RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1085024 - rebase socat to 1.7.3.2
Summary: rebase socat to 1.7.3.2
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: socat
Version: 7.1
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Paul Wouters
QA Contact: Jan Blazek
URL:
Whiteboard:
Depends On: 1020203 1021429 1021948 1021958 1021967 1021972 1022048 1022062 1022063 1022070
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-04-07 14:47 UTC by Paul Wouters
Modified: 2021-10-01 12:31 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Rebase: Bug Fixes and Enhancements
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-08-01 18:57:03 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:2049 0 normal SHIPPED_LIVE socat bug fix update 2017-08-01 18:13:19 UTC

Description Paul Wouters 2014-04-07 14:47:17 UTC 
After a redhat audit we send a dozen bugs upstream. 1.7.2.3 fixed the CVE issue that was found. All other bugs did not make it in, but we have bug entries for these. Since there are also a dozen other fixes, we should just rebase, or else we just end up with 1.7.2.4 calling itself 1.7.2.3. Relevant part of http://www.dest-unreach.org/socat/doc/CHANGES listed below which contain our bugzilla references

corrections:
	LISTEN based addresses applied some address options, e.g. so-keepalive,
	to the listening file descriptor instead of the connected file
	descriptor
	Thanks to Ulises Alonso for reporting this bug

	make failed after configure with non gcc compiler due to missing
	include. Thanks to Horacio Mijail for reporting this problem

	configure checked for --disable-rawsocket but printed
	--disable-genericsocket in the help text. Thanks to Ben Gardiner for
	reporting and patching this bug

	In xioshutdown() a wrong branch was chosen after RECVFROM type addresses.
	Probably no impact.
	Thanks to David Binderman for reproting this issue.

	procan could not cleanly format ulimit values longer than 16 decimal
	digits. Thanks to Frank Dana for providing a patch that increases field
	width to 24 digits.

	OPENSSL-CONNECT with bind option failed on some systems, eg.FreeBSD, with
	"Invalid argument"
	Thanks to Emile den Tex for reporting this bug.

	Changed some variable definitions to make gcc -O2 aliasing checker happy
	Thanks to Ilya Gordeev for reporting these warnings

	On big endian platforms with type long >32bit the range option applied a
	bad base address. Thanks to hejia hejia for reporting and fixing this bug.

	Red Hat issue 1022070: missing length check in xiolog_ancillary_socket()

	Red Hat issue 1022063: out-of-range shifts on net mask bits

	Red Hat issue 1022062: strcpy misuse in xiosetsockaddrenv_ip4()

	Red Hat issue 1022048: strncpy hardening: corrected suspicious strncpy()
	uses

	Red Hat issue 1021958: fixed a bug with faulty buffer/data length
	calculation in xio-ascii.c:_xiodump()

	Red Hat issue 1021972: fixed a missing NUL termination in return string
	of sysutils.c:sockaddr_info() for the AF_UNIX case

	fixed some typos and minor issues, including:
	Red Hat issue 1021967: formatting error in manual page

	UNIX-LISTEN with fork option did not remove the socket file system entry
	when exiting. Other file system based passive address types had similar
	issues or failed to apply options umask, user e.a.
	Thanks to Lorenzo Monti for pointing me to this issue

porting:
	Red Hat issue 1020203: configure checks fail with some compilers.
	Use case: clang

	Performed changes for Fedora release 19

	Adapted, improved test.sh script

	Red Hat issue 1021429: getgroupent fails with large number of groups;
	use getgrouplist() when available instead of sequence of calls to
	getgrent()

	Red Hat issue 1021948: snprintf API change;
	Implemented xio_snprintf() function as wrapper that tries to emulate C99
	behaviour on old glibc systems, and adapted all affected calls
	appropriately

	Mike Frysinger provided a patch that supports long long for time_t,
	socklen_t and a few other libc types.

	Artem Mygaiev extended Cedril Priscals Android build script with pty code

	The check for fips.h required stddef.h
	Thanks to Matt Hilt for reporting this issue and sending a patch

	Check for linux/errqueue.h failed on some systems due to lack of
	linux/types.h inclusion. Thanks to Michael Vastola for sending a patch.

	autoconf now prefers configure.ac over configure.in
	Thanks to Michael Vastola for sending a patch.

	type of struct cmsghdr.cmsg is system dependend, determine it with
	configure; some more print format corrections

docu:
	libwrap always logs to syslog

	added actual text version of GPLv2
Comment 2 Paul Wouters 2016-11-07 08:19:26 UTC 
updated the rebase target to 1.7.3.0
Comment 9 errata-xmlrpc 2017-08-01 18:57:03 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:2049
Note You need to log in before you can comment on or make changes to this bug.