base/SOURCES/CVE-2016-5104.patch

From 4397b3376dc4e4cb1c991d0aed61ce6482614196 Mon Sep 17 00:00:00 2001
From: Joshua Hill <posixninja@gmail.com>
Date: Tue, 29 Dec 2015 23:09:37 +0100
Subject: [PATCH] common: [security fix] Make sure sockets only listen locally

---
 common/socket.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/common/socket.c b/common/socket.c
index 27b93ba..4cdefd6 100644
--- a/common/socket.c
+++ b/common/socket.c
@@ -203,7 +203,7 @@ int socket_create(uint16_t port)

	memset((void *) &saddr, 0, sizeof(saddr));
	saddr.sin_family = AF_INET;
-	saddr.sin_addr.s_addr = htonl(INADDR_ANY);
+	saddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
	saddr.sin_port = htons(port);

	if (0 > bind(sfd, (struct sockaddr *) &saddr, sizeof(saddr))) {
@@ -368,7 +368,7 @@ int socket_accept(int fd, uint16_t port)

	memset(&addr, 0, sizeof(addr));
	addr.sin_family = AF_INET;
-	addr.sin_addr.s_addr = htonl(INADDR_ANY);
+	addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
	addr.sin_port = htons(port);

	addr_len = sizeof(addr);