Hello community, here is the log from the commit of package miniupnpc for openSUSE:Factory checked in at 2017-11-10 14:40:55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/miniupnpc (Old) and /work/SRC/openSUSE:Factory/.miniupnpc.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "miniupnpc" Fri Nov 10 14:40:55 2017 rev:15 rq:539301 version:2.0.20171102 Changes: -------- --- /work/SRC/openSUSE:Factory/miniupnpc/miniupnpc.changes 2017-06-02 10:29:55.292821013 +0200 +++ /work/SRC/openSUSE:Factory/.miniupnpc.new/miniupnpc.changes 2017-11-10 14:41:43.398083838 +0100 @@ -1,0 +2,7 @@ +Mon Nov 6 11:09:12 UTC 2017 - [email protected] + +- Build 2.0.20171102 + * Fix CVE-2017-8798 Thanks to tin/Team OSTStrom + * bnc#1038601 - (CVE-2017-8798) VUL-0: CVE-2017-8798: miniupnp: integer signedness error + +------------------------------------------------------------------- Old: ---- miniupnpc-2.0.20170509.tar.gz New: ---- miniupnpc-2.0.20171102.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ miniupnpc.spec ++++++ --- /var/tmp/diff_new_pack.3DWHch/_old 2017-11-10 14:41:46.597968172 +0100 +++ /var/tmp/diff_new_pack.3DWHch/_new 2017-11-10 14:41:46.601968027 +0100 @@ -18,7 +18,7 @@ %define soname 16 Name: miniupnpc -Version: 2.0.20170509 +Version: 2.0.20171102 Release: 0 Summary: Universal Plug'n'Play (UPnP) Client License: BSD-3-Clause @@ -27,8 +27,8 @@ Source: http://miniupnp.free.fr/files/miniupnpc-%{version}.tar.gz Source99: baselibs.conf BuildRequires: python-devel +BuildRequires: python-setuptools Requires: libminiupnpc%{soname} = %{version}-%{release} -BuildRoot: %{_tmppath}/%{name}-%{version}-build %description The MiniUPnP project offers software which supports the UPnP Internet Gateway @@ -92,26 +92,21 @@ chmod -x %{buildroot}%{_mandir}/man3/miniupnpc.3.gz %post -n libminiupnpc%{soname} -p /sbin/ldconfig - %postun -n libminiupnpc%{soname} -p /sbin/ldconfig %files -%defattr(-,root,root) %{_bindir}/upnpc %{_bindir}/external-ip -%{_mandir}/man3/miniupnpc.3.* +%{_mandir}/man3/miniupnpc.3%{ext_man} %files -n libminiupnpc%{soname} -%defattr(-,root,root) %doc LICENSE Changelog.txt README %{_libdir}/libminiupnpc.so.%{soname} %files -n libminiupnpc-devel -%defattr(-,root,root) %{_includedir}/miniupnpc/ %{_libdir}/libminiupnpc.so %files -n python-miniupnpc -f rpmfiles.lst -%defattr(-,root,root) %changelog ++++++ miniupnpc-2.0.20170509.tar.gz -> miniupnpc-2.0.20171102.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/miniupnpc-2.0.20170509/CMakeLists.txt new/miniupnpc-2.0.20171102/CMakeLists.txt --- old/miniupnpc-2.0.20170509/CMakeLists.txt 2016-12-16 10:04:32.000000000 +0100 +++ new/miniupnpc-2.0.20171102/CMakeLists.txt 2017-11-02 18:38:01.000000000 +0100 @@ -44,7 +44,7 @@ endif () # Set compiler specific build flags -if (CMAKE_COMPILER_IS_GNUC) +if (CMAKE_COMPILER_IS_GNUCC) # Set our own default flags at first run. if (NOT CONFIGURED) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/miniupnpc-2.0.20170509/MANIFEST.in new/miniupnpc-2.0.20171102/MANIFEST.in --- old/miniupnpc-2.0.20170509/MANIFEST.in 2010-12-09 17:41:38.000000000 +0100 +++ new/miniupnpc-2.0.20171102/MANIFEST.in 2017-11-02 18:38:01.000000000 +0100 @@ -1,5 +1,9 @@ include README +include VERSION +include LICENSE include miniupnpcmodule.c include setup.py -include *.h -include libminiupnpc.a +include Makefile +include *.[ch] +include *.h.in +include *.sh diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/miniupnpc-2.0.20170509/Makefile new/miniupnpc-2.0.20171102/Makefile --- old/miniupnpc-2.0.20170509/Makefile 2017-04-21 13:24:22.000000000 +0200 +++ new/miniupnpc-2.0.20171102/Makefile 2017-11-02 18:38:01.000000000 +0100 @@ -1,4 +1,4 @@ -# $Id: Makefile,v 1.136 2017/04/21 09:44:20 nanard Exp $ +# $Id: Makefile,v 1.137 2017/11/02 15:31:18 nanard Exp $ # MiniUPnP Project # http://miniupnp.free.fr/ # http://miniupnp.tuxfamily.org/ @@ -173,18 +173,18 @@ everything: all $(EXECUTABLES_ADDTESTS) pythonmodule: $(LIBRARY) miniupnpcmodule.c setup.py - python setup.py build + MAKE=$(MAKE) python setup.py build touch $@ installpythonmodule: pythonmodule - python setup.py install + MAKE=$(MAKE) python setup.py install pythonmodule3: $(LIBRARY) miniupnpcmodule.c setup.py - python3 setup.py build + MAKE=$(MAKE) python3 setup.py build touch $@ installpythonmodule3: pythonmodule3 - python3 setup.py install + MAKE=$(MAKE) python3 setup.py install validateminixml: minixmlvalid @echo "minixml validation test" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/miniupnpc-2.0.20170509/README new/miniupnpc-2.0.20171102/README --- old/miniupnpc-2.0.20170509/README 2016-04-19 23:01:03.000000000 +0200 +++ new/miniupnpc-2.0.20171102/README 2017-11-02 18:38:01.000000000 +0100 @@ -1,9 +1,8 @@ Project: miniupnp -Project web page: http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/ +Project web page: http://miniupnp.free.fr/ or https://miniupnp.tuxfamily.org/ github: https://github.com/miniupnp/miniupnp -freecode: http://freecode.com/projects/miniupnp Author: Thomas Bernard -Copyright (c) 2005-2016 Thomas Bernard +Copyright (c) 2005-2017 Thomas Bernard This software is subject to the conditions detailed in the LICENSE file provided within this distribution. @@ -58,7 +57,7 @@ send me an email ! For any question, you can use the web forum : -http://miniupnp.tuxfamily.org/forum/ +https://miniupnp.tuxfamily.org/forum/ Bugs should be reported on github : https://github.com/miniupnp/miniupnp/issues diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/miniupnpc-2.0.20170509/external-ip.sh new/miniupnpc-2.0.20171102/external-ip.sh --- old/miniupnpc-2.0.20170509/external-ip.sh 2010-08-05 14:57:41.000000000 +0200 +++ new/miniupnpc-2.0.20171102/external-ip.sh 2017-11-02 18:38:01.000000000 +0100 @@ -1,4 +1,4 @@ #!/bin/sh -# $Id: external-ip.sh,v 1.1 2010/08/05 12:57:41 nanard Exp $ +# $Id: external-ip.sh,v 1.2 2017/11/02 15:33:09 nanard Exp $ # (c) 2010 Reuben Hawkins -upnpc -s | grep ExternalIPAddress | sed 's/[^0-9\.]//g' +upnpc -s | sed -n -e 's/^ExternalIPAddress = \([0-9.]*\)$/\1/p' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/miniupnpc-2.0.20170509/minihttptestserver.c new/miniupnpc-2.0.20171102/minihttptestserver.c --- old/miniupnpc-2.0.20170509/minihttptestserver.c 2016-12-16 10:04:32.000000000 +0100 +++ new/miniupnpc-2.0.20171102/minihttptestserver.c 2017-11-02 18:38:01.000000000 +0100 @@ -1,7 +1,7 @@ -/* $Id: minihttptestserver.c,v 1.20 2016/12/16 08:54:55 nanard Exp $ */ +/* $Id: minihttptestserver.c,v 1.22 2017/11/02 17:01:36 nanard Exp $ */ /* Project : miniUPnP * Author : Thomas Bernard - * Copyright (c) 2011-2016 Thomas Bernard + * Copyright (c) 2011-2017 Thomas Bernard * This software is subject to the conditions detailed in the * LICENCE file provided in this distribution. * */ @@ -24,6 +24,8 @@ #define CRAP_LENGTH (2048) +static int server(unsigned short port, const char * expected_file_name, int ipv6); + volatile sig_atomic_t quit = 0; volatile sig_atomic_t child_to_wait_for = 0; @@ -158,7 +160,7 @@ #else #define FAVICON_LENGTH (6 + 16 + 40 + 8 + 32 * 4) #endif -void build_favicon_content(char * p, int n) +void build_favicon_content(unsigned char * p, int n) { int i; if(n < FAVICON_LENGTH) @@ -448,7 +450,7 @@ "Content-Length: %d\r\n" "\r\n", content_length); /* image/x-icon */ - build_favicon_content(response_buffer + n, content_length); + build_favicon_content((unsigned char *)(response_buffer + n), content_length); response_len = content_length + n; break; default: @@ -485,17 +487,9 @@ */ int main(int argc, char * * argv) { int ipv6 = 0; - int s, c, i; + int r, i; unsigned short port = 0; - struct sockaddr_storage server_addr; - socklen_t server_addrlen; - struct sockaddr_storage client_addr; - socklen_t client_addrlen; - pid_t pid; - int child = 0; - int status; const char * expected_file_name = NULL; - struct sigaction sa; for(i = 1; i < argc; i++) { if(argv[i][0] == '-') { @@ -523,6 +517,26 @@ srand(time(NULL)); + r = server(port, expected_file_name, ipv6); + if(r != 0) { + printf("*** ERROR ***\n"); + } + return r; +} + +static int server(unsigned short port, const char * expected_file_name, int ipv6) +{ + int s, c; + int i; + struct sockaddr_storage server_addr; + socklen_t server_addrlen; + struct sockaddr_storage client_addr; + socklen_t client_addrlen; + pid_t pid; + int child = 0; + int status; + struct sigaction sa; + memset(&sa, 0, sizeof(struct sigaction)); /*signal(SIGCHLD, handle_signal_chld);*/ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/miniupnpc-2.0.20170509/minissdpc.c new/miniupnpc-2.0.20171102/minissdpc.c --- old/miniupnpc-2.0.20170509/minissdpc.c 2017-04-21 13:24:22.000000000 +0200 +++ new/miniupnpc-2.0.20171102/minissdpc.c 2017-11-02 18:38:01.000000000 +0100 @@ -1,4 +1,4 @@ -/* $Id: minissdpc.c,v 1.34 2017/04/21 10:06:38 nanard Exp $ */ +/* $Id: minissdpc.c,v 1.35 2017/11/02 15:34:36 nanard Exp $ */ /* vim: tabstop=4 shiftwidth=4 noexpandtab * Project : miniupnp * Web : http://miniupnp.free.fr/ @@ -615,8 +615,13 @@ } if(ipv6) { +#ifdef _WIN32 + DWORD mcastHops = ttl; + if(setsockopt(sudp, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, (const char *)&mcastHops, sizeof(mcastHops)) < 0) +#else /* _WIN32 */ int mcastHops = ttl; if(setsockopt(sudp, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &mcastHops, sizeof(mcastHops)) < 0) +#endif /* _WIN32 */ { PRINT_SOCKET_ERROR("setsockopt(IPV6_MULTICAST_HOPS,...)"); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/miniupnpc-2.0.20170509/miniupnpc.h new/miniupnpc-2.0.20171102/miniupnpc.h --- old/miniupnpc-2.0.20170509/miniupnpc.h 2017-05-09 12:14:44.000000000 +0200 +++ new/miniupnpc-2.0.20171102/miniupnpc.h 2017-11-02 18:57:42.000000000 +0100 @@ -19,7 +19,7 @@ #define UPNPDISCOVER_MEMORY_ERROR (-102) /* versions : */ -#define MINIUPNPC_VERSION "2.0.20170509" +#define MINIUPNPC_VERSION "2.0.20171102" #define MINIUPNPC_API_VERSION 16 /* Source port: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/miniupnpc-2.0.20170509/miniupnpcmodule.c new/miniupnpc-2.0.20171102/miniupnpcmodule.c --- old/miniupnpc-2.0.20170509/miniupnpcmodule.c 2017-04-21 13:24:22.000000000 +0200 +++ new/miniupnpc-2.0.20171102/miniupnpcmodule.c 2017-11-02 18:38:01.000000000 +0100 @@ -1,4 +1,4 @@ -/* $Id: miniupnpcmodule.c,v 1.30 2017/04/21 10:07:43 nanard Exp $*/ +/* $Id: miniupnpcmodule.c,v 1.31 2017/11/02 15:37:28 nanard Exp $*/ /* Project : miniupnp * Author : Thomas BERNARD * website : http://miniupnp.tuxfamily.org/ @@ -307,7 +307,7 @@ const char * remoteHost; const char * leaseDuration = "0"; int r; - if (!PyArg_ParseTuple(args, "HssHss", &ePort, &proto, + if (!PyArg_ParseTuple(args, "HssHzz", &ePort, &proto, &host, &iPort, &desc, &remoteHost)) return NULL; Py_BEGIN_ALLOW_THREADS @@ -349,7 +349,7 @@ const char * remoteHost; const char * leaseDuration = "0"; int r; - if (!PyArg_ParseTuple(args, "HssHss", &ePort, &proto, &host, &iPort, &desc, &remoteHost)) + if (!PyArg_ParseTuple(args, "HssHzz", &ePort, &proto, &host, &iPort, &desc, &remoteHost)) return NULL; Py_BEGIN_ALLOW_THREADS sprintf(extPort, "%hu", ePort); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/miniupnpc-2.0.20170509/setup.py new/miniupnpc-2.0.20171102/setup.py --- old/miniupnpc-2.0.20170509/setup.py 2015-10-26 18:05:52.000000000 +0100 +++ new/miniupnpc-2.0.20171102/setup.py 2017-11-02 18:38:01.000000000 +0100 @@ -1,19 +1,25 @@ #! /usr/bin/python # vim: tabstop=8 shiftwidth=8 expandtab -# $Id: setup.py,v 1.12 2015/10/26 17:03:17 nanard Exp $ -# the MiniUPnP Project (c) 2007-2014 Thomas Bernard +# $Id: setup.py,v 1.13 2017/11/02 15:36:12 nanard Exp $ +# the MiniUPnP Project (c) 2007-2017 Thomas Bernard # http://miniupnp.tuxfamily.org/ or http://miniupnp.free.fr/ # # python script to build the miniupnpc module under unix # -# replace libminiupnpc.a by libminiupnpc.so for shared library usage -try: - from setuptools import setup, Extension -except ImportError: - from distutils.core import setup, Extension -from distutils import sysconfig -sysconfig.get_config_vars()["OPT"] = '' -sysconfig.get_config_vars()["CFLAGS"] = '' +# Uses MAKE environment variable (defaulting to 'make') + +from setuptools import setup, Extension +from setuptools.command import build_ext +import subprocess +import os + +EXT = ['libminiupnpc.a'] + +class make_then_build_ext(build_ext.build_ext): + def run(self): + subprocess.check_call([os.environ.get('MAKE', 'make')] + EXT) + build_ext.build_ext.run(self) + setup(name="miniupnpc", version=open('VERSION').read().strip(), author='Thomas BERNARD', @@ -21,8 +27,9 @@ license=open('LICENSE').read(), url='http://miniupnp.free.fr/', description='miniUPnP client', + cmdclass={'build_ext': make_then_build_ext}, ext_modules=[ Extension(name="miniupnpc", sources=["miniupnpcmodule.c"], - extra_objects=["libminiupnpc.a"]) + extra_objects=EXT) ]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/miniupnpc-2.0.20170509/testminiwget.c new/miniupnpc-2.0.20171102/testminiwget.c --- old/miniupnpc-2.0.20170509/testminiwget.c 2016-02-09 10:38:59.000000000 +0100 +++ new/miniupnpc-2.0.20171102/testminiwget.c 2017-11-02 18:38:01.000000000 +0100 @@ -1,7 +1,7 @@ -/* $Id: testminiwget.c,v 1.5 2016/01/24 17:24:36 nanard Exp $ */ +/* $Id: testminiwget.c,v 1.6 2017/11/02 16:52:37 nanard Exp $ */ /* Project : miniupnp * Author : Thomas Bernard - * Copyright (c) 2005-2016 Thomas Bernard + * Copyright (c) 2005-2017 Thomas Bernard * This software is subject to the conditions detailed in the * LICENCE file provided in this distribution. * */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/miniupnpc-2.0.20170509/testminiwget.sh new/miniupnpc-2.0.20171102/testminiwget.sh --- old/miniupnpc-2.0.20170509/testminiwget.sh 2015-09-17 15:05:27.000000000 +0200 +++ new/miniupnpc-2.0.20171102/testminiwget.sh 2017-11-02 18:38:01.000000000 +0100 @@ -1,7 +1,7 @@ #!/bin/sh -# $Id: testminiwget.sh,v 1.13 2015/09/03 17:57:44 nanard Exp $ +# $Id: testminiwget.sh,v 1.15 2017/11/02 17:36:26 nanard Exp $ # project miniupnp : http://miniupnp.free.fr/ -# (c) 2011-2015 Thomas Bernard +# (c) 2011-2017 Thomas Bernard # # test program for miniwget.c # is usually invoked by "make check" @@ -21,6 +21,14 @@ DOWNLOADEDFILE="${TMPD}/downloadedfile" PORT= RET=0 +IPCONFIG=$(which ifconfig) +if [ -z "$IPCONFIG" ] ; then + IPCONFIG="/sbin/ifconfig" +fi + +if ! $IPCONFIG -a | grep inet6 ; then + HAVE_IPV6=no +fi case "$HAVE_IPV6" in n|no|0) @@ -44,6 +52,12 @@ sleep 1 PORT=`cat $HTTPSERVEROUT | sed 's/Listening on port \([0-9]*\)/\1/' ` done +if [ "$PORT" = "*** ERROR ***" ]; then + echo "HTTP test server error" + echo "Network config :" + $IPCONFIG -a + exit 2 +fi echo "Test HTTP server is listening on $PORT" URL1="http://$ADDR:$PORT/index.html"; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/miniupnpc-2.0.20170509/upnpc.c new/miniupnpc-2.0.20171102/upnpc.c --- old/miniupnpc-2.0.20170509/upnpc.c 2017-04-21 13:24:22.000000000 +0200 +++ new/miniupnpc-2.0.20171102/upnpc.c 2017-05-27 09:48:34.000000000 +0200 @@ -1,7 +1,7 @@ -/* $Id: upnpc.c,v 1.116 2017/04/21 10:20:50 nanard Exp $ */ +/* $Id: upnpc.c,v 1.117 2017/05/26 15:26:55 nanard Exp $ */ /* Project : miniupnp * Author : Thomas Bernard - * Copyright (c) 2005-2016 Thomas Bernard + * Copyright (c) 2005-2017 Thomas Bernard * This software is subject to the conditions detailed in the * LICENCE file provided in this distribution. */ @@ -578,8 +578,8 @@ } #endif printf("upnpc : miniupnpc library test client, version %s.\n", MINIUPNPC_VERSION_STRING); - printf(" (c) 2005-2016 Thomas Bernard.\n"); - printf("Go to http://miniupnp.free.fr/ or http://miniupnp.tuxfamily.org/\n"; + printf(" (c) 2005-2017 Thomas Bernard.\n"); + printf("Go to http://miniupnp.free.fr/ or https://miniupnp.tuxfamily.org/\n"; "for more information.\n"); /* command line processing */ for(i=1; i<argc; i++)
