FS#58502 - [libtirpc] 1.0.3 breaks connection from privileged ports
Attached to Project:
Arch Linux
Opened by Sebastian Stammler (epinephrine) - Tuesday, 08 May 2018, 13:38 GMT
Last edited by Andreas Radke (AndyRTR) - Tuesday, 08 May 2018, 17:01 GMT
Opened by Sebastian Stammler (epinephrine) - Tuesday, 08 May 2018, 13:38 GMT
Last edited by Andreas Radke (AndyRTR) - Tuesday, 08 May 2018, 17:01 GMT
|
Details
I recently updated ypbind-mt from version 1.38 to 2.4 and
suddenly couldn't login to my boxes anymore, which are still
using NIS for the retrieval of shadow content. The server
uses port security, i.e., requests are only accepted if
coming from a privileged port. The server logs show the
error
ypserv[3142]: refused connect from <ypbind client ip>:56878 to procedure ypproc_match (<domain>,shadow.byname;-1) While NIS is not supported by official Arch packages anymore, this issue was still caused by the update of libtirpc from 1.0.2 to 1.0.3. Downgrading to 1.0.2 fixed this issue. The current maintainer of ypbind-mt calls version 1.0.3 "terribly broken" and that it shouldn't be used, see bug report [0]. Further details can also be found in this bug report. So my question is if the upgrade of libtirpc to 1.0.3 was really safe? [0] https://github.com/thkukuk/ypbind-mt/issues/1 |
This task depends upon
Closed by Andreas Radke (AndyRTR)
Tuesday, 08 May 2018, 17:01 GMT
Reason for closing: Fixed
Additional comments about closing: patch applied to 1.0.3-2
Tuesday, 08 May 2018, 17:01 GMT
Reason for closing: Fixed
Additional comments about closing: patch applied to 1.0.3-2
http://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=2802259184ada839793152ed0a0f130065f82dfd
Now I'm just wondering why the maintainer of ypbind-mt considers 1.0.3. to be "terribly broken"... were other changes like this applied?