47,12 +51,12 @@ int main(int argc, char **argv) - - EOF - --if gcc -I$INCLUDE $IPTC -o /tmp/ipttest /tmp/ipttest.c $IPTL $(pkg-config xtables --cflags --libs) -ldl >/dev/null 2>&1 -+if gcc -I$INCLUDE $IPTC -o $TMPDIR/ipttest $TMPDIR/ipttest.c $IPTL $(pkg-config xtables --cflags --libs) -ldl >/dev/null 2>&1 - then - echo "TC_CONFIG_XT:=y" >>Config - echo "using xtables" - fi --rm -f /tmp/ipttest.c /tmp/ipttest -+rm -f $TMPDIR/ipttest.c $TMPDIR/ipttest - } - - check_xt_old() -@@ -64,7 +68,7 @@ then - fi - - #check if we dont need our internal header .. --cat >/tmp/ipttest.c <$TMPDIR/ipttest.c < - char *lib_dir; - unsigned int global_option_offset = 0; -@@ -84,14 +88,14 @@ int main(int argc, char **argv) { - } - - EOF --gcc -I$INCLUDE $IPTC -o /tmp/ipttest /tmp/ipttest.c $IPTL -ldl >/dev/null 2>&1 -+gcc -I$INCLUDE $IPTC -o $TMPDIR/ipttest $TMPDIR/ipttest.c $IPTL -ldl >/dev/null 2>&1 - - if [ $? -eq 0 ] - then - echo "TC_CONFIG_XT_OLD:=y" >>Config - echo "using old xtables (no need for xt-internal.h)" - fi --rm -f /tmp/ipttest.c /tmp/ipttest -+rm -f $TMPDIR/ipttest.c $TMPDIR/ipttest - } - - check_xt_old_internal_h() -@@ -103,7 +107,7 @@ then - fi - - #check if we need our own internal.h --cat >/tmp/ipttest.c <$TMPDIR/ipttest.c < - #include "xt-internal.h" - char *lib_dir; -@@ -124,14 +128,14 @@ int main(int argc, char **argv) { - } - - EOF --gcc -I$INCLUDE $IPTC -o /tmp/ipttest /tmp/ipttest.c $IPTL -ldl >/dev/null 2>&1 -+gcc -I$INCLUDE $IPTC -o $TMPDIR/ipttest $TMPDIR/ipttest.c $IPTL -ldl >/dev/null 2>&1 - - if [ $? -eq 0 ] - then - echo "using old xtables with xt-internal.h" - echo "TC_CONFIG_XT_OLD_H:=y" >>Config - fi --rm -f /tmp/ipttest.c /tmp/ipttest -+rm -f $TMPDIR/ipttest.c $TMPDIR/ipttest - } - - check_ipt() -@@ -160,7 +164,7 @@ check_ipt_lib_dir() - - check_setns() - { --cat >/tmp/setnstest.c <$TMPDIR/setnstest.c < - int main(int argc, char **argv) - { -@@ -168,7 +172,7 @@ int main(int argc, char **argv) - return 0; - } - EOF --gcc -I$INCLUDE -o /tmp/setnstest /tmp/setnstest.c >/dev/null 2>&1 -+gcc -I$INCLUDE -o $TMPDIR/setnstest $TMPDIR/setnstest.c >/dev/null 2>&1 - if [ $? -eq 0 ] - then - echo "IP_CONFIG_SETNS:=y" >>Config -@@ -176,7 +180,7 @@ then - else - echo "no" - fi --rm -f /tmp/setnstest.c /tmp/setnstest -+rm -f $TMPDIR/setnstest.c $TMPDIR/setnstest - } - - echo "# Generated config based on" $INCLUDE >Config --- -1.7.6.5 - diff --git a/iproute2-3.2.0-dhcp-client-script-dont-use-tmp.patch b/iproute2-3.2.0-dhcp-client-script-dont-use-tmp.patch deleted file mode 100644 index 2145791..0000000 --- a/iproute2-3.2.0-dhcp-client-script-dont-use-tmp.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 20ed7b24df05eadf83168d1d0ce0052a31380928 Mon Sep 17 00:00:00 2001 -From: Stephen Hemminger -Date: Wed, 15 Feb 2012 10:05:45 -0800 -Subject: [PATCH] dhcp-client-script: don't use /tmp - -/tmp is a dangerous place and better to put log files in /var/log. -Based on patch by Vasiliy Kulikov ---- - examples/dhcp-client-script | 2 +- - 1 files changed, 1 insertions(+), 1 deletions(-) - -diff --git a/examples/dhcp-client-script b/examples/dhcp-client-script -index 7207b57..f39bc10 100644 ---- a/examples/dhcp-client-script -+++ b/examples/dhcp-client-script -@@ -14,7 +14,7 @@ - # we should install and preserve. - # - --exec >> /tmp/DHS.log 2>&1 -+exec >> /var/log/DHS.log 2>&1 - - echo dhc-script $* reason=$reason - set | grep "^\(old_\|new_\|check_\)" --- -1.7.6.5 - diff --git a/sources b/sources index d2b05e0..395cf02 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -90913f781aa1b161bb23c70e3111552d iproute2-3.2.0.tar.bz2 +172f8bc6d1b5228d64a8e0f2260a3e0a iproute2-3.3.0.tar.gz