Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

atftp-0.7.5-1.1 RPM for armv7hl

From OpenSuSE Ports Tumbleweed for armv7hl

Name: atftp Distribution: openSUSE Tumbleweed
Version: 0.7.5 Vendor: openSUSE
Release: 1.1 Build date: Sat Sep 25 00:39:51 2021
Group: System/Daemons Build host: obs-arm-11
Size: 147825 Source RPM: atftp-0.7.5-1.1.src.rpm
Packager: http://bugs.opensuse.org
Url: https://sourceforge.net/projects/atftp/
Summary: Advanced TFTP Server and Client
atftp stands for Advanced Trivial File Transfer Protocol. It is called
"advanced", in contrast to others TFTP servers, for two reasons. First,
it is intended to be fully compliant with all related RFCs. This
includes RFC1350, RFC2090, RFC2347, RFC2348, and RFC2349. Second, atftp
is intended for serving boot files to large clusters. It is
multithreaded and will eventually support multicast, allowing faster
boot of hundreds of machines simultaneously.

Provides

Requires

License

GPL-2.0-or-later

Changelog

* Wed Sep 15 2021 Pedro Monreal <pmonreal@suse.com>
  - Update to version 0.7.5 [bsc#1190522, CVE-2021-41054]
    * text files: mark/convert all textfiles to UTF-8
    * fix some compiler warnings
    * fix buffer overflow in atftpd (CVE-2021-41054)
    * test.sh: check for root no longer necessary
    * tftpd.c: Only drop privs if requested or running as root + check for failure
    * fix invalid read of 1 byte in tftp_send_request.
    * Check return value of fseek(), abort if != 0
    * options.c: Proper fix for the read-past-end-of-array
    * configure.ac: Add -std=gnu89 if gcc/clang is detected
    * tftpd.c: Fix memleak if thread spawning fails
    * atftp: Check return value of fgets, buffer might be uninitialized on NULL
    * Fix check for argz support (HAVE_ARGZ -> HAVE_ARGZ_H)
    * replace LICENSE with current version
    * Remove patches fixed upstream:
    - atftp-0.7-sorcerers_apprentice.patch
    - atftp-0.7-server_receive_race.patch
    - atftp-0.7-ack_heuristic.patch
    * Rebase patches:
    - atftp-drop_privileges_non-daemon.patch
    - atftp-0.7-default_dir_man.patch
    - atftp-0.7-default_user_man.patch
* Tue Sep 14 2021 Johannes Segitz <jsegitz@suse.com>
  - Added hardening to systemd service(s) (bsc#1181400). Modified:
    * atftpd.service
* Tue May 25 2021 Ferdinand Thiessen <rpm@fthiessen.de>
  - Update to version 0.7.4
    * fix compile, missing include
    * fix compile, add missing defines
    * link against libpthread for atftp
    * fixed atftp fails to write to /proc/self/fd/1
    * Fix for DoS issue CVE-2020-6097
    * remove inline keyword from definitions
    * remove extern inlines
    * sys/cdefs usage
  - Drop fixed atftp-CVE-2020-6097.patch
* Thu Jan 21 2021 Thorsten Kukuk <kukuk@suse.com>
  - Use system wide tftp user/group, don't create them again
* Wed Oct 21 2020 Pedro Monreal <pmonreal@suse.com>
  - Security fix: [bsc#1176437, CVE-2020-6097]
    * A specially crafted sequence of RRQ-Multicast requests can
      trigger an assert() call resulting denial-of-service.
  - Add atftp-CVE-2020-6097.patch
* Sat Apr 25 2020 chris@computersalat.de
  - fix logrotate
    * change command to '/sbin/service atftpd restart' since there is no
      init script and we are using systemd
  - fix service file
    * atftpd does not create logfile when there is none, hence we create
      in ExecStartPre
  - Update sysconfig file
    * add ATFTPD_LOGFILE if we want to use our own logfile
    * add comment to ATFTPD_BIND_ADDRESSES that it is obsolete since
      systemd (binds to 0.0.0.0)
* Fri Jul 05 2019 matthias.gerstner@suse.com
  - removal of SuSEfirewall2 service, since SuSEfirewall2 has been replaced by
    firewalld, see [1].
    [1]: https://lists.opensuse.org/opensuse-factory/2019-01/msg00490.html
* Fri Apr 26 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Removed old initscript conditionals and atftpd.init file
* Wed Apr 24 2019 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com>
  - Update to version 0.7.2 [bsc#1133114, CVE-2019-11365][bsc#1133145, CVE-2019-11366]
    * atftpd.c: Fixed a potential DoS bug (introduced by the IPv6 patch)
    * Fix Debian Bug deb#613582 and deb#258998 atftpd: does not reply properly when there's more than 1 interface
    * Fix Debian Bug deb#622840 atftpd: Forgets port if both --port and --bind-address are used
    * Fix Debian Bug deb#606969 atftp exits with no error after a get when disk is full
    * Fix Debian Bug deb#575831 atftp: error return value when tftp put file
    * Fix missing default port from Ubuntu bug lp#972834
    * Merged patches to improve debugging and warning messages
    * Merged patch from Gentoo distribution:
      add support for proprietary password extension necessary for
      transferring files to linksys routers (atftp client)
    * Added patch from Gentoo bug #322601: client fails for filenames containing spaces
    * Listening Address configuration fixed
    * Added Patch "Blksize option can be smaller than SEGSIZE"
    * Fix Debian Bug deb#609813 Apply patch listen on requested port when in daemon mode.
    * Fix Debian Bug deb#598474 Fixed use of sendto() over a connected datagram socket on FreeBSD
    * Fix Debian Bug deb#580473 Apply IPv6 support patch by Ben Hutchings.
      Add AC_GNU_SOURCE to configure.ac to address FTBFS.
    * Fix Debian Bug deb#536295 Updated config.sub .guess.
    * Fix Debian Bug deb#535604 Make sure we have the --daemon option before starting atftpd
    * Fix Debian Bug deb#514521 Crash fix
    * Fix Debian Bug deb#484739 Added support for logging to stdout.
    * Fix Debian Bug deb#484932 inetd.conf: change udp to udp4
    * Fix Debian Bug deb#436310 Fixed the FTBFS.
    * Fix Debian Bug deb#420900 Use CLOCKS_PER_SEC instead of CLK_TCK. Fixed a FTBFS.
    * Fix Debian Bug deb#271816 Random segfaults fixed
    * Fix Debian Bug deb#291829 Segfault fixed on AMD64.
    * Fix Debian Bug deb#290062 Copyright fixed.
    * Fix Debian Bug deb#275052 Data corruption bug in multicast mode fixed.
    * New Project home: https://sourceforge.net/projects/atftp/
  - Removed patches fixed upstream:
    * atftp-0.7.dif
    * atftp-CLK_TCK.diff
    * atftp-0.7_compiler_warnings.patch
    * atftp-0.7_thread_crash.patch
    * atftp-0.7_sol_ip.patch
    * atftp-0.7_bug-213384_OPT_NUMBER.patch
    * atftpd-0.7_unprotected_assignments_crash.patch
    * atftpd-0.7_circumvent_tftp_size_restrictions.patch
  - Rebased patches:
    * atftp-0.7-ack_heuristic.patch
    * atftp-0.7-default_user_man.patch
    * atftp-0.7-server_receive_race.patch
    * atftp-0.7-sorcerers_apprentice.patch
    * atftp-drop_privileges_non-daemon.patch
* Thu Nov 23 2017 rbrown@suse.com
  - Replace references to /var/adm/fillup-templates with new
    %_fillupdir macro (boo#1069468)

Files

/etc/logrotate.d/atftp
/srv/tftpboot
/usr/bin/atftp
/usr/lib/systemd/system/atftpd.service
/usr/lib/systemd/system/atftpd.socket
/usr/sbin/atftpd
/usr/sbin/in.tftpd
/usr/sbin/rcatftpd
/usr/share/doc/packages/atftp
/usr/share/doc/packages/atftp/BUGS
/usr/share/doc/packages/atftp/FAQ
/usr/share/doc/packages/atftp/README
/usr/share/doc/packages/atftp/README.MCAST
/usr/share/doc/packages/atftp/README.PCRE
/usr/share/doc/packages/atftp/TODO
/usr/share/fillup-templates/sysconfig.atftpd
/usr/share/licenses/atftp
/usr/share/licenses/atftp/LICENSE
/usr/share/man/man1/atftp.1.gz
/usr/share/man/man8/atftpd.8.gz
/usr/share/man/man8/in.tftpd.8.gz
/var/log/atftpd


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Dec 3 23:48:33 2021