Hello community,
here is the log from the commit of package opie for openSUSE:Factory
checked in at Wed Jul 6 10:19:12 CEST 2011.
--- opie/opie.changes 2010-10-31 19:04:12.0 +0100
+++ /mounts/work_src_done/STABLE/opie/opie.changes 2011-07-05
17:15:44.0 +0200
@@ -1,0 +2,8 @@
+Mon Jun 27 16:51:42 CEST 2011 - meiss...@suse.de
+
+- Fixed 2 singlebyte overflows in opiesu (bnc#698772 CVE-2011-2489)
+- Fixed missing setuid() return check in opielogin (bnc#698772 CVE-2011-2490)
+- run permission hooks
+- fixed some build issues
+
+---
calling whatdependson for head-i586
New:
opie-2.4-implicit.patch
opie-fix-autoconf.patch
opielogin-setuid-CVE-2011-2490.patch
opiesu-overflow-CVE-2011-2489.patch
Other differences:
--
++ opie.spec ++
--- /var/tmp/diff_new_pack.yHYW3d/_old 2011-07-06 10:16:20.0 +0200
+++ /var/tmp/diff_new_pack.yHYW3d/_new 2011-07-06 10:16:20.0 +0200
@@ -1,7 +1,7 @@
#
-# spec file for package opie (Version 2.4)
+# spec file for package opie
#
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -22,7 +22,7 @@
BuildRequires: bison pam-devel
Url:http://www.inner.net/opie
Version:2.4
-Release:708
+Release:713
License:GPLv2+
Group: Productivity/Security
Provides: pam_opie
@@ -47,6 +47,10 @@
Patch12:%{name_pam}-%{version_pam}_array-subscript.patch
Patch13:%name-2.4-getline.patch
Patch14:%name-2.4-fclose.patch
+Patch15:%name-2.4-implicit.patch
+Patch16:opielogin-setuid-CVE-2011-2490.patch
+Patch17:opiesu-overflow-CVE-2011-2489.patch
+Patch18:opie-fix-autoconf.patch
Summary:Support for One-Time Passwords
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -75,18 +79,24 @@
perl -pi -e 's/(?
#endif /* HAVE_SYS_TIME_H */
@@ -555,8 +557,13 @@ gettimeofday(&tv, NULL)], AC_MSG_RESULT(
#endif /* HAVE_UNISTD_H */
],
[struct timeval tv;
-gettimeofday(&tv)], AC_DEFINE(HAVE_ONE_ARG_GETTIMEOFDAY) AC_MSG_RESULT(yes),
AC_MSG_RESULT(no)))
+gettimeofday(&tv)],
+[
+ AC_DEFINE(HAVE_ONE_ARG_GETTIMEOFDAY)
+ AC_MSG_RESULT(yes)
+],[AC_MSG_RESULT(no)])])
# Munge out LOCALBIN and LOCALMAN in canonical (no bletch) form
-AC_OUTPUT(configure.munger libmissing/Makefile libopie/Makefile
Makefile.munge:Makefile.in)
+AC_CONFIG_FILES(configure.munger libmissing/Makefile libopie/Makefile
Makefile.munge:Makefile.in)
+AC_OUTPUT
sh configure.munger
++ opielogin-setuid-CVE-2011-2490.patch ++
--- opielogin.c.xx 2011-06-27 16:46:10.0 +0200
+++ opielogin.c 2011-06-27 16:48:05.0 +0200
@@ -1309,7 +1309,11 @@
fflush(stderr);
#endif /* PERMSFILE */
- setuid(thisuser.pw_uid);
+ if (setuid(thisuser.pw_uid) < 0) {
+syslog(LOG_ERR, "setuid() failed with %m. Attack attempt on tty %s, name
%s", tty, name);
+exit(1);
+ }
+
/* destroy environment unless user has asked to preserve it */
if (!pflag)
++ opiesu-overflow-CVE-2011-2489.patch ++
--- opiesu.c.xx 2011-06-27 16:48:46.0 +0200
+++ opiesu.c2011-06-27 16:50:18.0 +0200
@@ -102,7 +102,7 @@
static char userbuf[16] = "USER=";
static char homebuf[128] = "HOME=";
static char shellbuf[128] = "SHELL=";
-static char pathbuf[sizeof("PATH") + sizeof(DEFAULT_PATH) - 1] = "PATH=";
+static char pathbuf[sizeof("PATH=") + sizeof(DEFAULT_PATH) - 1] = "PATH=";
static char termbuf[32] = "TERM=";
static char *cleanenv[] = {userbuf, homebuf, shellbuf, pathbuf, 0, 0};
static char *user = "root";
@@ -260,10 +260,12 @@
int argvsize = 0;
for (i = 0; i < argc; argvsize += strlen(argv[i++]));
argvsize += argc;
+ argvsize ++; /* final \0 */
if (!(argvbuf = malloc(argvsize))) {
syslog(LOG_ERR, "can't allocate memory to store command line");
exit(1);
};
+ argvbuf[0] = '\0';
for (i = 0, *argvbuf = 0; i < argc;) {
strcat(argvbuf, argv[i]);
if (++i < argc)
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org