From 3a2591c5ff50b3e5a8c6f370f43bccfa5b69a258 Mon Sep 17 00:00:00 2001 From: yangl777 Date: Thu, 13 Feb 2025 06:19:15 +0000 Subject: [PATCH] sync some patches from upstream --- ...andom-value-for-the-identifier-field.patch | 155 ++++++++++++++++++ ...ng-Fix-the-errno-handling-for-strtod.patch | 64 ++++++++ ...orrectly-in-the-second-after-booting.patch | 36 ++++ backport-ping-Remove-duplicate-include.patch | 26 +++ ...e-of-write-to-avoid-integer-overflow.patch | 52 ++++++ ...m-check-always-succeeding-once-again.patch | 45 +++++ backport-ping6-Fix-support-for-DSCP.patch | 54 ++++++ ...ath-Dont-assume-tv_sec-0-means-unset.patch | 32 ++++ iputils.spec | 17 +- 9 files changed, 480 insertions(+), 1 deletion(-) create mode 100644 backport-Revert-ping-use-random-value-for-the-identifier-field.patch create mode 100644 backport-ping-Fix-the-errno-handling-for-strtod.patch create mode 100644 backport-ping-Handle-interval-correctly-in-the-second-after-booting.patch create mode 100644 backport-ping-Remove-duplicate-include.patch create mode 100644 backport-ping-check-return-value-of-write-to-avoid-integer-overflow.patch create mode 100644 backport-ping-fix-IPv4-checksum-check-always-succeeding-once-again.patch create mode 100644 backport-ping6-Fix-support-for-DSCP.patch create mode 100644 backport-tracepath-Dont-assume-tv_sec-0-means-unset.patch diff --git a/backport-Revert-ping-use-random-value-for-the-identifier-field.patch b/backport-Revert-ping-use-random-value-for-the-identifier-field.patch new file mode 100644 index 0000000..e9442bb --- /dev/null +++ b/backport-Revert-ping-use-random-value-for-the-identifier-field.patch @@ -0,0 +1,155 @@ +From d466aabcadcc2d7fd1f132ea3f580ad102773cf9 Mon Sep 17 00:00:00 2001 +From: Petr Vorel +Date: Wed, 6 Dec 2023 15:42:16 +0100 +Subject: [PATCH] Revert "ping: use random value for the identifier field" +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This reverts commit 5026c2221a15bf13e601eade015c971bf07a27e9. + +Unlike TCP and UDP, which use port to uniquely identify the socket to +deliver data, ICMP use identifier field (ID) to identify the socket. + +Therefore if on the same machine, at the same time, two ping processes +use the same ID, echo reply can be delivered to the wrong socket. + +This is known problem due 16 bit ID field (65535). We used to use PID +to get unique number. The default value of /proc/sys/kernel/pid_max is +32768 (half). + +The problem is not new, but it was hidden until 5f6bec5 ("ping: Print +reply with wrong source with warning"). 5026c22 changed it to use our +random implementation to increase security. But that actually increases +the collisions on systems that use ping heavily: e.g. ping run with +Nagios via Debian specific check-host-alive Nagios plugin: + + $ ping -n -v -D -W 1 -i 1 -c 5 -M 'do' -s 56 -O "$Host") + +(75-100 ping instances in the reported issue.) + +Because we consider warning from 5f6bec5 useful and not consider leaking +PID information as a real security issue, we revert 5026c22. getpid() is +used in other ping implementations: + +* fping +https://github.com/schweikert/fping/blob/develop/src/fping.c#L496 + +* busybox +https://git.busybox.net/busybox/tree/networking/ping.c#n376 + +* FreeBSD +https://cgit.freebsd.org/src/tree/sbin/ping/ping.c#n632 + +* inetutils +https://git.savannah.gnu.org/cgit/inetutils.git/tree/ping/ping.c#n286 + +* Apple +https://opensource.apple.com/source/network_cmds/network_cmds-433/ping.tproj/ping.c.auto.html + +In case leaking PID *is* a real problem, we could solve this with +comparing the ICMP optional data. We could add 128 bit random value to +check. But we already use struct timeval if packet size is big enough +for it (>= 16 bits), therefore we could use it for comparing for most of +the packet sizes (the default is 56 bits). + +Fixes: https://github.com/iputils/iputils/issues/489 +Closes: https://github.com/iputils/iputils/pull/503 +Reported-by: Miloslav Hůla +Suggested-by: Cyril Hrubis +Acked-by: Johannes Segitz jsegitz@suse.de +Acked-by: Cyril Hrubis +Signed-off-by: Petr Vorel + +Conflict:NA +Reference:https://github.com/iputils/iputils/commit/d466aabcadcc2d7fd1f132ea3f580ad102773cf9 +--- + ping/node_info.c | 1 + + ping/ping.c | 4 +--- + ping/ping.h | 2 +- + ping/ping6_common.c | 2 +- + ping/ping_common.c | 4 ++-- + 5 files changed, 6 insertions(+), 7 deletions(-) + +diff --git a/ping/node_info.c b/ping/node_info.c +index 10a76818..ce392a28 100644 +--- a/ping/node_info.c ++++ b/ping/node_info.c +@@ -91,6 +91,7 @@ int niquery_is_enabled(struct ping_ni *ni) + void niquery_init_nonce(struct ping_ni *ni) + { + #if PING6_NONCE_MEMORY ++ iputils_srand(); + ni->nonce_ptr = calloc(NI_NONCE_SIZE, MAX_DUP_CHK); + if (!ni->nonce_ptr) + error(2, errno, "calloc"); +diff --git a/ping/ping.c b/ping/ping.c +index f4707104..0ff5a487 100644 +--- a/ping/ping.c ++++ b/ping/ping.c +@@ -569,8 +569,6 @@ main(int argc, char **argv) + if (!argc) + error(1, EDESTADDRREQ, "usage error"); + +- iputils_srand(); +- + target = argv[argc - 1]; + + rts.outpack = malloc(rts.datalen + 28); +@@ -1527,7 +1525,7 @@ in_cksum(const unsigned short *addr, int len, unsigned short csum) + /* + * pinger -- + * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet +- * will be added on by the kernel. The ID field is a random number, ++ * will be added on by the kernel. The ID field is our UNIX process ID, + * and the sequence number is an ascending integer. The first several bytes + * of the data portion are used to hold a UNIX "timeval" struct in VAX + * byte-order, to compute the round-trip time. +diff --git a/ping/ping.h b/ping/ping.h +index 04b2ccf4..7799395f 100644 +--- a/ping/ping.h ++++ b/ping/ping.h +@@ -159,7 +159,7 @@ struct ping_rts { + size_t datalen; + char *hostname; + uid_t uid; +- int ident; /* random id to identify our packets */ ++ int ident; /* process id to identify our packets */ + + int sndbuf; + int ttl; +diff --git a/ping/ping6_common.c b/ping/ping6_common.c +index 7b2bf158..5e78f852 100644 +--- a/ping/ping6_common.c ++++ b/ping/ping6_common.c +@@ -583,7 +583,7 @@ int ping6_receive_error_msg(struct ping_rts *rts, socket_st *sock) + /* + * pinger -- + * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet +- * will be added on by the kernel. The ID field is a random number, ++ * will be added on by the kernel. The ID field is our UNIX process ID, + * and the sequence number is an ascending integer. The first several bytes + * of the data portion are used to hold a UNIX "timeval" struct in VAX + * byte-order, to compute the round-trip time. +diff --git a/ping/ping_common.c b/ping/ping_common.c +index ed4fee87..6eb1aa4e 100644 +--- a/ping/ping_common.c ++++ b/ping/ping_common.c +@@ -303,7 +303,7 @@ void print_timestamp(struct ping_rts *rts) + /* + * pinger -- + * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet +- * will be added on by the kernel. The ID field is a random number, ++ * will be added on by the kernel. The ID field is our UNIX process ID, + * and the sequence number is an ascending integer. The first several bytes + * of the data portion are used to hold a UNIX "timeval" struct in VAX + * byte-order, to compute the round-trip time. +@@ -536,7 +536,7 @@ void setup(struct ping_rts *rts, socket_st *sock) + } + + if (sock->socktype == SOCK_RAW && rts->ident == -1) +- rts->ident = rand() & IDENTIFIER_MAX; ++ rts->ident = htons(getpid() & 0xFFFF); + + set_signal(SIGINT, sigexit); + set_signal(SIGALRM, sigexit); diff --git a/backport-ping-Fix-the-errno-handling-for-strtod.patch b/backport-ping-Fix-the-errno-handling-for-strtod.patch new file mode 100644 index 0000000..cf32b8d --- /dev/null +++ b/backport-ping-Fix-the-errno-handling-for-strtod.patch @@ -0,0 +1,64 @@ +From 33e78be2e60ed9ac918dec13271d1bd9dce6e94e Mon Sep 17 00:00:00 2001 +From: Jacek Tomasiak +Date: Mon, 6 Feb 2023 13:39:44 +0100 +Subject: [PATCH] ping: Fix the errno handling for strtod + +The setlocale(LC_ALL, "") following the strtod() for the '-i' option +can fail if the LC_CTYPE is invalid. + +Hence the errno check following the setlocale(LC_ALL, "") thinks +wrongly that strtod() failed with the errno and prints a warning: + +$ LC_ALL=XXX ping -i 1.9 -c1 8.8.8.8 +ping: option argument contains garbage: +ping: this will become fatal error in the future +PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. +64 bytes from 8.8.8.8: icmp_seq=1 ttl=58 time=1.34 ms + +The errno got from the execution of strtod() is saved and restored +after setlocale() to be checked for any errors. + +The problem is only on Fedora/CentOS/RHEL with applied patch [1] +from 2012 for glibc bug #14247. + +[1] https://src.fedoraproject.org/rpms/glibc/blob/rawhide/f/glibc-rh827510.patch + +Link: https://sourceware.org/bugzilla/show_bug.cgi?id=14247 +Closes: https://github.com/iputils/iputils/pull/450 + +Reference:https://github.com/iputils/iputils/commit/33e78be2e60ed9ac918dec13271d1bd9dce6e94e +Conflict:NA + +Fixes: 918e824 ("ping: add support for sub-second timeouts") +Co-Developed-by: Sriram Rajagopalan +Reviewed-by: Petr Vorel +[ pvorel: mention glibc bug and Fedora/CentOS/RHEL ] +Signed-off-by: Sriram Rajagopalan +Signed-off-by: Jacek Tomasiak +--- + ping/ping.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/ping/ping.c b/ping/ping.c +index 89b0fa19..8f442037 100644 +--- a/ping/ping.c ++++ b/ping/ping.c +@@ -214,6 +214,7 @@ static double ping_strtod(const char *str, const char *err_msg) + { + double num; + char *end = NULL; ++ int strtod_errno = 0; + + if (str == NULL || *str == '\0') + goto err; +@@ -225,7 +226,10 @@ static double ping_strtod(const char *str, const char *err_msg) + */ + setlocale(LC_ALL, "C"); + num = strtod(str, &end); ++ strtod_errno = errno; + setlocale(LC_ALL, ""); ++ /* Ignore setlocale() errno (e.g. invalid locale in env). */ ++ errno = strtod_errno; + + if (errno || str == end || (end && *end)) { + error(0, 0, _("option argument contains garbage: %s"), end); diff --git a/backport-ping-Handle-interval-correctly-in-the-second-after-booting.patch b/backport-ping-Handle-interval-correctly-in-the-second-after-booting.patch new file mode 100644 index 0000000..e236516 --- /dev/null +++ b/backport-ping-Handle-interval-correctly-in-the-second-after-booting.patch @@ -0,0 +1,36 @@ +From 7448c33af407636e66ac90deb828764df51835d4 Mon Sep 17 00:00:00 2001 +From: Josh Triplett +Date: Mon, 20 Nov 2023 19:09:06 -0800 +Subject: [PATCH] ping: Handle interval correctly in the second after booting + +ping assumes that if a timespec has tv_sec == 0, it hasn't been +initialized yet. However, in the second after booting up, tv_sec will +legitimately be 0. This causes ping to send pings one after another +without waiting. + +Check that tv_nsec is 0 as well. + +Link: https://github.com/iputils/iputils/pull/499 +Reviewed-by: Petr Vorel +Tested-by: Petr Vorel +Signed-off-by: Josh Triplett + +Conflict:NA +Reference:https://github.com/iputils/iputils/commit/7448c33af407636e66ac90deb828764df51835d4 +--- + ping/ping_common.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ping/ping_common.c b/ping/ping_common.c +index c8b868b7..5a6c35aa 100644 +--- a/ping/ping_common.c ++++ b/ping/ping_common.c +@@ -321,7 +321,7 @@ int pinger(struct ping_rts *rts, ping_func_set_st *fset, socket_st *sock) + return 1000; + + /* Check that packets < rate*time + preload */ +- if (rts->cur_time.tv_sec == 0) { ++ if (rts->cur_time.tv_sec == 0 && rts->cur_time.tv_nsec == 0) { + clock_gettime(CLOCK_MONOTONIC_RAW, &rts->cur_time); + tokens = rts->interval * (rts->preload - 1); + } else { diff --git a/backport-ping-Remove-duplicate-include.patch b/backport-ping-Remove-duplicate-include.patch new file mode 100644 index 0000000..4ae3a1f --- /dev/null +++ b/backport-ping-Remove-duplicate-include.patch @@ -0,0 +1,26 @@ +From bacb69e166106f0125b7288f377299894c8c7e78 Mon Sep 17 00:00:00 2001 +From: Petr Vorel +Date: Mon, 6 Mar 2023 21:17:09 +0100 +Subject: [PATCH] ping.h: Remove duplicate include + +Reference:https://github.com/iputils/iputils/commit/bacb69e166106f0125b7288f377299894c8c7e78 +Conflict:NA + +Fixes: ba7e8a7 ("ping: merge all ping header files into a single one") +Signed-off-by: Petr Vorel +--- + ping/ping.h | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/ping/ping.h b/ping/ping.h +index caf79cd1..ef358ad4 100644 +--- a/ping/ping.h ++++ b/ping/ping.h +@@ -23,7 +23,6 @@ + #include + #include + #include +-#include + #include + #include + #include diff --git a/backport-ping-check-return-value-of-write-to-avoid-integer-overflow.patch b/backport-ping-check-return-value-of-write-to-avoid-integer-overflow.patch new file mode 100644 index 0000000..8fa7197 --- /dev/null +++ b/backport-ping-check-return-value-of-write-to-avoid-integer-overflow.patch @@ -0,0 +1,52 @@ +From 0f12e6d5bb325df4eb9273b1e294a2cf94a53120 Mon Sep 17 00:00:00 2001 +From: Jan Macku +Date: Tue, 28 May 2024 12:25:57 +0200 +Subject: [PATCH 1/1] ping: check return value of write() to avoid integer + overflow + +Error: INTEGER_OVERFLOW (CWE-190): +iputils-20240117/ping/ping.h:291: tainted_data_return: Called function "write(1, str + o, len - o)", and a possible return value may be less than zero. +iputils-20240117/ping/ping.h:291: assign: Assigning: "cc" = "write(1, str + o, len - o)". +iputils-20240117/ping/ping.h:292: overflow: The expression "o += cc" might be negative, but is used in a context that treats it as unsigned. +iputils-20240117/ping/ping.h:291: overflow: The expression "len - o" is deemed underflowed because at least one of its arguments has underflowed. +iputils-20240117/ping/ping.h:291: overflow_sink: "len - o", which might have underflowed, is passed to "write(1, str + o, len - o)". + 289| ssize_t cc; + 290| do { + 291|-> cc = write(STDOUT_FILENO, str + o, len - o); + 292| o += cc; + 293| } while (len > o || cc < 0); + +Closes: https://github.com/iputils/iputils/pull/545 +Reviewed-by: Petr Vorel +Reviewed-by: Cyril Hrubis +Signed-off-by: Jan Macku + +Reference:https://github.com/iputils/iputils/commit/0f12e6d5bb325df4eb9273b1e294a2cf94a53120 +Conflict:NA + +--- + ping/ping.h | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/ping/ping.h b/ping/ping.h +index 98d035d..3e2e3c3 100644 +--- a/ping/ping.h ++++ b/ping/ping.h +@@ -290,8 +290,12 @@ static inline void write_stdout(const char *str, size_t len) + ssize_t cc; + do { + cc = write(STDOUT_FILENO, str + o, len - o); +- o += cc; +- } while (len > o || cc < 0); ++ ++ if (cc < 0) ++ break; ++ ++ o += (size_t) cc; ++ } while (len > o); + } + + /* +-- +2.33.0 + diff --git a/backport-ping-fix-IPv4-checksum-check-always-succeeding-once-again.patch b/backport-ping-fix-IPv4-checksum-check-always-succeeding-once-again.patch new file mode 100644 index 0000000..118d8c3 --- /dev/null +++ b/backport-ping-fix-IPv4-checksum-check-always-succeeding-once-again.patch @@ -0,0 +1,45 @@ +From bacf1b7bb8555c407d065e97015319abef2a742d Mon Sep 17 00:00:00 2001 +From: Ahmad Fatoum +Date: Thu, 4 Apr 2024 21:17:39 +0200 +Subject: [PATCH 1/1] ping: fix IPv4 checksum check always succeeding once + again + +This issue was fixed once already in commit bff65fbb6f73 +("fix checksum always success in IPv4 ping."), but was reverted +shortly after, likely due to a botched rebase. + +Fix this issue again, so ping correctly reports checksum mismatches +in ICMP ECHO replies. + +This time it was found with barebox v2024.03.0 (or older) which has +broken checksum on a Raspberry Pi 3b and ping its network interface +(checksum mismatch verified by Wireshark). + +Closes: https://github.com/iputils/iputils/pull/534 +Fixes: 8b8686794f69 ("warnings: remove variable shadowing") +Reviewed-by: Petr Vorel +Signed-off-by: Ahmad Fatoum + +Reference:https://github.com/iputils/iputils/commit/bacf1b7bb8555c407d065e97015319abef2a742d +Conflict:NA + +--- + ping/ping.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ping/ping.c b/ping/ping.c +index d0803fe..1a3e52c 100644 +--- a/ping/ping.c ++++ b/ping/ping.c +@@ -1654,7 +1654,7 @@ int ping4_parse_reply(struct ping_rts *rts, struct socket_st *sock, + wrong_source = 1; + if (gather_statistics(rts, (uint8_t *)icp, sizeof(*icp), cc, + ntohs(icp->un.echo.sequence), +- reply_ttl, 0, tv, pr_addr(rts, from, sizeof *from), ++ reply_ttl, csfailed, tv, pr_addr(rts, from, sizeof *from), + pr_echo_reply, rts->multicast, wrong_source)) { + fflush(stdout); + return 0; +-- +2.33.0 + diff --git a/backport-ping6-Fix-support-for-DSCP.patch b/backport-ping6-Fix-support-for-DSCP.patch new file mode 100644 index 0000000..7f4f71d --- /dev/null +++ b/backport-ping6-Fix-support-for-DSCP.patch @@ -0,0 +1,54 @@ +From 425f711a62f7d7523badd6b917f15ad58ecdb0ae Mon Sep 17 00:00:00 2001 +From: Guillaume Nault +Date: Thu, 18 May 2023 18:12:54 +0200 +Subject: [PATCH] ping6: Fix support for DSCP (Traffic Class, option -Q) + +Set the IPV6_TCLASS option on probe_fd. Otherwise ip-rule is unaware +of the DSCP value at connect() time and can lookup the remote address +in the wrong routing table. + +For example: + + ip route add table main unreachable 2001:db8::10/124 + + ip route add table 100 2001:db8::10/124 dev eth0 + ip -6 rule add dsfield 0x04 table 100 + + ping -Q 0x04 2001:db8::11 + +Without this patch, probe_fd fails to connect to 2001:db8::11 (No route +to host) since the route lookup is done in the main table instead of +table 100. + +Note that, to work correctly, this patch also depends on a Linux kernel +bug fix (see +https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e010ae08c71fda8be3d6bda256837795a0b3ea41). +That kernel patch has been backported to Linux stable trees and should +have already reached most distributions. + +Reference:https://github.com/iputils/iputils/commit/425f711a62f7d7523badd6b917f15ad58ecdb0ae +Conflict:NA + +Fixes: 33370345c7d8 ("Initial import of iputils") +Link: https://github.com/iputils/iputils/pull/468 +Reviewed-by: Petr Vorel +Signed-off-by: Guillaume Nault +--- + ping/ping6_common.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/ping/ping6_common.c b/ping/ping6_common.c +index 21333aa0..e980a152 100644 +--- a/ping/ping6_common.c ++++ b/ping/ping6_common.c +@@ -182,6 +182,10 @@ int ping6_run(struct ping_rts *rts, int argc, char **argv, struct addrinfo *ai, + disable_capability_raw(); + } + ++ if (rts->tclass && ++ setsockopt(probe_fd, IPPROTO_IPV6, IPV6_TCLASS, &rts->tclass, sizeof (rts->tclass)) <0) ++ error(2, errno, "setsockopt(IPV6_TCLASS)"); ++ + if (!IN6_IS_ADDR_LINKLOCAL(&rts->firsthop.sin6_addr) && + !IN6_IS_ADDR_MC_LINKLOCAL(&rts->firsthop.sin6_addr)) + rts->firsthop.sin6_family = AF_INET6; diff --git a/backport-tracepath-Dont-assume-tv_sec-0-means-unset.patch b/backport-tracepath-Dont-assume-tv_sec-0-means-unset.patch new file mode 100644 index 0000000..d719f6b --- /dev/null +++ b/backport-tracepath-Dont-assume-tv_sec-0-means-unset.patch @@ -0,0 +1,32 @@ +From c64bcd8d8eca5c7f66e75e0bc9d42828bc09ba1b Mon Sep 17 00:00:00 2001 +From: Josh Triplett +Date: Mon, 20 Nov 2023 19:15:40 -0800 +Subject: [PATCH] tracepath: Don't assume tv_sec == 0 means unset + +A CLOCK_MONOTONIC timespec's tv_sec value can legitimately be 0 during +the second after booting. Check tv_nsec as well before assuming an unset +timestamp. + +Closes: https://github.com/iputils/iputils/pull/499 +Reviewed-by: Petr Vorel +Signed-off-by: Josh Triplett + +Conflict:NA +Reference:https://github.com/iputils/iputils/commit/c64bcd8d8eca5c7f66e75e0bc9d42828bc09ba1b +--- + tracepath.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tracepath.c b/tracepath.c +index 04d77b83..046dc332 100644 +--- a/tracepath.c ++++ b/tracepath.c +@@ -192,7 +192,7 @@ static int recverr(struct run_state *const ctl) + ctl->his[slot].hops = 0; + } + if (recv_size == sizeof(rcvbuf)) { +- if (rcvbuf.ttl == 0 || rcvbuf.ts.tv_sec == 0) ++ if (rcvbuf.ttl == 0 || (rcvbuf.ts.tv_sec == 0 && rcvbuf.ts.tv_nsec == 0)) + broken_router = 1; + else { + sndhops = rcvbuf.ttl; diff --git a/iputils.spec b/iputils.spec index 7c1c3a4..5778bd0 100644 --- a/iputils.spec +++ b/iputils.spec @@ -1,6 +1,6 @@ Name: iputils Version: 20221126 -Release: 5 +Release: 6 Summary: Network monitoring tools including ping License: BSD and GPLv2+ URL: https://github.com/iputils/iputils @@ -22,6 +22,15 @@ Patch6002: backport-tracepath-Restore-the-MTU-probing-behavior.patch # reference https://github.com/iputils/iputils/commit/608c62b3967882d31ff9edde97e38de0fcff154b Patch6003: backport-tracepath-Merge-if-clauses.patch +Patch6004: backport-ping-Fix-the-errno-handling-for-strtod.patch +Patch6005: backport-ping-Remove-duplicate-include.patch +Patch6006: backport-ping6-Fix-support-for-DSCP.patch +Patch6007: backport-Revert-ping-use-random-value-for-the-identifier-field.patch +Patch6008: backport-ping-Handle-interval-correctly-in-the-second-after-booting.patch +Patch6009: backport-tracepath-Dont-assume-tv_sec-0-means-unset.patch +Patch6010: backport-ping-check-return-value-of-write-to-avoid-integer-overflow.patch +Patch6011: backport-ping-fix-IPv4-checksum-check-always-succeeding-once-again.patch + BuildRequires: gcc meson libidn2-devel openssl-devel libcap-devel libxslt BuildRequires: docbook5-style-xsl systemd iproute glibc-kernheaders gettext %{?systemd_ordering} @@ -91,6 +100,12 @@ install -cp ifenslave.8 ${RPM_BUILD_ROOT}%{_mandir}/man8/ %{_mandir}/man8/*.8.gz %changelog +* Thu Feb 13 2025 yanglu - 20221126-6 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:sync some patches from upstream + * Thu May 16 2024 xiaozai - 20221126-5 - Type:NA - ID:NA -- Gitee