[pkg-java] r17037 - in trunk/libjgroups-java/debian: . patches
Emmanuel Bourg
ebourg-guest at alioth.debian.org
Tue Jul 16 10:42:46 UTC 2013
Author: ebourg-guest
Date: 2013-07-16 10:42:45 +0000 (Tue, 16 Jul 2013)
New Revision: 17037
Added:
trunk/libjgroups-java/debian/patches/
trunk/libjgroups-java/debian/patches/01_disable_diagnostics.patch
trunk/libjgroups-java/debian/patches/series
Modified:
trunk/libjgroups-java/debian/changelog
Log:
Disable diagnostic probing by default (CVE-2013-4112) (Closes: #717031)
Modified: trunk/libjgroups-java/debian/changelog
===================================================================
--- trunk/libjgroups-java/debian/changelog 2013-07-15 22:13:32 UTC (rev 17036)
+++ trunk/libjgroups-java/debian/changelog 2013-07-16 10:42:45 UTC (rev 17037)
@@ -1,3 +1,9 @@
+libjgroups-java (2.12.2.Final-4) unstable; urgency=low
+
+ * Disable diagnostic probing by default (CVE-2013-4112) (Closes: #717031)
+
+ -- Emmanuel Bourg <ebourg at apache.org> Tue, 16 Jul 2013 12:18:18 +0200
+
libjgroups-java (2.12.2.Final-3) unstable; urgency=low
* Updated the watch file to match releases > 2.11.0
Added: trunk/libjgroups-java/debian/patches/01_disable_diagnostics.patch
===================================================================
--- trunk/libjgroups-java/debian/patches/01_disable_diagnostics.patch (rev 0)
+++ trunk/libjgroups-java/debian/patches/01_disable_diagnostics.patch 2013-07-16 10:42:45 UTC (rev 17037)
@@ -0,0 +1,106 @@
+Description: Disable diagnostic probing by default (Fixes CVE-2013-4112)
+Author: Emmanuel Bourg <ebourg at apache.org>
+Forwarded: not-needed
+Bug: http://bugs.debian.org/717031
+Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4112
+--- a/conf/auth_regex.xml
++++ b/conf/auth_regex.xml
+@@ -25,7 +25,7 @@
+ enable_bundling="true"
+ bundler_capacity="50000"
+ enable_unicast_bundling="true"
+- enable_diagnostics="true"
++ enable_diagnostics="false"
+ thread_naming_pattern="cl"
+
+ timer_type="new"
+--- a/conf/execution-service.xml
++++ b/conf/execution-service.xml
+@@ -20,7 +20,7 @@
+ max_bundle_timeout="30"
+ ip_ttl="${jgroups.udp.ip_ttl:2}"
+ enable_bundling="true"
+- enable_diagnostics="true"
++ enable_diagnostics="false"
+ thread_naming_pattern="cl"
+
+ timer_type="new"
+--- a/conf/fast-local.xml
++++ b/conf/fast-local.xml
+@@ -24,7 +24,7 @@
+ ip_ttl="${jgroups.udp.ip_ttl:0}"
+ enable_bundling="true"
+ enable_unicast_bundling="true"
+- enable_diagnostics="true"
++ enable_diagnostics="false"
+ thread_naming_pattern="cl"
+
+ timer_type="new"
+--- a/conf/flush-udp.xml
++++ b/conf/flush-udp.xml
+@@ -19,7 +19,7 @@
+ max_bundle_timeout="30"
+ ip_ttl="${jgroups.udp.ip_ttl:2}"
+ enable_bundling="true"
+- enable_diagnostics="true"
++ enable_diagnostics="false"
+
+ thread_naming_pattern="pl"
+
+--- a/conf/sequencer.xml
++++ b/conf/sequencer.xml
+@@ -21,7 +21,7 @@
+ max_bundle_timeout="30"
+ ip_ttl="${jgroups.udp.ip_ttl:2}"
+ enable_bundling="true"
+- enable_diagnostics="true"
++ enable_diagnostics="false"
+ thread_naming_pattern="cl"
+
+ thread_pool.enabled="true"
+--- a/conf/sfc.xml
++++ b/conf/sfc.xml
+@@ -20,7 +20,7 @@
+ max_bundle_timeout="30"
+ ip_ttl="${jgroups.udp.ip_ttl:2}"
+ enable_bundling="true"
+- enable_diagnostics="true"
++ enable_diagnostics="false"
+ thread_naming_pattern="cl"
+
+ thread_pool.enabled="true"
+--- a/conf/udp-largecluster.xml
++++ b/conf/udp-largecluster.xml
+@@ -23,7 +23,7 @@
+ max_bundle_timeout="30"
+ ip_ttl="${jgroups.udp.ip_ttl:8}"
+ enable_bundling="true"
+- enable_diagnostics="true"
++ enable_diagnostics="false"
+ thread_naming_pattern="cl"
+
+ timer_type="new"
+--- a/conf/udp.xml
++++ b/conf/udp.xml
+@@ -21,7 +21,7 @@
+ max_bundle_timeout="30"
+ ip_ttl="${jgroups.udp.ip_ttl:2}"
+ enable_bundling="true"
+- enable_diagnostics="true"
++ enable_diagnostics="false"
+ thread_naming_pattern="cl"
+
+ timer_type="new"
+--- a/src/org/jgroups/protocols/TP.java
++++ b/src/org/jgroups/protocols/TP.java
+@@ -202,8 +202,8 @@
+ @Property(description="Enable bundling of smaller messages into bigger ones for unicast messages. Default is false")
+ protected boolean enable_unicast_bundling=false;
+
+- @Property(description="Switch to enable diagnostic probing. Default is true")
+- protected boolean enable_diagnostics=true;
++ @Property(description="Switch to enable diagnostic probing. Default is false")
++ protected boolean enable_diagnostics=false;
+
+ @Property(description="Address for diagnostic probing. Default is 224.0.75.75",
+ defaultValueIPv4="224.0.75.75",defaultValueIPv6="ff0e::0:75:75")
Added: trunk/libjgroups-java/debian/patches/series
===================================================================
--- trunk/libjgroups-java/debian/patches/series (rev 0)
+++ trunk/libjgroups-java/debian/patches/series 2013-07-16 10:42:45 UTC (rev 17037)
@@ -0,0 +1 @@
+01_disable_diagnostics.patch
More information about the pkg-java-commits
mailing list