summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWenzong Fan <wenzong.fan@windriver.com>2013-06-18 23:21:29 -0400
committerRichard Purdie <richard.purdie@linuxfoundation.org>2013-07-09 10:53:54 +0100
commitbb43931f3d977ac90faf5ab0e2bb94e5af0186e3 (patch)
treef64f7d6809fe423d72f69afd91f092a81e1112d5
parentb8de21c074984319a216a3fcc44def1231e9187e (diff)
downloadpoky-bb43931f3d977ac90faf5ab0e2bb94e5af0186e3.tar.gz
libpam: Fix for CVE-2010-4708
Change default for user_readenv to 0 and document the new default for user_readenv. This fix from: http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env /pam_env.c?r1=1.22&r2=1.23&view=patch http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env /pam_env.8.xml?r1=1.7&r2=1.8&view=patch (From OE-Core master rev: 871ae7a6453b3b66610fd8bbaa770c92be850e19) (From OE-Core rev: b280268dd0976fe44a7227a99d8f5584c3b94ffa) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-extended/pam/libpam/libpam-fix-for-CVE-2010-4708.patch41
-rw-r--r--meta/recipes-extended/pam/libpam_1.1.6.bb1
2 files changed, 42 insertions, 0 deletions
diff --git a/meta/recipes-extended/pam/libpam/libpam-fix-for-CVE-2010-4708.patch b/meta/recipes-extended/pam/libpam/libpam-fix-for-CVE-2010-4708.patch
new file mode 100644
index 0000000000..5d2b69aae0
--- /dev/null
+++ b/meta/recipes-extended/pam/libpam/libpam-fix-for-CVE-2010-4708.patch
@@ -0,0 +1,41 @@
1Upstream-Status: Backport
2
3Fix for CVE-2010-4708
4
5Change default for user_readenv to 0 and document the
6new default for user_readenv.
7
8This fix is got from:
9http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env
10/pam_env.c?r1=1.22&r2=1.23&view=patch
11http://pam.cvs.sourceforge.net/viewvc/pam/Linux-PAM/modules/pam_env
12/pam_env.8.xml?r1=1.7&r2=1.8&view=patch
13
14Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
15
16---
17--- a/modules/pam_env/pam_env.c 2012-09-05 13:57:47.000000000 +0800
18+++ b/modules/pam_env/pam_env.c 2012-09-05 13:58:05.000000000 +0800
19@@ -10,7 +10,7 @@
20 #define DEFAULT_READ_ENVFILE 1
21
22 #define DEFAULT_USER_ENVFILE ".pam_environment"
23-#define DEFAULT_USER_READ_ENVFILE 1
24+#define DEFAULT_USER_READ_ENVFILE 0
25
26 #include "config.h"
27
28--- a/modules/pam_env/pam_env.8.xml 2012-09-05 13:58:24.000000000 +0800
29+++ b/modules/pam_env/pam_env.8.xml 2012-09-05 13:59:36.000000000 +0800
30@@ -147,7 +147,10 @@
31 <listitem>
32 <para>
33 Turns on or off the reading of the user specific environment
34- file. 0 is off, 1 is on. By default this option is on.
35+ file. 0 is off, 1 is on. By default this option is off as user
36+ supplied environment variables in the PAM environment could affect
37+ behavior of subsequent modules in the stack without the consent
38+ of the system administrator.
39 </para>
40 </listitem>
41 </varlistentry>
diff --git a/meta/recipes-extended/pam/libpam_1.1.6.bb b/meta/recipes-extended/pam/libpam_1.1.6.bb
index c355634478..79fe022792 100644
--- a/meta/recipes-extended/pam/libpam_1.1.6.bb
+++ b/meta/recipes-extended/pam/libpam_1.1.6.bb
@@ -17,6 +17,7 @@ SRC_URI = "http://linux-pam.org/library/Linux-PAM-${PV}.tar.bz2 \
17 file://fixsepbuild.patch \ 17 file://fixsepbuild.patch \
18 file://reflect-the-enforce_for_root-semantics-change-in-pam.patch \ 18 file://reflect-the-enforce_for_root-semantics-change-in-pam.patch \
19 file://add-checks-for-crypt-returning-NULL.patch \ 19 file://add-checks-for-crypt-returning-NULL.patch \
20 file://libpam-fix-for-CVE-2010-4708.patch \
20 " 21 "
21SRC_URI[md5sum] = "7b73e58b7ce79ffa321d408de06db2c4" 22SRC_URI[md5sum] = "7b73e58b7ce79ffa321d408de06db2c4"
22SRC_URI[sha256sum] = "bab887d6280f47fc3963df3b95735a27a16f0f663636163ddf3acab5f1149fc2" 23SRC_URI[sha256sum] = "bab887d6280f47fc3963df3b95735a27a16f0f663636163ddf3acab5f1149fc2"