Fix CVE-2018-1000115 for other distros

We must restrict memcached to TCP. Done for redhat but not SUSE/ubuntu Change-Id: Ib4520b15fa660b77212dfc91bdb0f27590d30128
2018-03-28 14:05:58 +00:00 · 2018-03-28 14:05:58 +00:00 · e7ffc8c09f
parent 163d9c15b4
commit e7ffc8c09f
2 changed files with 2 additions and 1 deletions
--- a/templates/memcached.conf.debian.j2
+++ b/templates/memcached.conf.debian.j2
@ -7,6 +7,7 @@
 -v
 {% endif %}
 logfile {{ memcached_log }}
+-U 0
 -m {{ memcached_memory }}
 -p {{ memcached_port }}
 -u {{ memcached_user }}
--- a/templates/memcached.suse.j2
+++ b/templates/memcached.suse.j2
@ -6,7 +6,7 @@
  {% set _verbosity = '-v' %}
 {% endif %}

-MEMCACHED_PARAMS="-l {{ memcached_listen }} -p {{ memcached_port }} -c {{ memcached_connections }} -t {{ memcached_threads }} {{ _verbosity }}"
+MEMCACHED_PARAMS="-U 0 -l {{ memcached_listen }} -p {{ memcached_port }} -c {{ memcached_connections }} -t {{ memcached_threads }} {{ _verbosity }}"

 ## Path:        Network/WWW/Memcached
 ## Description: username memcached should run as