aboutsummaryrefslogtreecommitdiffstats
path: root/community/shadow/APKBUILD
diff options
context:
space:
mode:
authorHenrik Riomar <henrik.riomar@gmail.com>2017-02-25 13:08:30 +0100
committerWilliam Pitcock <nenolod@dereferenced.org>2017-02-26 19:18:28 +0000
commite9a92d060e2e59ac087373af9b81546c2a761d07 (patch)
treedddecea23c84824d9a2adc8480d8abf1888d48cd /community/shadow/APKBUILD
parentb90f85ec447b8adff5c6076c1a2f4de9aa8b823b (diff)
downloadaports-e9a92d060e2e59ac087373af9b81546c2a761d07.tar.bz2
aports-e9a92d060e2e59ac087373af9b81546c2a761d07.tar.xz
community/shadow: CVE-2016-6252 & CVE-2017-2616
Patches from Debian Jessie (1:4.2-3+deb8u3 & 1:4.2-3+deb8u2)
Diffstat (limited to 'community/shadow/APKBUILD')
-rw-r--r--community/shadow/APKBUILD22
1 files changed, 10 insertions, 12 deletions
diff --git a/community/shadow/APKBUILD b/community/shadow/APKBUILD
index c5ac99edb4..042a0facce 100644
--- a/community/shadow/APKBUILD
+++ b/community/shadow/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
pkgname=shadow
pkgver=4.2.1
-pkgrel=6
+pkgrel=7
pkgdesc="PAM-using login and passwd utilities (usermod, useradd, ...)"
url="http://pkg-shadow.alioth.debian.org/"
arch="all"
@@ -16,7 +16,13 @@ source="http://pkg-shadow.alioth.debian.org/releases/shadow-$pkgver.tar.xz
dots-in-usernames.patch
cross-size-checks.patch
verbose-error-when-uid-doesnt-match.patch
+ 301-CVE-2017-2616-su-properly-clear-child-PID.patch
+ 302-CVE-2016-6252-fix-integer-overflow.patch
"
+# secfixes:
+# - CVE-2016-6252
+# - CVE-2017-2616
+
options="suid"
builddir="$srcdir/shadow-$pkgver"
@@ -79,18 +85,10 @@ uidmap() {
touch etc/subuid etc/subgid
}
-md5sums="2bfafe7d4962682d31b5eba65dba4fc8 shadow-4.2.1.tar.xz
-72dfc077a61ab7163e312640cc98bba8 login.pamd
-f5fe3d7351d5e4046588b652c482c170 dots-in-usernames.patch
-75bc0cafb44aa86075d2ec056816cc3e cross-size-checks.patch
-6d938a758cba620dde3b9e4ce6e87703 verbose-error-when-uid-doesnt-match.patch"
-sha256sums="3b0893d1476766868cd88920f4f1231c4795652aa407569faff802bcda0f3d41 shadow-4.2.1.tar.xz
-c0d0f2f77133b0663c5a578afeba45d5a9c703ff6f3f6aba3727dfe01877dac0 login.pamd
-ee58c622d1e8283dc4b17e93cc5e68f4ea4336654ebcfb48e46e0efaa864b77f dots-in-usernames.patch
-fc3e32ddfc8eeb284412e8df7ad045ad27b742f5ee733db1a0bc14c97480e013 cross-size-checks.patch
-7d9156d39afa3a937fc64130b1bfe0ddc1dd593caa629f29410ebbf84c258568 verbose-error-when-uid-doesnt-match.patch"
sha512sums="7a14bf8e08126f0402e37b6e4c559615ced7cf829e39156d929ed05cd8813de48a77ff1f7f6fe707da04cf662a2e9e84c22d63d88dd1ed13f935fde594db95f0 shadow-4.2.1.tar.xz
46a6f83f3698e101b58b8682852da749619412f75dfa85cecad03d0847f6c3dc452d984510db7094220e4570a0565b83b0556e16198ad894a3ec84b3e513d58d login.pamd
745eea04c054226feba165b635dbb8570b8a04537d41e914400a4c54633c3a9cf350da0aabfec754fb8cf3e58fc1c8cf597b895506312f19469071760c11f31d dots-in-usernames.patch
c46760254439176babeef24d93900914092655af3a48f54385adf6ef5a3af76799fb7e96083acd27853d6ab6d7392543dbaf70bb26f164519e92f677da7851a4 cross-size-checks.patch
-1b3513772a7a0294b587723213e4464cc5a1a42ae6a79e9b9f9ea20083684a21d81e362f44d87ce2e6de2daf396d8422b39019923c0b0cbb44fa4c4c24613c0c verbose-error-when-uid-doesnt-match.patch"
+1b3513772a7a0294b587723213e4464cc5a1a42ae6a79e9b9f9ea20083684a21d81e362f44d87ce2e6de2daf396d8422b39019923c0b0cbb44fa4c4c24613c0c verbose-error-when-uid-doesnt-match.patch
+0954920ce9307948848d8f9ca5ea5bba4db8394793ef314ab5c6770948e96071748192b52ba8c31d543fe71ce0e6e2a7f3a2a92862966a940639a19df1048634 301-CVE-2017-2616-su-properly-clear-child-PID.patch
+36f494347cb980d85ea82331ec620a949be45f5f2c400a3b13f409a8d9c932c0f822cb0baa2ee78c6f356e7bf93de51c1b0f20730e8f3af36a746a5632d19bbe 302-CVE-2016-6252-fix-integer-overflow.patch"