diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2015-07-07 19:44:36 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2015-07-07 19:44:36 +0000 |
| commit | 5dde2329f8145b8629b4c808b2967976d53e8d27 (patch) | |
| tree | ca6e07bbeb9b00d434444a265c3c2ece53a4cbd4 /main/linux-pam | |
| parent | 1314c0d82fee33213ea17cc7805bdf3a60efac78 (diff) | |
| download | aports-5dde2329f8145b8629b4c808b2967976d53e8d27.tar.bz2 aports-5dde2329f8145b8629b4c808b2967976d53e8d27.tar.xz | |
main/linux-pam: security upgrade to 1.2.1 (CVE-2015-3238)
ref #4387
Diffstat (limited to 'main/linux-pam')
| -rw-r--r-- | main/linux-pam/APKBUILD | 12 | ||||
| -rw-r--r-- | main/linux-pam/musl-fix-pam_exec.patch | 31 |
2 files changed, 39 insertions, 4 deletions
diff --git a/main/linux-pam/APKBUILD b/main/linux-pam/APKBUILD index a1d1cd6762..64d88c3318 100644 --- a/main/linux-pam/APKBUILD +++ b/main/linux-pam/APKBUILD @@ -1,7 +1,7 @@ # Contributor: William Pitcock <nenolod@dereferenced.org> # Maintainer: William Pitcock <nenolod@dereferenced.org> pkgname=linux-pam -pkgver=1.2.0 +pkgver=1.2.1 pkgrel=0 pkgdesc="pluggable authentication modules for linux" url="http://www.kernel.org/pub/linux/libs/pam" @@ -17,6 +17,7 @@ source="http://linux-pam.org/library/Linux-PAM-$pkgver.tar.bz2 linux-pam-innetgr.patch fix-compat.patch libpam-fix-build-with-eglibc-2.16.patch + musl-fix-pam_exec.patch base-auth.pamd base-account.pamd @@ -84,30 +85,33 @@ package() { && chmod g+s "$pkgdir"/sbin/unix_chkpwd || return 1 } -md5sums="ee4a480d77b341c99e8b1375f8f180c0 Linux-PAM-1.2.0.tar.bz2 +md5sums="9dc53067556d2dd567808fd509519dd6 Linux-PAM-1.2.1.tar.bz2 c309401e103cc86e8b25557ff3eb0b53 linux-pam-innetgr.patch 283a399db933a7598fc63ada5d3eb38c fix-compat.patch 23320dadf8e36846b6bbd7903f95ece5 libpam-fix-build-with-eglibc-2.16.patch +9ade1e4582b34e138368664ff145fd94 musl-fix-pam_exec.patch aa5bb7c9d8e4687aea1ae69b7447254a base-auth.pamd fafcf29cb9bab788cb4933106be31883 base-account.pamd 117535e4938f478efced1398b408cf96 base-password.pamd baec6808544bf6cebc59e07467f8c213 base-session.pamd afbdd8eb4db5c31dfd8e8da35c698b90 base-session-noninteractive.pamd b8e839ece64df173f16d28520eb8d66c other.pamd" -sha256sums="cd8beac5961e942e9c73b32a3cd1a3457755f8fb35d07c9ec64511e19e135ea4 Linux-PAM-1.2.0.tar.bz2 +sha256sums="342b1211c0d3b203a7df2540a5b03a428a087bd8a48c17e49ae268f992b334d9 Linux-PAM-1.2.1.tar.bz2 fb609212837c67da7da033a0daa01d1c2e34166867530e6924102b655e00ebde linux-pam-innetgr.patch 4e1f855779a73960f48e570ce507884325a3aef374721e3973e1e22a60b9bec0 fix-compat.patch 01c9216a2a833d10c2b42e1182b161b125d869e8620e60989636feb721d466c5 libpam-fix-build-with-eglibc-2.16.patch +c0e51d82de9271d38217209d8a55b444b743a226ac9d7a3220b433d49236bd11 musl-fix-pam_exec.patch daedb66d2b6c324f62100657383f3da6af196ad516837f36a3142da5318b8874 base-auth.pamd 51dba5c32d8cfa0c1795b2ed72af7aa5871f7943a20f89d2e4ad00b9053bc9c8 base-account.pamd 16c2d6f750f8bb320d64537554c48e3474f13623e7f6e231135d2cd2362745a3 base-password.pamd 5bf97347375ffc626fd3ed2e8d39abde566c2eca3f5e06a737ccffd48aede5de base-session.pamd a65802b72a44b0c2083bce7e7d0cd1b04782272a6281a65c5b0075b8f9bccd5f base-session-noninteractive.pamd 2e4850ba8db3aee3fe97eaf76286ada585d821cd8affc97c845eb58b2bf68bb6 other.pamd" -sha512sums="26b9ec0f8c7fcc00a04696a2208fc00dabb070593f1a420c81e2855cd2eb26ebcc993f80ccbb6a2aac88dd402b670e7800e1722c56451dfc71521c76a2f0bf9a Linux-PAM-1.2.0.tar.bz2 +sha512sums="4572aa1eaf5a1312410c74b5ed055b2592c5efe2bb82f59981da4e9e93555ad40aee3a89f446d9dc6c6af79efc04c33f739f66db9edc07e02479475a14e426da Linux-PAM-1.2.1.tar.bz2 ca32ecdacfc5b8f1482031203b616932b646a008b02080315ea2589af5962180d4ff4339c27fe9f6a878a89f47fb69429f4ac75d67b0e70ad7765a4db1dc74d9 linux-pam-innetgr.patch 52b97e23084f7b835ce1fa441663f91a50ea797cb38ba2c6662bcdaf0d25ba487118442674ac347fb17353af126dd6b3b696612faa56cac428dd842d14e1c90d fix-compat.patch f49edf3876cc6bcb87bbea4e7beaeb0a382d596898c755f5fbaf6c2ed4e0c8f082b2cd16dde8a74af82bb09a1334f463e07a4bb5b8a48f023ff90a67ad2fdd44 libpam-fix-build-with-eglibc-2.16.patch +bc443d2a9b1d90b81959ce6fa154042365d5e7840f8696f847a145bbaaeffcbe1e9cd2b8ba76131a7b48737929e281f4fe864582fa4fc40315f2d10c650e0cd9 musl-fix-pam_exec.patch 0672ab21adb969af2a0082e2559f1196d8a4f8b1cff2836f97e5f24edb03b6aed156c61cf335a4df978e423dcd9934ffee8cb5784ed5dde704d7e5ddec4ba9f6 base-auth.pamd 85462201a4044c7e170e617d39b0eceb4790abc6c0504999117548030a16d80a9d2078d1ad97690d7d346e6374201f0c52e792ccb08ce2b1c4bbf0cc2be96f5b base-account.pamd 8223b815148c3b9b874d2c283840f6428c266e56c7cf49ce8fc508c4945ae31c837bef96dab17f64a60812d1c9cd0055cf0a50d7951d23070b69bd2e5bb9666d base-password.pamd diff --git a/main/linux-pam/musl-fix-pam_exec.patch b/main/linux-pam/musl-fix-pam_exec.patch new file mode 100644 index 0000000000..b6b999faed --- /dev/null +++ b/main/linux-pam/musl-fix-pam_exec.patch @@ -0,0 +1,31 @@ +--- ./modules/pam_exec/pam_exec.c.orig ++++ ./modules/pam_exec/pam_exec.c +@@ -103,11 +103,14 @@ + int optargc; + const char *logfile = NULL; + const char *authtok = NULL; ++ char authtok_buf[PAM_MAX_RESP_SIZE+1]; ++ + pid_t pid; + int fds[2]; + int stdout_fds[2]; + FILE *stdout_file = NULL; + ++ memset(authtok_buf, 0, sizeof(authtok_buf)); + if (argc < 1) { + pam_syslog (pamh, LOG_ERR, + "This module needs at least one argument"); +@@ -178,11 +181,11 @@ + } + + pam_set_item (pamh, PAM_AUTHTOK, resp); +- authtok = strndupa (resp, PAM_MAX_RESP_SIZE); ++ authtok = strncpy(authtok_buf, resp, sizeof(authtok_buf)); + _pam_drop (resp); + } + else +- authtok = strndupa (void_pass, PAM_MAX_RESP_SIZE); ++ authtok = strncpy(authtok_buf, void_pass, sizeof(authtok_buf)); + + if (pipe(fds) != 0) + { |