diff options
Diffstat (limited to 'main/bash')
-rw-r--r-- | main/bash/APKBUILD | 37 | ||||
-rw-r--r-- | main/bash/bash_4.3-fix-setuid.patch | 31 | ||||
-rw-r--r-- | main/bash/privmode-setuid-fail.patch | 29 |
3 files changed, 58 insertions, 39 deletions
diff --git a/main/bash/APKBUILD b/main/bash/APKBUILD index 56f4d9364c..89614ac423 100644 --- a/main/bash/APKBUILD +++ b/main/bash/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=bash -pkgver=4.3.011 +pkgver=4.3.018 _patchlevel=${pkgver##*.} _myver=${pkgver%.*} _patchbase=${_myver%.*}${_myver#*.} @@ -14,7 +14,7 @@ depends="" subpackages="$pkgname-doc" source="http://ftp.gnu.org/gnu/bash/bash-${_myver}.tar.gz bash-noinfo.patch - bash_4.3-fix-setuid.patch + privmode-setuid-fail.patch " # generate url's to patches. note: no forks allowed! _i=1 @@ -66,7 +66,7 @@ package() { md5sums="81348932d5da294953e15d4814c74dd1 bash-4.3.tar.gz 80fec5f3d60a63756a4999c877e31a8e bash-noinfo.patch -c87b8d9e12d628eac829dc08f4607a20 bash_4.3-fix-setuid.patch +a577d42e38249d298d6a8d4bf2823883 privmode-setuid-fail.patch 1ab682b4e36afa4cf1b426aa7ac81c0d bash43-001 8fc22cf50ec85da00f6af3d66f7ddc1b bash43-002 a41728eca78858758e26b5dea64ae506 bash43-003 @@ -77,10 +77,17 @@ dcf471d222bcd83283d3094e6ceeb6f8 bash43-007 f7553416646dc26c266454c78a916d36 bash43-008 7e73d2151f4064b484a4ba2c4b09960e bash43-009 a275463d21735bb6d7161f9fbd320d8f bash43-010 -c17103ee20420d77e46b224c8d3fceda bash43-011" +c17103ee20420d77e46b224c8d3fceda bash43-011 +3e2a057a19d02b3f92a3a09eacbc03ae bash43-012 +fb377143a996d4ff087a2771bc8332f9 bash43-013 +1a1aaecc99a9d0cbc310e8e247dcc8b6 bash43-014 +4f04387458a3c1b4d460d199f49991a8 bash43-015 +90e759709720c4f877525bebc9d5dc06 bash43-016 +11e4046e1b86070f6adbb7ffc89641be bash43-017 +cd5a9b46f5bea0dc0248c93c7dfac011 bash43-018" sha256sums="afc687a28e0e24dc21b988fa159ff9dbcf6b7caa92ade8645cc6d5605cd024d4 bash-4.3.tar.gz 363bc919d98cadbfca27660be0d1d4bb6cfe1c5f86a7830966e456df36e46792 bash-noinfo.patch -3deb20a2ad093ad318a0aac7a2b69674ba325a59c9e5d2dc67f852d40a6cc177 bash_4.3-fix-setuid.patch +6bc2d4e48ad05fb3c8aac120a012baf1911f6522464ed18c8232b111a40b7901 privmode-setuid-fail.patch ecb3dff2648667513e31554b3ad054ccd89fce38e33367c9459ac3a285153742 bash43-001 eee7cd7062ab29a9e4f02924d9c367264dcb8b162703f74ff6eb8f175a91502b bash43-002 000e6eac50cd9053ce0630db01239dcdead04a2c2c351c47e2b51dac1ac1087d bash43-003 @@ -91,10 +98,17 @@ a0648ee72d15e4a90c8b77a5c6b19f8d89e28c1bc881657d22fe26825f040213 bash43-006 9941a98a4987192cc5ce3d45afe879983cad2f0bec96d441a4edd9033767f95e bash43-008 c0226d6728946b2f53cdebf090bcd1c01627f01fee03295768605caa80bb40a5 bash43-009 ce05799c0137314c70c7b6ea0477c90e1ac1d52e113344be8e32fa5a55c9f0b7 bash43-010 -7c63402cdbc004a210f6c1c527b63b13d8bb9ec9c5a43d5c464a9010ff6f7f3b bash43-011" +7c63402cdbc004a210f6c1c527b63b13d8bb9ec9c5a43d5c464a9010ff6f7f3b bash43-011 +3e1379030b35fbcf314e9e7954538cf4b43be1507142b29efae39eef997b8c12 bash43-012 +bfa8ca5336ab1f5ef988434a4bdedf71604aa8a3659636afa2ce7c7446c42c79 bash43-013 +5a4d6fa2365b6eb725a9d4966248b5edf7630a4aeb3fa8d526b877972658ac13 bash43-014 +13293e8a24e003a44d7fe928c6b1e07b444511bed2d9406407e006df28355e8d bash43-015 +92d60bcf49f61bd7f1ccb9602bead6f2c9946d79dea0e5ec0589bb3bfa5e0773 bash43-016 +1267c25c6b5ba57042a7bb6c569a6de02ffd0d29530489a16666c3b8a23e7780 bash43-017 +7aa8b40a9e973931719d8cc72284a8fb3292b71b522db57a5a79052f021a3d58 bash43-018" sha512sums="a852b8e46ee55568dce9d23a30a9dbd1c770c2d2a4bc91e1c3177d723b31b32c5d69d19704a93f165891b409b9dd2cc65723372044e2bd0ee49ed59a11512651 bash-4.3.tar.gz 74d51550cc03410f22ffea13f6452350d1e5564bff619fb07a5bbef14ca565fbe03770a2c0041292732cda16e8944b33ccbd0dfe29a606a068fedabe277cd6ae bash-noinfo.patch -b9e035f6a781dd4bb3c58f4de9922e7a3c68a0e38c1538f351c638469b70b031fe019e7f1d626e8db8239a13809f0c8dfa291caf930ed206345a80fa3cff3f80 bash_4.3-fix-setuid.patch +c5804ace658f9d7f957d4b98bebab4d8eb0ba3dd2dd155a480c7f9b0f17b06ced344b4b4c9f52ef1d5c0cabb047bce5237c350f53b95cf6c95e156ab4ab9e8a9 privmode-setuid-fail.patch a1011392652180a28f9837af4a341a80beb929c1458e2384e282f0007713c5fe8d0b315abf1340b3707748d3caed322135dee87b59eeb7612ee5130f87d79888 bash43-001 e3178c85f553522d5d1c5fd39e76f015b680a8ccc84836a5e10283b2aed6e5b7cc3d23af0e67a270b7622dce0abf35dd8a95afa9bb6f89b73a9439f7435175a4 bash43-002 dc2c5fad8d357d1301e419afd959dfaf015a63172857080c11f77ab1bb7d1d737f411eb0e70a861f98a36bed1b19edb7217a4fa9f4773e21706b62dc56ec3464 bash43-003 @@ -105,4 +119,11 @@ c445b5cdd486d06991c78d4c88e2e44e49f74d1fc07b8e4bc9492cccfc4ff4045587bed6b24d7459 53bae88cd3341a4ef8c60d6a294c09402103d1b20f485cf85775e6730a3d2eec8e6ebe15aa6dd95336e4a1f540f21db394823b9d04b416e5af071a7a6c618900 bash43-008 8d06fe612cd32cb414fdcdc34d4420b8991b268dd3ddd2dd47b3d01679954debd78e21f697a7f495d2340f0dcc8acdc3ad6809b8870bf5fd300afb1439788776 bash43-009 e36e550d749f52bab01256ed5f8f1b48fe53190c1a0a0a15c545328261c1f50b85f574b44188855858de1f2d045945770c4940bdecadd8381ea2cf174bde2fee bash43-010 -678bbcd92b927c86631cd42d6d3ab7596a3ffd20b640f471a9783a7972f05d2d4fb15970c12e7645e90d407c5a2d2aadcad698113211724b0ef8d89eccd2cd66 bash43-011" +678bbcd92b927c86631cd42d6d3ab7596a3ffd20b640f471a9783a7972f05d2d4fb15970c12e7645e90d407c5a2d2aadcad698113211724b0ef8d89eccd2cd66 bash43-011 +169453248edb55baf761b0c9c7b296ed2c24543b80fcf4756b8dd398054b6317da285c5e9cd68828f2620b05874f21a08773844ee32416daef76b88d0ef3ee6d bash43-012 +536bbf0c9b23eb824579955e7fce892cfc1e1d9fbcfc66810353ac4ff238e9e57361c0a46b3f3573ca8ca563331070ce55442ffea38e2a632840b6a318db1c88 bash43-013 +79fb50f62dbdca5e45a1359570e6d2173d442b3d4ddd4eb44809ed45ac022de4fe3f0aadd7672b4c8d9739405d51762486ee0c677b56f9c7d60e6224be84b87a bash43-014 +38a7af22f13f1f45705ceadf3abb52be75f3239959c2b1d57f333d137f25f14ed92c4d209b35417d449b1ec4291bbd984bb5fd11ad40375b22d2668b33fb8efb bash43-015 +52ab2966ccd42554c8bd76041e07921388220b46c93c34190197cdda38a085fd499d71e2e0a10daea130e6782ada556f35b1a37d06d023e83c4c4d665d07cd3f bash43-016 +88b11f324a780823b459b1e8a0904348c56079b4103cb86025d34dbba02543b0b7fbc2397bf043c24c1363f30539a6fe9b9f9fc717be9798f466071d1d420bb9 bash43-017 +f83d8e1d6d8fa8adf1715b8d4130730a13f5cd626f75e9e4b8c63244645a45a3f1fbac03081bb9d1e46864919d1b3189a9bb6d7a5e7a8854e6270ab3269c771f bash43-018" diff --git a/main/bash/bash_4.3-fix-setuid.patch b/main/bash/bash_4.3-fix-setuid.patch deleted file mode 100644 index 4f8a7a0999..0000000000 --- a/main/bash/bash_4.3-fix-setuid.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff --git shell.c shell.c -index bbc8a66..5bfd466 100644 ---- shell.c -+++ shell.c -@@ -1226,8 +1226,12 @@ uidget () - void - disable_priv_mode () - { -- setuid (current_user.uid); -- setgid (current_user.gid); -+ -+ if( (setuid (current_user.uid) !=0) || (setgid (current_user.gid) != 0) ){ -+ report_error("Drop privileges failed!!\n"); -+ exit(EX_DROPFAIL); -+ } -+ - current_user.euid = current_user.uid; - current_user.egid = current_user.gid; - } -diff --git shell.h shell.h -index 243e467..c3625be 100644 ---- shell.h -+++ shell.h -@@ -72,6 +72,7 @@ extern int EOF_Reached; - #define EX_REDIRFAIL 259 /* redirection failed */ - #define EX_BADASSIGN 260 /* variable assignment error */ - #define EX_EXPFAIL 261 /* word expansion failed */ -+#define EX_DROPFAIL 262 /* Drop privileges failed */ - - /* Flag values that control parameter pattern substitution. */ - #define MATCH_ANY 0x000 diff --git a/main/bash/privmode-setuid-fail.patch b/main/bash/privmode-setuid-fail.patch new file mode 100644 index 0000000000..059857d0bf --- /dev/null +++ b/main/bash/privmode-setuid-fail.patch @@ -0,0 +1,29 @@ +*** ../bash-4.3-patched/shell.c 2014-01-14 08:04:32.000000000 -0500 +--- shell.c 2014-06-06 16:29:01.000000000 -0400 +*************** +*** 1227,1232 **** + disable_priv_mode () + { +! setuid (current_user.uid); +! setgid (current_user.gid); + current_user.euid = current_user.uid; + current_user.egid = current_user.gid; +--- 1229,1246 ---- + disable_priv_mode () + { +! int e; +! +! if (setuid (current_user.uid) < 0) +! { +! e = errno; +! sys_error (_("cannot set uid to %d: effective uid %d"), current_user.uid, current_user.euid); +! #if defined (EXIT_ON_SETUID_FAILURE) +! if (e == EAGAIN) +! exit (e); +! #endif +! } +! if (setgid (current_user.gid) < 0) +! sys_error (_("cannot set gid to %d: effective gid %d"), current_user.gid, current_user.egid); +! + current_user.euid = current_user.uid; + current_user.egid = current_user.gid; |