--- /dev/null
+xinetd: CVE-2013-4342
+
+xinetd does not enforce the user and group configuration directives
+for TCPMUX services, which causes these services to be run as root
+and makes it easier for remote attackers to gain privileges by
+leveraging another vulnerability in a service.
+http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4342
+
+the patch come from:
+https://bugzilla.redhat.com/attachment.cgi?id=799732&action=diff
+
+Signed-off-by: Li Wang <li.wang@windriver.com>
+---
+ xinetd/builtins.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/xinetd/builtins.c b/xinetd/builtins.c
+index 3b85579..34a5bac 100644
+--- a/xinetd/builtins.c
++++ b/xinetd/builtins.c
+@@ -617,7 +617,7 @@ static void tcpmux_handler( const struct server *serp )
+ if( SC_IS_INTERNAL( scp ) ) {
+ SC_INTERNAL(scp, nserp);
+ } else {
+- exec_server(nserp);
++ child_process(nserp);
+ }
+ }
+
+--
+1.7.9.5
+
file://Various-fixes-from-the-previous-maintainer.patch \
file://Disable-services-from-inetd.conf-if-a-service-with-t.patch \
file://xinetd-should-be-able-to-listen-on-IPv6-even-in-ine.patch \
+ file://xinetd-CVE-2013-4342.patch \
"
SRC_URI[md5sum] = "77358478fd58efa6366accae99b8b04c"