commit dracut for openSUSE:Factory

Sat, 29 Sep 2012 06:26:14 -0700 

Hello community,

here is the log from the commit of package dracut for openSUSE:Factory checked 
in at 2012-09-29 15:26:01
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/dracut (Old)
 and      /work/SRC/openSUSE:Factory/.dracut.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "dracut", Maintainer is ""

Changes:
--------
--- /work/SRC/openSUSE:Factory/dracut/dracut.changes    2012-08-07 
21:49:31.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.dracut.new/dracut.changes       2012-09-29 
15:26:02.000000000 +0200
@@ -1,0 +2,6 @@
+Fri Sep 28 12:10:20 UTC 2012 - fcro...@suse.com
+
+- Add initramfs-non-world-readable.patch: fix CVE-2012-4453
+  (bnc#782734).
+
+-------------------------------------------------------------------

New:
----
  initramfs-non-world-readable.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ dracut.spec ++++++
--- /var/tmp/diff_new_pack.DsHZO5/_old  2012-09-29 15:26:03.000000000 +0200
+++ /var/tmp/diff_new_pack.DsHZO5/_new  2012-09-29 15:26:03.000000000 +0200
@@ -35,6 +35,8 @@
 # (not to be upstreamed)
 Source1:        module-setup-initrd.sh
 Source2:        parse-suse-initrd.sh
+# PATCH-FIX-UPSTREAM initramfs-non-world-readable.patch fcro...@suse.com -- 
fix CVE-2012-4453 bnc#782734
+Patch0:         initramfs-non-world-readable.patch
 
 BuildRequires:  bash
 BuildRequires:  dash
@@ -104,6 +106,7 @@
 
 %prep
 %setup -q
+%patch0 -p1
 
 %build
 make all -e CFLAGS="%{optflags}"


++++++ initramfs-non-world-readable.patch ++++++
>From e1b48995c26c4f06d1a718539cb1bd5b0179af91 Mon Sep 17 00:00:00 2001
From: Harald Hoyer <har...@redhat.com>
Date: Thu, 27 Sep 2012 10:18:29 +0200
Subject: [PATCH] dracut.sh: create the initramfs non-world readable

---
 dracut.sh |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/dracut.sh b/dracut.sh
index 7148d0f..96faa06 100755
--- a/dracut.sh
+++ b/dracut.sh
@@ -1033,8 +1033,9 @@ if [[ $do_hardlink = yes ]] ; then
     }
 fi
 
+rm -f "$outfile"
 dinfo "*** Creating image file ***"
-if ! ( cd "$initdir"; find . |cpio -R 0:0 -H newc -o --quiet| \
+if ! ( umask 077; cd "$initdir"; find . |cpio -R 0:0 -H newc -o --quiet| \
     $compress > "$outfile"; ); then
     dfatal "dracut: creation of $outfile failed"
     exit 1
-- 
1.7.7.6

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

Reply via email to