Bug 2073184

Latest upstream release: 1.218-5
Current version/release in rawhide: 1.218-4
URL: https://tracker.debian.org/pkg/netcat-openbsd

- NEWS:

  This release adds support for abstract namespace sockets in the AF_UNIX
  family.  When the specified socket path starts with an at symbol '@', such as
  in `nc -U @foobar.sock`, it is read as an abstract socket (on Linux).

  This has possible security implications: `nc -lU @foobar.sock` used to bind
  pathname socket '@foobar.sock' in the current directory, subject to umask and
  file system access restrictions, while on Linux it now binds 'foobar.sock' in
  the abstract namespace where ownership and permissions have *no meaning*.

  In order to specify a pathname socket make sure the argument doesn't start
  with '@'; for instance by prefixing with './' or by using a fully-qualified
  path.  (Note however that on Linux socket pathnames may not exceed 108 bytes
  in size.)


- Changelog:

  [ Dirk Jagdmann ]
  * Add support for abstract namespace sockets in the AF_UNIX family.

  [ Guilhem Moulin ]
  * d/t/client-server: Add a simple test for sockets in the AF_UNIX family,
    including those in the abstract namespace on Linux.  We were only checking
    sockets in the AF_INET family before.
  * d/p/abstract-unix-domain-socket.patch: Some fixes and improvements upon
    Dirk's patch.
  * d/checks: Ensure sockets in the AF_UNIX family are usable up to the
    sizeof(sun_path) limit, and rejected with ENAMETOOLONG when they exceed it.
  * d/checks: Add tests for abstract namespace sockets in the AF_UNIX family,
    incl. for source datagram UNIX domain sockets.
  * d/p/abstract-unix-domain-socket.patch: Always reject the empty pathname
    sockets, which on Linux was read as the NUL abstract socket before.  The
    empty abstract socket is still allowed however, and is specified as "@".
  * d/p/misc-failures-and-features.patch: Remove double warning in
    unix_connect().
  * d/p/misc-failures-and-features.patch: Remove leftover union{}, obsolete
    since 1.190-1.
  * d/p/misc-failures-and-features.patch: Factor out Makefile changes to
    d/p/port-to-linux-with-libbsd.patch.
  * d/p/misc-failures-and-features.patch: Remove redundant errx() call in
    unix_connect().
  * d/p/misc-failures-and-features.patch: Improve error message for UNIX-domain
    datagram sockets.
  * d/checks: Use '--' marker to avoid breakage on socket pathnames starting
    with '-'.
  * d/checks/netcat: Set LC_ALL=C.
  * Add d/NEWS entry mentioning abstract sockets support and its implications.
  * d/p/*: Consolidate usage of '#if defined(FOO)' vs. '#ifdef FOO'.
  * d/p/build-without-TLS-support.patch: Rename '-DTLS' to the less generic
    '-DHAVE_TLS'.
  * d/p/port-to-linux-with-libbsd.patch: Use automatic Makefile variables.
  * d/checks/02-connect: Check default temporary socket name for datagram
    sockets.
  * d/tests/client-server: Check that the socket path is left behind.
  * Rather than using mkstemp(3) to create unique names for default source
    datagram UNIX domain sockets, use mkdtemp(3) to create a new empty
    directory (with mode 0700) and use it to store a fixed socket name.  This
    fixes a file descriptor leak and a race condition where a new file would be
    created by an attacker between the unlink(2) and bind(2) calls.  We don't
    use an abstract socket here since it would open a race condition with the
    possibility for a local attacker to inject fake server responses.
  * d/p/*: Minor formatting fixes.
  * d/p/*: Improve Subject: lines.
  * d/copyright: Update copyright years.