From debbugs-submit-bounces@debbugs.gnu.org Thu May 04 21:33:00 2017
Received: (at submit) by debbugs.gnu.org; 5 May 2017 01:33:01 +0000
Received: from localhost ([127.0.0.1]:55064 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d6S74-0000Aw-9R
	for submit@debbugs.gnu.org; Thu, 04 May 2017 21:33:00 -0400
Received: from eggs.gnu.org ([208.118.235.92]:51365)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@famulari.name>) id 1d6S70-0000Ag-2w
 for submit@debbugs.gnu.org; Thu, 04 May 2017 21:32:52 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <leo@famulari.name>) id 1d6S6s-0008CU-4t
 for submit@debbugs.gnu.org; Thu, 04 May 2017 21:32:44 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50,T_DKIM_INVALID
 autolearn=disabled version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:45830)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <leo@famulari.name>) id 1d6S6s-0008CP-0X
 for submit@debbugs.gnu.org; Thu, 04 May 2017 21:32:42 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:42331)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <leo@famulari.name>) id 1d6S6p-0004sE-I5
 for guix-patches@gnu.org; Thu, 04 May 2017 21:32:41 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <leo@famulari.name>) id 1d6S6m-00087z-3B
 for guix-patches@gnu.org; Thu, 04 May 2017 21:32:39 -0400
Received: from out4-smtp.messagingengine.com ([66.111.4.28]:36339)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <leo@famulari.name>) id 1d6S6l-00086G-N7
 for guix-patches@gnu.org; Thu, 04 May 2017 21:32:36 -0400
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
 by mailout.nyi.internal (Postfix) with ESMTP id 0A43B208D1;
 Thu,  4 May 2017 21:32:31 -0400 (EDT)
Received: from frontend1 ([10.202.2.160])
 by compute4.internal (MEProxy); Thu, 04 May 2017 21:32:31 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=content-type:date:from:message-id:mime-version:subject:to
 :x-me-sender:x-me-sender:x-sasl-enc:x-sasl-enc; s=mesmtp; bh=S8Y
 NTTOxIdPqhaiYuOSGvJijwPGtlYIZSFfIdMv1gmU=; b=o41eUztwvMydnzIUq4d
 8F54cv5boxYXanveQnFDs8ZPdk54x4uG+94I7cvepu0gOcHpnETEnXKjLPUCyWPn
 +Aehy3COrFsclgdb1plfw99YaSX59vrRt1KSL9a0dnAbjJLEbthQlxUSfEQebPPN
 UlEq6LJRbIJyff1zWfFtewj4=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=content-type:date:from:message-id
 :mime-version:subject:to:x-me-sender:x-me-sender:x-sasl-enc
 :x-sasl-enc; s=fm1; bh=S8YNTTOxIdPqhaiYuOSGvJijwPGtlYIZSFfIdMv1g
 mU=; b=NRgqlQQ4E/8h9ZaZe7D6wwdkcU8tAhwKBp1/jSkkVrb43BYSj1+UaSfmI
 MegA9c3nuNACFyZm8R1XNAAcY0anwEauJNY3iDeRWjEKN6enorfxixoLagPvUqBc
 7++ggEKkIovEDB08JrPG15GQrdmrLTA+DicLS61dreDK220/rCyLfmqaWI/JX1Vb
 2Toe2YF/LZghHTdU4kWR+hqs9VCnL+jjBlfA0WT6r1iRp1cAV6Kr/6ARWrpOcOSR
 9Ts9kl7WM1Q9gyeNKho06vu8NJNKqX4s/b3q4XijNbIc2Ge/V6Wqg0a9/yi6wWtx
 SaZMjnd6JXfvjRymaKKjV95vHA3qg==
X-ME-Sender: <xms:LtYLWW4jCluY0i-GJP3nXpGvqQZev3ahOWfW2QCqdqdeb-te3EO9lQ>
X-Sasl-enc: o3mw5akqFhZkLXcLvw9tjbLTt0xYFpcDKRk1cHNi6xJx 1493947950
Received: from localhost (ma15a36d0.tmodns.net [208.54.90.161])
 by mail.messagingengine.com (Postfix) with ESMTPA id AE3527E2B0
 for <guix-patches@gnu.org>; Thu,  4 May 2017 21:32:30 -0400 (EDT)
Date: Thu, 4 May 2017 21:32:27 -0400
From: Leo Famulari <leo@famulari.name>
To: guix-patches@gnu.org
Subject: rpcbind, libtirpc CVE-2017-8779
Message-ID: <20170505013227.GA6479@jasmine>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="WYTEVAkct0FjGQmd"
Content-Disposition: inline
User-Agent: Mutt/1.8.2 (2017-04-18)
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
 [fuzzy]
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -4.1 (----)
X-Debbugs-Envelope-To: submit
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.9 (/)


--WYTEVAkct0FjGQmd
Content-Type: multipart/mixed; boundary="BXVAT5kNtrzKuDFl"
Content-Disposition: inline


--BXVAT5kNtrzKuDFl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

These patches update libtirpc and rpcbind to the latest release and fix
CVE-2017-8779 ("rpcbomb").

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8779
https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/

--BXVAT5kNtrzKuDFl
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: attachment; filename="0001-gnu-rpcbind-Update-to-0.2.4.patch"
Content-Transfer-Encoding: quoted-printable

=46rom a021cd8f8302a69d7865e696675b1de1d55a5b43 Mon Sep 17 00:00:00 2001
=46rom: Leo Famulari <leo@famulari.name>
Date: Thu, 4 May 2017 21:04:33 -0400
Subject: [PATCH 1/3] gnu: rpcbind: Update to 0.2.4.

* gnu/packages/onc-rpc.scm (rpcbind): Update to 0.2.4.
---
 gnu/packages/onc-rpc.scm | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/onc-rpc.scm b/gnu/packages/onc-rpc.scm
index 5f67823a4..31e2388f0 100644
--- a/gnu/packages/onc-rpc.scm
+++ b/gnu/packages/onc-rpc.scm
@@ -1,6 +1,7 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright =A9 2014, 2017 Ludovic Court=E8s <ludo@gnu.org>
 ;;; Copyright =A9 2016 John Darrington <jmd@gnu.org>
+;;; Copyright =A9 2017 Leo Famulari <leo@famulari.name>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -66,7 +67,7 @@ IPv4 and IPv6.  ONC RPC is notably used by the network fi=
le system (NFS).")
 (define-public rpcbind
   (package
     (name "rpcbind")
-    (version "0.2.3")
+    (version "0.2.4")
     (source
      (origin
       (method url-fetch)
@@ -75,7 +76,7 @@ IPv4 and IPv6.  ONC RPC is notably used by the network fi=
le system (NFS).")
                           name "-" version ".tar.bz2"))
       (sha256
        (base32
-        "0yyjzv4161rqxrgjcijkrawnk55rb96ha0pav48s03l2klx855wq"))))
+        "0rjc867mdacag4yqvs827wqhkh27135rp9asj06ixhf71m9rljh7"))))
     (build-system gnu-build-system)
     (arguments
      `(#:configure-flags
--=20
2.12.2


--BXVAT5kNtrzKuDFl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="0002-gnu-libtirpc-Update-to-1.0.1.patch"
Content-Transfer-Encoding: quoted-printable

=46rom 66b36606fe00d3720cd20ec1ce1a1280bde627ec Mon Sep 17 00:00:00 2001
=46rom: Leo Famulari <leo@famulari.name>
Date: Thu, 4 May 2017 21:05:44 -0400
Subject: [PATCH 2/3] gnu: libtirpc: Update to 1.0.1.

* gnu/packages/onc-rpc.scm (libtirpc): Update to 1.0.1.
---
 gnu/packages/onc-rpc.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/onc-rpc.scm b/gnu/packages/onc-rpc.scm
index 31e2388f0..c852f9a4a 100644
--- a/gnu/packages/onc-rpc.scm
+++ b/gnu/packages/onc-rpc.scm
@@ -29,7 +29,7 @@
 (define-public libtirpc
   (package
     (name "libtirpc")
-    (version "0.2.4")
+    (version "1.0.1")
     (source (origin
               (method url-fetch)
               (uri (string-append "mirror://sourceforge/libtirpc/libtirpc/"
@@ -37,7 +37,7 @@
                                   version ".tar.bz2"))
               (sha256
                (base32
-                "18a337wa4amf0k21wnimp3yzs5l3cxqndz4x3x8bm993zhfy5hs5"))))
+                "17mqrdgsgp9m92pmq7bvr119svdg753prqqxmg4cnz5y657rfmji"))))
     (build-system gnu-build-system)
     (arguments
      `(#:phases
--=20
2.12.2


--BXVAT5kNtrzKuDFl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="0003-gnu-rpcbind-libtirpc-Fix-CVE-2017-8779.patch"
Content-Transfer-Encoding: quoted-printable

=46rom 6045f61a68907491ffb2637c5e8315e94b31dcee Mon Sep 17 00:00:00 2001
=46rom: Leo Famulari <leo@famulari.name>
Date: Thu, 4 May 2017 21:26:03 -0400
Subject: [PATCH 3/3] gnu: rpcbind, libtirpc: Fix CVE-2017-8779.

* gnu/packages/patches/libtirpc-CVE-2017-8779.patch,
gnu/packages/patches/rpcbind-CVE-2017-8779.patch: New files.
* gnu/local.mk (dist_patch_DATA): Add them.
* gnu/packages/onc-rpc.scm (rpcbind, libtirpc)[source]: Use them.
---
 gnu/local.mk                                      |   2 +
 gnu/packages/onc-rpc.scm                          |   3 +
 gnu/packages/patches/libtirpc-CVE-2017-8779.patch | 263 ++++++++++++++++++=
++++
 gnu/packages/patches/rpcbind-CVE-2017-8779.patch  |  29 +++
 4 files changed, 297 insertions(+)
 create mode 100644 gnu/packages/patches/libtirpc-CVE-2017-8779.patch
 create mode 100644 gnu/packages/patches/rpcbind-CVE-2017-8779.patch

diff --git a/gnu/local.mk b/gnu/local.mk
index ce7ecc36c..6dbee2b5e 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -744,6 +744,7 @@ dist_patch_DATA =3D						\
   %D%/packages/patches/libtiff-invalid-read.patch		\
   %D%/packages/patches/libtiff-null-dereference.patch		\
   %D%/packages/patches/libtiff-tiffcp-underflow.patch		\
+  %D%/packages/patches/libtirpc-CVE-2017-8779.patch		\
   %D%/packages/patches/libtorrent-rasterbar-boost-compat.patch	\
   %D%/packages/patches/libtool-skip-tests2.patch		\
   %D%/packages/patches/libunwind-CVE-2015-3239.patch		\
@@ -924,6 +925,7 @@ dist_patch_DATA =3D						\
   %D%/packages/patches/readline-6.2-CVE-2014-2524.patch		\
   %D%/packages/patches/readline-7.0-mingw.patch			\
   %D%/packages/patches/ripperx-missing-file.patch		\
+  %D%/packages/patches/rpcbind-CVE-2017-8779.patch		\
   %D%/packages/patches/rpm-CVE-2014-8118.patch			\
   %D%/packages/patches/rsem-makefile.patch			\
   %D%/packages/patches/ruby-concurrent-ignore-broken-test.patch	\
diff --git a/gnu/packages/onc-rpc.scm b/gnu/packages/onc-rpc.scm
index c852f9a4a..a76ac36ea 100644
--- a/gnu/packages/onc-rpc.scm
+++ b/gnu/packages/onc-rpc.scm
@@ -22,6 +22,7 @@
   #:use-module (guix licenses)
   #:use-module (guix packages)
   #:use-module (guix download)
+  #:use-module (gnu packages)
   #:use-module (gnu packages kerberos)
   #:use-module (gnu packages pkg-config)
   #:use-module (guix build-system gnu))
@@ -35,6 +36,7 @@
               (uri (string-append "mirror://sourceforge/libtirpc/libtirpc/"
                                   version "/libtirpc-"
                                   version ".tar.bz2"))
+              (patches (search-patches "libtirpc-CVE-2017-8779.patch"))
               (sha256
                (base32
                 "17mqrdgsgp9m92pmq7bvr119svdg753prqqxmg4cnz5y657rfmji"))))
@@ -74,6 +76,7 @@ IPv4 and IPv6.  ONC RPC is notably used by the network fi=
le system (NFS).")
       (uri (string-append "mirror://sourceforge/" name "/" name "/"
                           version "/"
                           name "-" version ".tar.bz2"))
+      (patches (search-patches "rpcbind-CVE-2017-8779.patch"))
       (sha256
        (base32
         "0rjc867mdacag4yqvs827wqhkh27135rp9asj06ixhf71m9rljh7"))))
diff --git a/gnu/packages/patches/libtirpc-CVE-2017-8779.patch b/gnu/packag=
es/patches/libtirpc-CVE-2017-8779.patch
new file mode 100644
index 000000000..742e64df2
--- /dev/null
+++ b/gnu/packages/patches/libtirpc-CVE-2017-8779.patch
@@ -0,0 +1,263 @@
+Fix CVE-2017-8779:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-8779
+
+Patch copied from the bug reporter's 3rd-party repository:
+
+https://github.com/guidovranken/rpcbomb/blob/master/libtirpc_patch.txt
+
+diff --git a/src/rpc_generic.c b/src/rpc_generic.c
+index 2f09a8f..589cbd5 100644
+--- a/src/rpc_generic.c
++++ b/src/rpc_generic.c
+@@ -615,6 +615,9 @@ __rpc_taddr2uaddr_af(int af, const struct netbuf *nbuf)
+=20
+ 	switch (af) {
+ 	case AF_INET:
++		if (nbuf->len < sizeof(*sin)) {
++			return NULL;
++		}
+ 		sin =3D nbuf->buf;
+ 		if (inet_ntop(af, &sin->sin_addr, namebuf, sizeof namebuf)
+ 		    =3D=3D NULL)
+@@ -626,6 +629,9 @@ __rpc_taddr2uaddr_af(int af, const struct netbuf *nbuf)
+ 		break;
+ #ifdef INET6
+ 	case AF_INET6:
++		if (nbuf->len < sizeof(*sin6)) {
++			return NULL;
++		}
+ 		sin6 =3D nbuf->buf;
+ 		if (inet_ntop(af, &sin6->sin6_addr, namebuf6, sizeof namebuf6)
+ 		    =3D=3D NULL)
+@@ -667,6 +673,8 @@ __rpc_uaddr2taddr_af(int af, const char *uaddr)
+=20
+ 	port =3D 0;
+ 	sin =3D NULL;
++	if (uaddr =3D=3D NULL)
++		return NULL;
+ 	addrstr =3D strdup(uaddr);
+ 	if (addrstr =3D=3D NULL)
+ 		return NULL;
+diff --git a/src/rpcb_prot.c b/src/rpcb_prot.c
+index 43fd385..a923c8e 100644
+--- a/src/rpcb_prot.c
++++ b/src/rpcb_prot.c
+@@ -41,6 +41,7 @@
+ #include <rpc/types.h>
+ #include <rpc/xdr.h>
+ #include <rpc/rpcb_prot.h>
++#include "rpc_com.h"
+=20
+ bool_t
+ xdr_rpcb(xdrs, objp)
+@@ -53,13 +54,13 @@ xdr_rpcb(xdrs, objp)
+ 	if (!xdr_u_int32_t(xdrs, &objp->r_vers)) {
+ 		return (FALSE);
+ 	}
+-	if (!xdr_string(xdrs, &objp->r_netid, (u_int)~0)) {
++	if (!xdr_string(xdrs, &objp->r_netid, RPC_MAXDATASIZE)) {
+ 		return (FALSE);
+ 	}
+-	if (!xdr_string(xdrs, &objp->r_addr, (u_int)~0)) {
++	if (!xdr_string(xdrs, &objp->r_addr, RPC_MAXDATASIZE)) {
+ 		return (FALSE);
+ 	}
+-	if (!xdr_string(xdrs, &objp->r_owner, (u_int)~0)) {
++	if (!xdr_string(xdrs, &objp->r_owner, RPC_MAXDATASIZE)) {
+ 		return (FALSE);
+ 	}
+ 	return (TRUE);
+@@ -159,19 +160,19 @@ xdr_rpcb_entry(xdrs, objp)
+ 	XDR *xdrs;
+ 	rpcb_entry *objp;
+ {
+-	if (!xdr_string(xdrs, &objp->r_maddr, (u_int)~0)) {
++	if (!xdr_string(xdrs, &objp->r_maddr, RPC_MAXDATASIZE)) {
+ 		return (FALSE);
+ 	}
+-	if (!xdr_string(xdrs, &objp->r_nc_netid, (u_int)~0)) {
++	if (!xdr_string(xdrs, &objp->r_nc_netid, RPC_MAXDATASIZE)) {
+ 		return (FALSE);
+ 	}
+ 	if (!xdr_u_int32_t(xdrs, &objp->r_nc_semantics)) {
+ 		return (FALSE);
+ 	}
+-	if (!xdr_string(xdrs, &objp->r_nc_protofmly, (u_int)~0)) {
++	if (!xdr_string(xdrs, &objp->r_nc_protofmly, RPC_MAXDATASIZE)) {
+ 		return (FALSE);
+ 	}
+-	if (!xdr_string(xdrs, &objp->r_nc_proto, (u_int)~0)) {
++	if (!xdr_string(xdrs, &objp->r_nc_proto, RPC_MAXDATASIZE)) {
+ 		return (FALSE);
+ 	}
+ 	return (TRUE);
+@@ -292,7 +293,7 @@ xdr_rpcb_rmtcallres(xdrs, p)
+ 	bool_t dummy;
+ 	struct r_rpcb_rmtcallres *objp =3D (struct r_rpcb_rmtcallres *)(void *)p;
+=20
+-	if (!xdr_string(xdrs, &objp->addr, (u_int)~0)) {
++	if (!xdr_string(xdrs, &objp->addr, RPC_MAXDATASIZE)) {
+ 		return (FALSE);
+ 	}
+ 	if (!xdr_u_int(xdrs, &objp->results.results_len)) {
+@@ -312,6 +313,11 @@ xdr_netbuf(xdrs, objp)
+ 	if (!xdr_u_int32_t(xdrs, (u_int32_t *) &objp->maxlen)) {
+ 		return (FALSE);
+ 	}
++
++	if (objp->maxlen > RPC_MAXDATASIZE) {
++		return (FALSE);
++	}
++
+ 	dummy =3D xdr_bytes(xdrs, (char **)&(objp->buf),
+ 			(u_int *)&(objp->len), objp->maxlen);
+ 	return (dummy);
+diff --git a/src/rpcb_st_xdr.c b/src/rpcb_st_xdr.c
+index 08db745..28e6a48 100644
+--- a/src/rpcb_st_xdr.c
++++ b/src/rpcb_st_xdr.c
+@@ -37,6 +37,7 @@
+=20
+=20
+ #include <rpc/rpc.h>
++#include "rpc_com.h"
+=20
+ /* Link list of all the stats about getport and getaddr */
+=20
+@@ -58,7 +59,7 @@ xdr_rpcbs_addrlist(xdrs, objp)
+ 	    if (!xdr_int(xdrs, &objp->failure)) {
+ 		return (FALSE);
+ 	    }
+-	    if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) {
++	    if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) {
+ 		return (FALSE);
+ 	    }
+=20
+@@ -109,7 +110,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp)
+ 		IXDR_PUT_INT32(buf, objp->failure);
+ 		IXDR_PUT_INT32(buf, objp->indirect);
+ 	}
+-	if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) {
++	if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) {
+ 		return (FALSE);
+ 	}
+ 	if (!xdr_pointer(xdrs, (char **)&objp->next,
+@@ -147,7 +148,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp)
+ 		objp->failure =3D (int)IXDR_GET_INT32(buf);
+ 		objp->indirect =3D (int)IXDR_GET_INT32(buf);
+ 	}
+-	if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) {
++	if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) {
+ 		return (FALSE);
+ 	}
+ 	if (!xdr_pointer(xdrs, (char **)&objp->next,
+@@ -175,7 +176,7 @@ xdr_rpcbs_rmtcalllist(xdrs, objp)
+ 	if (!xdr_int(xdrs, &objp->indirect)) {
+ 		return (FALSE);
+ 	}
+-	if (!xdr_string(xdrs, &objp->netid, (u_int)~0)) {
++	if (!xdr_string(xdrs, &objp->netid, RPC_MAXDATASIZE)) {
+ 		return (FALSE);
+ 	}
+ 	if (!xdr_pointer(xdrs, (char **)&objp->next,
+diff --git a/src/xdr.c b/src/xdr.c
+index f3fb9ad..b9a1558 100644
+--- a/src/xdr.c
++++ b/src/xdr.c
+@@ -42,8 +42,10 @@
+ #include <stdlib.h>
+ #include <string.h>
+=20
++#include <rpc/rpc.h>
+ #include <rpc/types.h>
+ #include <rpc/xdr.h>
++#include <rpc/rpc_com.h>
+=20
+ typedef quad_t          longlong_t;     /* ANSI long long type */
+ typedef u_quad_t        u_longlong_t;   /* ANSI unsigned long long type */
+@@ -53,7 +55,6 @@ typedef u_quad_t        u_longlong_t;   /* ANSI unsigned=
 long long type */
+  */
+ #define XDR_FALSE	((long) 0)
+ #define XDR_TRUE	((long) 1)
+-#define LASTUNSIGNED	((u_int) 0-1)
+=20
+ /*
+  * for unit alignment
+@@ -629,6 +630,7 @@ xdr_bytes(xdrs, cpp, sizep, maxsize)
+ {
+ 	char *sp =3D *cpp;  /* sp is the actual string pointer */
+ 	u_int nodesize;
++	bool_t ret, allocated =3D FALSE;
+=20
+ 	/*
+ 	 * first deal with the length since xdr bytes are counted
+@@ -652,6 +654,7 @@ xdr_bytes(xdrs, cpp, sizep, maxsize)
+ 		}
+ 		if (sp =3D=3D NULL) {
+ 			*cpp =3D sp =3D mem_alloc(nodesize);
++			allocated =3D TRUE;
+ 		}
+ 		if (sp =3D=3D NULL) {
+ 			warnx("xdr_bytes: out of memory");
+@@ -660,7 +663,14 @@ xdr_bytes(xdrs, cpp, sizep, maxsize)
+ 		/* FALLTHROUGH */
+=20
+ 	case XDR_ENCODE:
+-		return (xdr_opaque(xdrs, sp, nodesize));
++		ret =3D xdr_opaque(xdrs, sp, nodesize);
++		if ((xdrs->x_op =3D=3D XDR_DECODE) && (ret =3D=3D FALSE)) {
++			if (allocated =3D=3D TRUE) {
++				free(sp);
++				*cpp =3D NULL;
++			}
++		}
++		return (ret);
+=20
+ 	case XDR_FREE:
+ 		if (sp !=3D NULL) {
+@@ -754,6 +764,7 @@ xdr_string(xdrs, cpp, maxsize)
+ 	char *sp =3D *cpp;  /* sp is the actual string pointer */
+ 	u_int size;
+ 	u_int nodesize;
++	bool_t ret, allocated =3D FALSE;
+=20
+ 	/*
+ 	 * first deal with the length since xdr strings are counted-strings
+@@ -793,8 +804,10 @@ xdr_string(xdrs, cpp, maxsize)
+ 	switch (xdrs->x_op) {
+=20
+ 	case XDR_DECODE:
+-		if (sp =3D=3D NULL)
++		if (sp =3D=3D NULL) {
+ 			*cpp =3D sp =3D mem_alloc(nodesize);
++			allocated =3D TRUE;
++		}
+ 		if (sp =3D=3D NULL) {
+ 			warnx("xdr_string: out of memory");
+ 			return (FALSE);
+@@ -803,7 +816,14 @@ xdr_string(xdrs, cpp, maxsize)
+ 		/* FALLTHROUGH */
+=20
+ 	case XDR_ENCODE:
+-		return (xdr_opaque(xdrs, sp, size));
++		ret =3D xdr_opaque(xdrs, sp, size);
++		if ((xdrs->x_op =3D=3D XDR_DECODE) && (ret =3D=3D FALSE)) {
++			if (allocated =3D=3D TRUE) {
++				free(sp);
++				*cpp =3D NULL;
++			}
++		}
++		return (ret);
+=20
+ 	case XDR_FREE:
+ 		mem_free(sp, nodesize);
+@@ -823,7 +843,7 @@ xdr_wrapstring(xdrs, cpp)
+ 	XDR *xdrs;
+ 	char **cpp;
+ {
+-	return xdr_string(xdrs, cpp, LASTUNSIGNED);
++	return xdr_string(xdrs, cpp, RPC_MAXDATASIZE);
+ }
+=20
+ /*
diff --git a/gnu/packages/patches/rpcbind-CVE-2017-8779.patch b/gnu/package=
s/patches/rpcbind-CVE-2017-8779.patch
new file mode 100644
index 000000000..6ca93ff12
--- /dev/null
+++ b/gnu/packages/patches/rpcbind-CVE-2017-8779.patch
@@ -0,0 +1,29 @@
+Fix CVE-2017-8779:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-8779
+
+Patch copied from the bug reporter's 3rd-party repository:
+
+https://github.com/guidovranken/rpcbomb/blob/master/rpcbind_patch.txt
+
+diff --git a/src/rpcb_svc_com.c b/src/rpcb_svc_com.c
+index 5862c26..e11f61b 100644
+--- a/src/rpcb_svc_com.c
++++ b/src/rpcb_svc_com.c
+@@ -48,6 +48,7 @@
+ #include <rpc/rpc.h>
+ #include <rpc/rpcb_prot.h>
+ #include <rpc/svc_dg.h>
++#include <rpc/rpc_com.h>
+ #include <netconfig.h>
+ #include <errno.h>
+ #include <syslog.h>
+@@ -432,7 +433,7 @@ rpcbproc_taddr2uaddr_com(void *arg, struct svc_req *rq=
stp /*__unused*/,
+ static bool_t
+ xdr_encap_parms(XDR *xdrs, struct encap_parms *epp)
+ {
+-	return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), ~0));
++	return (xdr_bytes(xdrs, &(epp->args), (u_int *) &(epp->arglen), RPC_MAXD=
ATASIZE));
+ }
+=20
+ /*
--=20
2.12.2


--BXVAT5kNtrzKuDFl--

--WYTEVAkct0FjGQmd
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlkL1igACgkQJkb6MLrK
fwgQwRAA6tM/HFdANdPEmtttV425GFHsKnJ0p9kHLzVoIZNF9gnOsTyiin47ysHe
bYDvsFB8GueHThletDOqICwhwlL6AYAe7IEZMjODGdHNAnQxG1Wz/ToqYWLd+uVc
F5q8vbf5+Y3O8OH5qvADw7xt3ooPLnzhVAaV1jW+kFTzI+3A1UoU8GIsLT9Kd55u
JASn1cDpzTrNndSgSYg+A+VduMFCFbPfBvBlo7QldXCMQCtL2/5oOlwfguST8/FA
FzOlTioRPYG4mO+zPdPgQI+8xP2Lvt15h7zGMPPOYdA01mKB7FtRD9oNSaEc6csS
4TP5nWOCEtFfu/dk76Ie7Dd/4ndro1jjQDOX4Ud1XEdWXBEjzNaph4RseUIxfko1
thMVutlCB54WRSPet5cL217bF7DbTUnxi8L1tdeIyyI/2W45j8m6AYL3hnpHFT1m
TU8kfRrK/PjUl4HgqcCWOcRlF1Whz2YeQgZa7JpH88IjAZUEnwZ/Th7IB3nmP5KS
7ZvV+Z7h66gJsHLoaB1AAaCeNUsTNGM/pJITOlq3UeTI3nM+I3t/imvoMtt4N6fg
wziu6JLWcWDgIuo2IdxA65wCUMb+lXWWJOSHfToi25wyMa/ETr4BSccgyUDJKt9C
XSHOBI7UVJe6DGSPz9mgClULo8PeLa7dIKy5sT5dkAH69QOQxQE=
=+oo+
-----END PGP SIGNATURE-----

--WYTEVAkct0FjGQmd--




From debbugs-submit-bounces@debbugs.gnu.org Thu May 04 23:02:31 2017
Received: (at 26781) by debbugs.gnu.org; 5 May 2017 03:02:31 +0000
Received: from localhost ([127.0.0.1]:55101 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d6TVn-000409-4Z
	for submit@debbugs.gnu.org; Thu, 04 May 2017 23:02:31 -0400
Received: from lb1.openmailbox.org ([5.79.108.160]:35016
 helo=mail.openmailbox.org)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <kei@openmailbox.org>) id 1d6TVj-0003zs-Vt
 for 26781@debbugs.gnu.org; Thu, 04 May 2017 23:02:29 -0400
Received: by mail.openmailbox.org (Postfix, from userid 20002)
 id EA7B751195B; Fri,  5 May 2017 05:02:26 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org;
 s=openmailbox; t=1493953346;
 bh=FcQAg7Wno6ZAbXWHuf5WbBX4g8TrMIYg5EuDBuw/K30=;
 h=From:To:Cc:Subject:References:Date:In-Reply-To:From;
 b=LdvkHs1gCthl7fQH0QXz8LfK9rK8ZOvRW+E7m+z/Uwfqk7+rdbOflsdCbPBCjfQqP
 ph9Oc3S2DOAJEtEaNJBZI1CRjcaO5YpmilSz/TRY7+OvLRABBMZmH0HbBtKBmCGzNl
 Yp9Sfg4Rekf9iayDRW1zxn24Nmn7r5GFAvUnrJUU=
From: Kei Kebreau <kei@openmailbox.org>
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=openmailbox.org;
 s=openmailbox; t=1493953346;
 bh=FcQAg7Wno6ZAbXWHuf5WbBX4g8TrMIYg5EuDBuw/K30=;
 h=From:To:Cc:Subject:References:Date:In-Reply-To:From;
 b=LdvkHs1gCthl7fQH0QXz8LfK9rK8ZOvRW+E7m+z/Uwfqk7+rdbOflsdCbPBCjfQqP
 ph9Oc3S2DOAJEtEaNJBZI1CRjcaO5YpmilSz/TRY7+OvLRABBMZmH0HbBtKBmCGzNl
 Yp9Sfg4Rekf9iayDRW1zxn24Nmn7r5GFAvUnrJUU=
To: Leo Famulari <leo@famulari.name>
Subject: Re: bug#26781: rpcbind, libtirpc CVE-2017-8779
References: <20170505013227.GA6479@jasmine>
Date: Thu, 04 May 2017 23:02:22 -0400
In-Reply-To: <20170505013227.GA6479@jasmine> (Leo Famulari's message of "Thu, 
 4 May 2017 21:32:27 -0400")
Message-ID: <87pofogg5d.fsf@openmailbox.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha256; protocol="application/pgp-signature"
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 26781
Cc: 26781@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 0.0 (/)

--=-=-=
Content-Type: text/plain

Leo Famulari <leo@famulari.name> writes:

> These patches update libtirpc and rpcbind to the latest release and fix
> CVE-2017-8779 ("rpcbomb").
>
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8779
> https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-denial-of-service-patches/

LGTM.

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEg7ZwOtzKO2lLzi2m5qXuPBlGeg0FAlkL6z4ACgkQ5qXuPBlG
eg07CQ//ThvWmQ17SrEdvw4uZg64SSwetqT2Hazl73GcXr5oi21FHI3cdFCekd6K
99RNDxDxpuxamTC+Jh0U3ey/OybCSqBvt7vA4FsyN/v7QThWidKvyCtnML6XLYzm
4wH0JytkRhc5TSydUh8CrrGJgLpae6M9aytZzPBbMygO5qa72L1vgOBD4lNzBOVH
XgsCZEVFnoEC80hkXk69x01dJVxTH8J0YUr4WqpT/54ZDNq1WktinueiW1dr7ILc
HgYGxg1EfmZVVhq2BaF4KJvZGKZJWD7WgCaPOe1+ITnSMfrnCi7GH6J37eXC/rP5
fwIhpNVbvyPPMhMlOas5Hg1J2/T0qFAy8TKuYcZN52Pqs9zUVSqQ0ofwwDcuQZPR
lXpFPDCh+BzCHRdNbbsv9hNBfjgL69/FPXiTN1SDFbfn0JZhXNQ96qcTweXNFLkE
lPE1Q9Ec9nJf9GNTewtxUf72cBNtP/ukTdQTez3JTIAXZqj7lpW+qmgqh9fYqWkc
oD12MG7KuAG9HlOCNUe/TJHdRKKAS4T5FIRxQSTdKrQTGKbUw8L5XbdCiYShKNk4
372CBnsf7mnVhMQtntMLjYn3BJ+BR5L8wo2mXyRNFArw9D15IqaNi+7Fsk0q0Xsv
vOMnXCkf3zc/9t9BpO08C8Bx2g/9g1ZWmOedESZEl7nS44yBpQQ=
=x185
-----END PGP SIGNATURE-----
--=-=-=--




From debbugs-submit-bounces@debbugs.gnu.org Fri May 05 03:56:58 2017
Received: (at 26781) by debbugs.gnu.org; 5 May 2017 07:56:58 +0000
Received: from localhost ([127.0.0.1]:55351 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d6Y6i-00080d-Vp
	for submit@debbugs.gnu.org; Fri, 05 May 2017 03:56:58 -0400
Received: from eggs.gnu.org ([208.118.235.92]:56707)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <ludo@gnu.org>) id 1d6Y6h-00080Q-Qm
 for 26781@debbugs.gnu.org; Fri, 05 May 2017 03:56:56 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <ludo@gnu.org>) id 1d6Y6Y-0005TU-63
 for 26781@debbugs.gnu.org; Fri, 05 May 2017 03:56:50 -0400
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD
 autolearn=disabled version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:46427)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <ludo@gnu.org>)
 id 1d6Y6Y-0005TQ-31; Fri, 05 May 2017 03:56:46 -0400
Received: from [193.50.110.181] (port=54834 helo=ribbon)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <ludo@gnu.org>)
 id 1d6Y6X-0006Gr-Hd; Fri, 05 May 2017 03:56:45 -0400
From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=)
To: Leo Famulari <leo@famulari.name>
Subject: Re: bug#26781: rpcbind, libtirpc CVE-2017-8779
References: <20170505013227.GA6479@jasmine>
X-URL: http://www.fdn.fr/~lcourtes/
X-Revolutionary-Date: 16 =?utf-8?Q?Flor=C3=A9al?= an 225 de la =?utf-8?Q?R?=
 =?utf-8?Q?=C3=A9volution?=
X-PGP-Key-ID: 0x090B11993D9AEBB5
X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc
X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
X-OS: x86_64-unknown-linux-gnu
Date: Fri, 05 May 2017 09:56:44 +0200
In-Reply-To: <20170505013227.GA6479@jasmine> (Leo Famulari's message of "Thu, 
 4 May 2017 21:32:27 -0400")
Message-ID: <87inlfbutf.fsf@gnu.org>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 26781
Cc: 26781@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

Leo Famulari <leo@famulari.name> skribis:

> These patches update libtirpc and rpcbind to the latest release and fix
> CVE-2017-8779 ("rpcbomb").
>
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-8779
> https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-deni=
al-of-service-patches/

Excellent.  The 3 patches LGTM.

Thank you Leo!

Ludo=E2=80=99.




From debbugs-submit-bounces@debbugs.gnu.org Fri May 05 15:35:58 2017
Received: (at 26781-done) by debbugs.gnu.org; 5 May 2017 19:35:58 +0000
Received: from localhost ([127.0.0.1]:56775 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1d6j1C-00079D-2J
	for submit@debbugs.gnu.org; Fri, 05 May 2017 15:35:58 -0400
Received: from out4-smtp.messagingengine.com ([66.111.4.28]:40967)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <leo@famulari.name>) id 1d6j1B-000796-4N
 for 26781-done@debbugs.gnu.org; Fri, 05 May 2017 15:35:57 -0400
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44])
 by mailout.nyi.internal (Postfix) with ESMTP id 095212089D;
 Fri,  5 May 2017 15:35:57 -0400 (EDT)
Received: from frontend1 ([10.202.2.160])
 by compute4.internal (MEProxy); Fri, 05 May 2017 15:35:57 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name;
 h=cc:content-type:date:from:in-reply-to:message-id:mime-version
 :references:subject:to:x-me-sender:x-me-sender:x-sasl-enc
 :x-sasl-enc; s=mesmtp; bh=WE1teF3l0U5mdjRgKOb6S+88pX6U6Rnum49/Oj
 o7ULA=; b=nxU9RIAKLp7MlIgvx2VujvXOyneUac9Yx6fjOneAh/Qd05HXNLju/i
 o7kguTAgL2+VKO9wuo7d/znTKk4Gt0u3ENVFHV/eHEJNFcDq+EtCP4e52rmBfUeN
 jCVxhfN+6eXc4LO0JCe5CO4J/pPGHp0QCe44+Od0zdMNHlyI3ZUPM=
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-sender
 :x-me-sender:x-sasl-enc:x-sasl-enc; s=fm1; bh=WE1teF3l0U5mdjRgKO
 b6S+88pX6U6Rnum49/Ojo7ULA=; b=i4+68SRtJWx4A1IMzobi4XDtfHGvGq1lyO
 GQr5qsceRgfmUJAyfYnJfHrLNo5MUt+1f5iRtLshHtp+LbSvj0g8fMtJRbh23HSZ
 7WyCQw68ts+NG3rf29pWFtZik9uSNvFW2HnB+cttHn3NB6ua9bWs4aDZiKvZKMLF
 TJITCf3MpUgMR6n3/xU8ZkMEllyq6xH8sXcRI5cTXsmRfK+kCoVQfVPT4SBAbm3B
 DePloVkLuDORVYAAKAym2hN+ePvrjdp5fU1CTG4BX0Th+YPqDT4/QnPrkf1pTepx
 tOyFwCkQ56W9ROhMgNQrYBvvCA2fghFwqapK069WqWk5urZRMp9w==
X-ME-Sender: <xms:HNQMWaVnZh4-_p7cMSpGKp0tLqPyaEj12PlNMPS1_lfzp61D8RfbnA>
X-Sasl-enc: VplGa7DV5r6pZGx07nZruYy6TUOkFIQIJ6wJWSuGy641 1494012956
Received: from localhost (c-73-165-108-70.hsd1.pa.comcast.net [73.165.108.70])
 by mail.messagingengine.com (Postfix) with ESMTPA id C1E067E59A;
 Fri,  5 May 2017 15:35:56 -0400 (EDT)
Date: Fri, 5 May 2017 15:35:56 -0400
From: Leo Famulari <leo@famulari.name>
To: Ludovic =?iso-8859-1?Q?Court=E8s?= <ludo@gnu.org>
Subject: Re: bug#26781: rpcbind, libtirpc CVE-2017-8779
Message-ID: <20170505193556.GB10051@jasmine>
References: <20170505013227.GA6479@jasmine>
 <87inlfbutf.fsf@gnu.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature"; boundary="2B/JsCI69OhZNC5r"
Content-Disposition: inline
In-Reply-To: <87inlfbutf.fsf@gnu.org>
User-Agent: Mutt/1.8.2 (2017-04-18)
X-Spam-Score: -0.7 (/)
X-Debbugs-Envelope-To: 26781-done
Cc: 26781-done@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)


--2B/JsCI69OhZNC5r
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, May 05, 2017 at 09:56:44AM +0200, Ludovic Court=E8s wrote:
> Leo Famulari <leo@famulari.name> skribis:
>=20
> > These patches update libtirpc and rpcbind to the latest release and fix
> > CVE-2017-8779 ("rpcbomb").
> >
> > https://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2017-8779
> > https://guidovranken.wordpress.com/2017/05/03/rpcbomb-remote-rpcbind-de=
nial-of-service-patches/
>=20
> Excellent.  The 3 patches LGTM.
>=20
> Thank you Leo!

Thanks for the reviews! Pushed!

I sent a followup patch to update nfs-utils. Somebody who uses NFS
should review it.

--2B/JsCI69OhZNC5r
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlkM1BsACgkQJkb6MLrK
fwi1Qw/9Geq8zV5aKLROZtXHa4c4GKaReZHrGz117DFbjrUpJWIbwligLTuR4AW+
k1boLG/obC/a795G/tfuC1upLsgwPfCIdwQnWn608Yaq1SQ02DXsTho/3srTLRPx
b3qoAPTmKzdzMLuzMOgTVF5mVqcp9xnip1f7XcL05UQUQqeygnsssfti8XYBMRQq
xifVCwx5QcqHEOOg/yO8PmI7+Q5JWCLggKu7qZ9NLIfX9koN5u/k3yHQmM6gLzP5
hqRdS7w82bdF84E1s0tw0G+MQBvQIfLIKodwJWHWiCEl/qunDk75hCDlH5G3Nquj
WhF4c2A+iR9lnn6Y6+0wZdk3t+B7TeCkTg9IXW+YnsC5rSdhE0HeHqHl8O2TOQ2P
4ulP2WFVLjMzPawMC3pe0UlGzcTFLtyMgngnrx6Q9/MK6Br0Tb81Nh4j+Vfs8qIE
YlquzNgsqupkszHpX8LcjOdABocYcIwjXpIeSE9I13dnkVzvOGCo5GcCWORd4uKW
i8idl0wW9TlnfX9BMuE9nfxkm4EIupN3ofEF7uYtu4GOJLCOFRHU0IMG2VLMkC0w
Z3myIVDxUURUsj6dsQ0O1MLhQCflyIqzqIWZjHJTLTuk51muuOluthJiqHKbndC5
IKTxk+RO8YONnPZf01ao6mjSlNryJZGStEhM4nzgnA81It+lPE4=
=P+cz
-----END PGP SIGNATURE-----

--2B/JsCI69OhZNC5r--




From unknown Thu Sep 18 20:48:39 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Sat, 03 Jun 2017 11:24:07 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator