inetutils: Update to the 2.5 release

The update from 2.4 to 2.5 was almost something AUH could take care of. However, we had backported two patches to address CVE-2023-40303 and that threw off AUH. These changes are confirmed to be in 2.5, so drop them and update to 2.5. (From OE-Core rev: e1bffeab27b062884f6366cde24ce1c67e7ec03e) Signed-off-by: Tom Rini <trini@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Tom Rini <trini@konsulko.com> 2024-01-03 10:11:47 -0500
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2024-01-03 23:36:34 +0000
commit: 1bbdc674aef8abada28d130a23752c1d8a4620b9 (patch)
tree: c1e91c74c3796840b985a68a6200581f323f499b /meta/recipes-connectivity
parent: d68492d6c5f9c3b4d4b1ec8fddf644d15637af2a (diff)
download: poky-1bbdc674aef8abada28d130a23752c1d8a4620b9.tar.gz
3 files changed, 1 insertions, 535 deletions
diff --git a/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch b/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
deleted file mode 100644
index 70bd98897d..0000000000
--- a/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
+++ /dev/null
@@ -1,279 +0,0 @@
-From 703418fe9d2e3b1e8d594df5788d8001a8116265 Mon Sep 17 00:00:00 2001
-From: Jeffrey Bencteux <jeffbencteux@gmail.com>
-Date: Fri, 30 Jun 2023 19:02:45 +0200
-Subject: [PATCH] CVE-2023-40303: ftpd,rcp,rlogin,rsh,rshd,uucpd: fix: check
- set*id() return values
-Several setuid(), setgid(), seteuid() and setguid() return values
-were not checked in ftpd/rcp/rlogin/rsh/rshd/uucpd code potentially
-leading to potential security issues.
-CVE: CVE-2023-40303
-Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6]
-Signed-off-by: Jeffrey Bencteux <jeffbencteux@gmail.com>
-Signed-off-by: Simon Josefsson <simon@josefsson.org>
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
- ftpd/ftpd.c  | 10 +++++++---
- src/rcp.c    | 39 +++++++++++++++++++++++++++++++++------
- src/rlogin.c | 11 +++++++++--
- src/rsh.c    | 25 +++++++++++++++++++++----
- src/rshd.c   | 20 +++++++++++++++++---
- src/uucpd.c  | 15 +++++++++++++--
- 6 files changed, 100 insertions(+), 20 deletions(-)
-diff --git a/ftpd/ftpd.c b/ftpd/ftpd.c
-index 92b2cca5..28dd523f 100644
--- a/ftpd/ftpd.c
-+++ b/ftpd/ftpd.c
-@@ -862,7 +862,9 @@ end_login (struct credentials *pcred)
-   char *remotehost = pcred->remotehost;
-   int atype = pcred->auth_type;
- 
-  seteuid ((uid_t) 0);
-+  if (seteuid ((uid_t) 0) == -1)
-+    _exit (EXIT_FAILURE);
-+
-   if (pcred->logged_in)
-     {
-       logwtmp_keep_open (ttyline, "", "");
-@@ -1151,7 +1153,8 @@ getdatasock (const char *mode)
- 
-   if (data >= 0)
-     return fdopen (data, mode);
-  seteuid ((uid_t) 0);
-+  if (seteuid ((uid_t) 0) == -1)
-+    _exit (EXIT_FAILURE);
-   s = socket (ctrl_addr.ss_family, SOCK_STREAM, 0);
-   if (s < 0)
-     goto bad;
-@@ -1978,7 +1981,8 @@ passive (int epsv, int af)
-   else /* !AF_INET6 */
-     ((struct sockaddr_in *) &pasv_addr)->sin_port = 0;
- 
-  seteuid ((uid_t) 0);
-+  if (seteuid ((uid_t) 0) == -1)
-+    _exit (EXIT_FAILURE);
-   if (bind (pdata, (struct sockaddr *) &pasv_addr, pasv_addrlen) < 0)
-     {
-       if (seteuid ((uid_t) cred.uid))
-diff --git a/src/rcp.c b/src/rcp.c
-index 75adb253..cdcf8500 100644
--- a/src/rcp.c
-+++ b/src/rcp.c
-@@ -345,14 +345,23 @@ main (int argc, char *argv[])
-   if (from_option)
-     {                          /* Follow "protocol", send data. */
-       response ();
-      setuid (userid);
-+
-+      if (setuid (userid) == -1)
-+      {
-+        error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
-+      }
-+
-       source (argc, argv);
-       exit (errs);
-     }
- 
-   if (to_option)
-     {                          /* Receive data. */
-      setuid (userid);
-+      if (setuid (userid) == -1)
-+      {
-+        error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
-+      }
-+
-       sink (argc, argv);
-       exit (errs);
-     }
-@@ -537,7 +546,11 @@ toremote (char *targ, int argc, char *argv[])
-              if (response () < 0)
-                exit (EXIT_FAILURE);
-              free (bp);
-             setuid (userid);
-+
-+             if (setuid (userid) == -1)
-+              {
-+                error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
-+              }
-            }
-          source (1, argv + i);
-          close (rem);
-@@ -630,7 +643,12 @@ tolocal (int argc, char *argv[])
-          ++errs;
-          continue;
-        }
-      seteuid (userid);
-+
-+      if (seteuid (userid) == -1)
-+      {
-+        error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
-+      }
-+
- #if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
-       sslen = sizeof (ss);
-       (void) getpeername (rem, (struct sockaddr *) &ss, &sslen);
-@@ -643,7 +661,12 @@ tolocal (int argc, char *argv[])
- #endif
-       vect[0] = target;
-       sink (1, vect);
-      seteuid (effuid);
-+
-+      if (seteuid (effuid) == -1)
-+      {
-+        error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
-+      }
-+
-       close (rem);
-       rem = -1;
- #ifdef SHISHI
-@@ -1441,7 +1464,11 @@ susystem (char *s, int userid)
-       return (127);
- 
-     case 0:
-      setuid (userid);
-+      if (setuid (userid) == -1)
-+      {
-+        error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
-+      }
-+
-       execl (PATH_BSHELL, "sh", "-c", s, NULL);
-       _exit (127);
-     }
-diff --git a/src/rlogin.c b/src/rlogin.c
-index aa6426fb..c543de0c 100644
--- a/src/rlogin.c
-+++ b/src/rlogin.c
-@@ -647,8 +647,15 @@ try_connect:
-   /* Now change to the real user ID.  We have to be set-user-ID root
-      to get the privileged port that rcmd () uses.  We now want, however,
-      to run as the real user who invoked us.  */
-  seteuid (uid);
-  setuid (uid);
-+  if (seteuid (uid) == -1)
-+  {
-+    error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
-+  }
-+
-+  if (setuid (uid) == -1)
-+  {
-+    error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
-+  }
- 
-   doit (&osmask);      /* The old mask will activate SIGURG and SIGUSR1!  */
- 
-diff --git a/src/rsh.c b/src/rsh.c
-index 2d622ca4..6f60667d 100644
--- a/src/rsh.c
-+++ b/src/rsh.c
-@@ -276,8 +276,17 @@ main (int argc, char **argv)
-     {
-       if (asrsh)
-        *argv = (char *) "rlogin";
-      seteuid (getuid ());
-      setuid (getuid ());
-+
-+      if (seteuid (getuid ()) == -1)
-+      {
-+        error (EXIT_FAILURE, errno, "seteuid() failed");
-+      }
-+
-+      if (setuid (getuid ()) == -1)
-+      {
-+        error (EXIT_FAILURE, errno, "setuid() failed");
-+      }
-+
-       execv (PATH_RLOGIN, argv);
-       error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN);
-     }
-@@ -541,8 +550,16 @@ try_connect:
-        error (0, errno, "setsockopt DEBUG (ignored)");
-     }
- 
-  seteuid (uid);
-  setuid (uid);
-+  if (seteuid (uid) == -1)
-+  {
-+    error (EXIT_FAILURE, errno, "seteuid() failed");
-+  }
-+
-+  if (setuid (uid) == -1)
-+  {
-+    error (EXIT_FAILURE, errno, "setuid() failed");
-+  }
-+
- #ifdef HAVE_SIGACTION
-   sigemptyset (&sigs);
-   sigaddset (&sigs, SIGINT);
-diff --git a/src/rshd.c b/src/rshd.c
-index d1c0d0cd..707790e7 100644
--- a/src/rshd.c
-+++ b/src/rshd.c
-@@ -1847,8 +1847,18 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
-     pwd->pw_shell = PATH_BSHELL;
- 
-   /* Set the gid, then uid to become the user specified by "locuser" */
-  setegid ((gid_t) pwd->pw_gid);
-  setgid ((gid_t) pwd->pw_gid);
-+  if (setegid ((gid_t) pwd->pw_gid) == -1)
-+  {
-+    rshd_error ("Cannot drop privileges (setegid() failed)\n");
-+    exit (EXIT_FAILURE);
-+  }
-+
-+  if (setgid ((gid_t) pwd->pw_gid) == -1)
-+  {
-+    rshd_error ("Cannot drop privileges (setgid() failed)\n");
-+    exit (EXIT_FAILURE);
-+  }
-+
- #ifdef HAVE_INITGROUPS
-   initgroups (pwd->pw_name, pwd->pw_gid);      /* BSD groups */
- #endif
-@@ -1870,7 +1880,11 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
-     }
- #endif /* WITH_PAM */
- 
-  setuid ((uid_t) pwd->pw_uid);
-+  if (setuid ((uid_t) pwd->pw_uid) == -1)
-+  {
-+    rshd_error ("Cannot drop privileges (setuid() failed)\n");
-+    exit (EXIT_FAILURE);
-+  }
- 
-   /* We'll execute the client's command in the home directory
-    * of locuser. Note, that the chdir must be executed after
-diff --git a/src/uucpd.c b/src/uucpd.c
-index 107589e1..29cfce35 100644
--- a/src/uucpd.c
-+++ b/src/uucpd.c
-@@ -252,7 +252,12 @@ doit (struct sockaddr *sap, socklen_t salen)
-   snprintf (Username, sizeof (Username), "USER=%s", user);
-   snprintf (Logname, sizeof (Logname), "LOGNAME=%s", user);
-   dologin (pw, sap, salen);
-  setgid (pw->pw_gid);
-+
-+  if (setgid (pw->pw_gid) == -1)
-+  {
-+    fprintf (stderr, "setgid() failed");
-+    return;
-+  }
- #ifdef HAVE_INITGROUPS
-   initgroups (pw->pw_name, pw->pw_gid);
- #endif
-@@ -261,7 +266,13 @@ doit (struct sockaddr *sap, socklen_t salen)
-       fprintf (stderr, "Login incorrect.");
-       return;
-     }
-  setuid (pw->pw_uid);
-+
-+  if (setuid (pw->pw_uid) == -1)
-+  {
-+    fprintf (stderr, "setuid() failed");
-+    return;
-+  }
-+
-   execl (uucico_location, "uucico", NULL);
-   perror ("uucico server: execl");
- }
diff --git a/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch b/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch
deleted file mode 100644
index 1b972aac29..0000000000
--- a/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch
+++ /dev/null
@@ -1,253 +0,0 @@
-From 70fe022f9dac760eaece0228cad17e3d29a57fb8 Mon Sep 17 00:00:00 2001
-From: Simon Josefsson <simon@josefsson.org>
-Date: Mon, 31 Jul 2023 13:59:05 +0200
-Subject: [PATCH] CVE-2023-40303: Indent changes in previous commit.
-CVE: CVE-2023-40303
-Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d]
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
- src/rcp.c    | 42 ++++++++++++++++++++++++------------------
- src/rlogin.c | 12 ++++++------
- src/rsh.c    | 24 ++++++++++++------------
- src/rshd.c   | 24 ++++++++++++------------
- src/uucpd.c  | 16 ++++++++--------
- 5 files changed, 62 insertions(+), 56 deletions(-)
-diff --git a/src/rcp.c b/src/rcp.c
-index cdcf8500..652f22e6 100644
--- a/src/rcp.c
-+++ b/src/rcp.c
-@@ -347,9 +347,10 @@ main (int argc, char *argv[])
-       response ();
- 
-       if (setuid (userid) == -1)
-      {
-        error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
-      }
-+       {
-+         error (EXIT_FAILURE, 0,
-+                "Could not drop privileges (setuid() failed)");
-+       }
- 
-       source (argc, argv);
-       exit (errs);
-@@ -358,9 +359,10 @@ main (int argc, char *argv[])
-   if (to_option)
-     {                          /* Receive data. */
-       if (setuid (userid) == -1)
-      {
-        error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
-      }
-+       {
-+         error (EXIT_FAILURE, 0,
-+                "Could not drop privileges (setuid() failed)");
-+       }
- 
-       sink (argc, argv);
-       exit (errs);
-@@ -548,9 +550,10 @@ toremote (char *targ, int argc, char *argv[])
-              free (bp);
- 
-              if (setuid (userid) == -1)
-              {
-                error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
-              }
-+               {
-+                 error (EXIT_FAILURE, 0,
-+                        "Could not drop privileges (setuid() failed)");
-+               }
-            }
-          source (1, argv + i);
-          close (rem);
-@@ -645,9 +648,10 @@ tolocal (int argc, char *argv[])
-        }
- 
-       if (seteuid (userid) == -1)
-      {
-        error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
-      }
-+       {
-+         error (EXIT_FAILURE, 0,
-+                "Could not drop privileges (seteuid() failed)");
-+       }
- 
- #if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
-       sslen = sizeof (ss);
-@@ -663,9 +667,10 @@ tolocal (int argc, char *argv[])
-       sink (1, vect);
- 
-       if (seteuid (effuid) == -1)
-      {
-        error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
-      }
-+       {
-+         error (EXIT_FAILURE, 0,
-+                "Could not drop privileges (seteuid() failed)");
-+       }
- 
-       close (rem);
-       rem = -1;
-@@ -1465,9 +1470,10 @@ susystem (char *s, int userid)
- 
-     case 0:
-       if (setuid (userid) == -1)
-      {
-        error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
-      }
-+       {
-+         error (EXIT_FAILURE, 0,
-+                "Could not drop privileges (setuid() failed)");
-+       }
- 
-       execl (PATH_BSHELL, "sh", "-c", s, NULL);
-       _exit (127);
-diff --git a/src/rlogin.c b/src/rlogin.c
-index c543de0c..4360202f 100644
--- a/src/rlogin.c
-+++ b/src/rlogin.c
-@@ -648,14 +648,14 @@ try_connect:
-      to get the privileged port that rcmd () uses.  We now want, however,
-      to run as the real user who invoked us.  */
-   if (seteuid (uid) == -1)
-  {
-    error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
-  }
-+    {
-+      error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
-+    }
- 
-   if (setuid (uid) == -1)
-  {
-    error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
-  }
-+    {
-+      error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
-+    }
- 
-   doit (&osmask);      /* The old mask will activate SIGURG and SIGUSR1!  */
- 
-diff --git a/src/rsh.c b/src/rsh.c
-index 6f60667d..179b47cd 100644
--- a/src/rsh.c
-+++ b/src/rsh.c
-@@ -278,14 +278,14 @@ main (int argc, char **argv)
-        *argv = (char *) "rlogin";
- 
-       if (seteuid (getuid ()) == -1)
-      {
-        error (EXIT_FAILURE, errno, "seteuid() failed");
-      }
-+       {
-+         error (EXIT_FAILURE, errno, "seteuid() failed");
-+       }
- 
-       if (setuid (getuid ()) == -1)
-      {
-        error (EXIT_FAILURE, errno, "setuid() failed");
-      }
-+       {
-+         error (EXIT_FAILURE, errno, "setuid() failed");
-+       }
- 
-       execv (PATH_RLOGIN, argv);
-       error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN);
-@@ -551,14 +551,14 @@ try_connect:
-     }
- 
-   if (seteuid (uid) == -1)
-  {
-    error (EXIT_FAILURE, errno, "seteuid() failed");
-  }
-+    {
-+      error (EXIT_FAILURE, errno, "seteuid() failed");
-+    }
- 
-   if (setuid (uid) == -1)
-  {
-    error (EXIT_FAILURE, errno, "setuid() failed");
-  }
-+    {
-+      error (EXIT_FAILURE, errno, "setuid() failed");
-+    }
- 
- #ifdef HAVE_SIGACTION
-   sigemptyset (&sigs);
-diff --git a/src/rshd.c b/src/rshd.c
-index 707790e7..3a153a18 100644
--- a/src/rshd.c
-+++ b/src/rshd.c
-@@ -1848,16 +1848,16 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
- 
-   /* Set the gid, then uid to become the user specified by "locuser" */
-   if (setegid ((gid_t) pwd->pw_gid) == -1)
-  {
-    rshd_error ("Cannot drop privileges (setegid() failed)\n");
-    exit (EXIT_FAILURE);
-  }
-+    {
-+      rshd_error ("Cannot drop privileges (setegid() failed)\n");
-+      exit (EXIT_FAILURE);
-+    }
- 
-   if (setgid ((gid_t) pwd->pw_gid) == -1)
-  {
-    rshd_error ("Cannot drop privileges (setgid() failed)\n");
-    exit (EXIT_FAILURE);
-  }
-+    {
-+      rshd_error ("Cannot drop privileges (setgid() failed)\n");
-+      exit (EXIT_FAILURE);
-+    }
- 
- #ifdef HAVE_INITGROUPS
-   initgroups (pwd->pw_name, pwd->pw_gid);      /* BSD groups */
-@@ -1881,10 +1881,10 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
- #endif /* WITH_PAM */
- 
-   if (setuid ((uid_t) pwd->pw_uid) == -1)
-  {
-    rshd_error ("Cannot drop privileges (setuid() failed)\n");
-    exit (EXIT_FAILURE);
-  }
-+    {
-+      rshd_error ("Cannot drop privileges (setuid() failed)\n");
-+      exit (EXIT_FAILURE);
-+    }
- 
-   /* We'll execute the client's command in the home directory
-    * of locuser. Note, that the chdir must be executed after
-diff --git a/src/uucpd.c b/src/uucpd.c
-index 29cfce35..fde7b9c9 100644
--- a/src/uucpd.c
-+++ b/src/uucpd.c
-@@ -254,10 +254,10 @@ doit (struct sockaddr *sap, socklen_t salen)
-   dologin (pw, sap, salen);
- 
-   if (setgid (pw->pw_gid) == -1)
-  {
-    fprintf (stderr, "setgid() failed");
-    return;
-  }
-+    {
-+      fprintf (stderr, "setgid() failed");
-+      return;
-+    }
- #ifdef HAVE_INITGROUPS
-   initgroups (pw->pw_name, pw->pw_gid);
- #endif
-@@ -268,10 +268,10 @@ doit (struct sockaddr *sap, socklen_t salen)
-     }
- 
-   if (setuid (pw->pw_uid) == -1)
-  {
-    fprintf (stderr, "setuid() failed");
-    return;
-  }
-+    {
-+      fprintf (stderr, "setuid() failed");
-+      return;
-+    }
- 
-   execl (uucico_location, "uucico", NULL);
-   perror ("uucico server: execl");
diff --git a/meta/recipes-connectivity/inetutils/inetutils_2.4.bb b/meta/recipes-connectivity/inetutils/inetutils_2.5.bb
index 957f1feac6..0f1a0736bd 100644
--- a/meta/recipes-connectivity/inetutils/inetutils_2.4.bb
+++ b/meta/recipes-connectivity/inetutils/inetutils_2.5.bb
@@ -11,15 +11,13 @@ LICENSE = "GPL-3.0-only"
 LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7"
-SRC_URI[sha256sum] = "1789d6b1b1a57dfe2a7ab7b533ee9f5dfd9cbf5b59bb1bb3c2612ed08d0f68b2"
+SRC_URI[sha256sum] = "87697d60a31e10b5cb86a9f0651e1ec7bee98320d048c0739431aac3d5764fb6"
 SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
           file://rexec.xinetd.inetutils \
           file://rlogin.xinetd.inetutils \
           file://rsh.xinetd.inetutils \
           file://telnet.xinetd.inetutils \
           file://tftpd.xinetd.inetutils \
-           file://0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch \
-           file://0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch \
           "
 inherit autotools gettext update-alternatives texinfo
author	Tom Rini <trini@konsulko.com>	2024-01-03 10:11:47 -0500
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2024-01-03 23:36:34 +0000
commit	1bbdc674aef8abada28d130a23752c1d8a4620b9 (patch)
tree	c1e91c74c3796840b985a68a6200581f323f499b /meta/recipes-connectivity
parent	d68492d6c5f9c3b4d4b1ec8fddf644d15637af2a (diff)
download	poky-1bbdc674aef8abada28d130a23752c1d8a4620b9.tar.gz

diff --git a/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch b/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch deleted file mode 100644 index 70bd98897d..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch +++ /dev/null
@@ -1,279 +0,0 @@
1	From 703418fe9d2e3b1e8d594df5788d8001a8116265 Mon Sep 17 00:00:00 2001
2	From: Jeffrey Bencteux <jeffbencteux@gmail.com>
3	Date: Fri, 30 Jun 2023 19:02:45 +0200
4	Subject: [PATCH] CVE-2023-40303: ftpd,rcp,rlogin,rsh,rshd,uucpd: fix: check
5	set*id() return values
6
7	Several setuid(), setgid(), seteuid() and setguid() return values
8	were not checked in ftpd/rcp/rlogin/rsh/rshd/uucpd code potentially
9	leading to potential security issues.
10
11	CVE: CVE-2023-40303
12	Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6]
13	Signed-off-by: Jeffrey Bencteux <jeffbencteux@gmail.com>
14	Signed-off-by: Simon Josefsson <simon@josefsson.org>
15	Signed-off-by: Khem Raj <raj.khem@gmail.com>
16	---
17	ftpd/ftpd.c \| 10 +++++++---
18	src/rcp.c \| 39 +++++++++++++++++++++++++++++++++------
19	src/rlogin.c \| 11 +++++++++--
20	src/rsh.c \| 25 +++++++++++++++++++++----
21	src/rshd.c \| 20 +++++++++++++++++---
22	src/uucpd.c \| 15 +++++++++++++--
23	6 files changed, 100 insertions(+), 20 deletions(-)
24
25	diff --git a/ftpd/ftpd.c b/ftpd/ftpd.c
26	index 92b2cca5..28dd523f 100644
27	--- a/ftpd/ftpd.c
28	+++ b/ftpd/ftpd.c
29	@@ -862,7 +862,9 @@ end_login (struct credentials *pcred)
30	char *remotehost = pcred->remotehost;
31	int atype = pcred->auth_type;
32
33	- seteuid ((uid_t) 0);
34	+ if (seteuid ((uid_t) 0) == -1)
35	+ _exit (EXIT_FAILURE);
36	+
37	if (pcred->logged_in)
38	{
39	logwtmp_keep_open (ttyline, "", "");
40	@@ -1151,7 +1153,8 @@ getdatasock (const char *mode)
41
42	if (data >= 0)
43	return fdopen (data, mode);
44	- seteuid ((uid_t) 0);
45	+ if (seteuid ((uid_t) 0) == -1)
46	+ _exit (EXIT_FAILURE);
47	s = socket (ctrl_addr.ss_family, SOCK_STREAM, 0);
48	if (s < 0)
49	goto bad;
50	@@ -1978,7 +1981,8 @@ passive (int epsv, int af)
51	else /* !AF_INET6 */
52	((struct sockaddr_in *) &pasv_addr)->sin_port = 0;
53
54	- seteuid ((uid_t) 0);
55	+ if (seteuid ((uid_t) 0) == -1)
56	+ _exit (EXIT_FAILURE);
57	if (bind (pdata, (struct sockaddr *) &pasv_addr, pasv_addrlen) < 0)
58	{
59	if (seteuid ((uid_t) cred.uid))
60	diff --git a/src/rcp.c b/src/rcp.c
61	index 75adb253..cdcf8500 100644
62	--- a/src/rcp.c
63	+++ b/src/rcp.c
64	@@ -345,14 +345,23 @@ main (int argc, char *argv[])
65	if (from_option)
66	{ /* Follow "protocol", send data. */
67	response ();
68	- setuid (userid);
69	+
70	+ if (setuid (userid) == -1)
71	+ {
72	+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
73	+ }
74	+
75	source (argc, argv);
76	exit (errs);
77	}
78
79	if (to_option)
80	{ /* Receive data. */
81	- setuid (userid);
82	+ if (setuid (userid) == -1)
83	+ {
84	+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
85	+ }
86	+
87	sink (argc, argv);
88	exit (errs);
89	}
90	@@ -537,7 +546,11 @@ toremote (char targ, int argc, char argv[])
91	if (response () < 0)
92	exit (EXIT_FAILURE);
93	free (bp);
94	- setuid (userid);
95	+
96	+ if (setuid (userid) == -1)
97	+ {
98	+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
99	+ }
100	}
101	source (1, argv + i);
102	close (rem);
103	@@ -630,7 +643,12 @@ tolocal (int argc, char *argv[])
104	++errs;
105	continue;
106	}
107	- seteuid (userid);
108	+
109	+ if (seteuid (userid) == -1)
110	+ {
111	+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
112	+ }
113	+
114	#if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
115	sslen = sizeof (ss);
116	(void) getpeername (rem, (struct sockaddr *) &ss, &sslen);
117	@@ -643,7 +661,12 @@ tolocal (int argc, char *argv[])
118	#endif
119	vect[0] = target;
120	sink (1, vect);
121	- seteuid (effuid);
122	+
123	+ if (seteuid (effuid) == -1)
124	+ {
125	+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
126	+ }
127	+
128	close (rem);
129	rem = -1;
130	#ifdef SHISHI
131	@@ -1441,7 +1464,11 @@ susystem (char *s, int userid)
132	return (127);
133
134	case 0:
135	- setuid (userid);
136	+ if (setuid (userid) == -1)
137	+ {
138	+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
139	+ }
140	+
141	execl (PATH_BSHELL, "sh", "-c", s, NULL);
142	_exit (127);
143	}
144	diff --git a/src/rlogin.c b/src/rlogin.c
145	index aa6426fb..c543de0c 100644
146	--- a/src/rlogin.c
147	+++ b/src/rlogin.c
148	@@ -647,8 +647,15 @@ try_connect:
149	/* Now change to the real user ID. We have to be set-user-ID root
150	to get the privileged port that rcmd () uses. We now want, however,
151	to run as the real user who invoked us. */
152	- seteuid (uid);
153	- setuid (uid);
154	+ if (seteuid (uid) == -1)
155	+ {
156	+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
157	+ }
158	+
159	+ if (setuid (uid) == -1)
160	+ {
161	+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
162	+ }
163
164	doit (&osmask); /* The old mask will activate SIGURG and SIGUSR1! */
165
166	diff --git a/src/rsh.c b/src/rsh.c
167	index 2d622ca4..6f60667d 100644
168	--- a/src/rsh.c
169	+++ b/src/rsh.c
170	@@ -276,8 +276,17 @@ main (int argc, char **argv)
171	{
172	if (asrsh)
173	argv = (char ) "rlogin";
174	- seteuid (getuid ());
175	- setuid (getuid ());
176	+
177	+ if (seteuid (getuid ()) == -1)
178	+ {
179	+ error (EXIT_FAILURE, errno, "seteuid() failed");
180	+ }
181	+
182	+ if (setuid (getuid ()) == -1)
183	+ {
184	+ error (EXIT_FAILURE, errno, "setuid() failed");
185	+ }
186	+
187	execv (PATH_RLOGIN, argv);
188	error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN);
189	}
190	@@ -541,8 +550,16 @@ try_connect:
191	error (0, errno, "setsockopt DEBUG (ignored)");
192	}
193
194	- seteuid (uid);
195	- setuid (uid);
196	+ if (seteuid (uid) == -1)
197	+ {
198	+ error (EXIT_FAILURE, errno, "seteuid() failed");
199	+ }
200	+
201	+ if (setuid (uid) == -1)
202	+ {
203	+ error (EXIT_FAILURE, errno, "setuid() failed");
204	+ }
205	+
206	#ifdef HAVE_SIGACTION
207	sigemptyset (&sigs);
208	sigaddset (&sigs, SIGINT);
209	diff --git a/src/rshd.c b/src/rshd.c
210	index d1c0d0cd..707790e7 100644
211	--- a/src/rshd.c
212	+++ b/src/rshd.c
213	@@ -1847,8 +1847,18 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
214	pwd->pw_shell = PATH_BSHELL;
215
216	/* Set the gid, then uid to become the user specified by "locuser" */
217	- setegid ((gid_t) pwd->pw_gid);
218	- setgid ((gid_t) pwd->pw_gid);
219	+ if (setegid ((gid_t) pwd->pw_gid) == -1)
220	+ {
221	+ rshd_error ("Cannot drop privileges (setegid() failed)\n");
222	+ exit (EXIT_FAILURE);
223	+ }
224	+
225	+ if (setgid ((gid_t) pwd->pw_gid) == -1)
226	+ {
227	+ rshd_error ("Cannot drop privileges (setgid() failed)\n");
228	+ exit (EXIT_FAILURE);
229	+ }
230	+
231	#ifdef HAVE_INITGROUPS
232	initgroups (pwd->pw_name, pwd->pw_gid); /* BSD groups */
233	#endif
234	@@ -1870,7 +1880,11 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
235	}
236	#endif /* WITH_PAM */
237
238	- setuid ((uid_t) pwd->pw_uid);
239	+ if (setuid ((uid_t) pwd->pw_uid) == -1)
240	+ {
241	+ rshd_error ("Cannot drop privileges (setuid() failed)\n");
242	+ exit (EXIT_FAILURE);
243	+ }
244
245	/* We'll execute the client's command in the home directory
246	* of locuser. Note, that the chdir must be executed after
247	diff --git a/src/uucpd.c b/src/uucpd.c
248	index 107589e1..29cfce35 100644
249	--- a/src/uucpd.c
250	+++ b/src/uucpd.c
251	@@ -252,7 +252,12 @@ doit (struct sockaddr *sap, socklen_t salen)
252	snprintf (Username, sizeof (Username), "USER=%s", user);
253	snprintf (Logname, sizeof (Logname), "LOGNAME=%s", user);
254	dologin (pw, sap, salen);
255	- setgid (pw->pw_gid);
256	+
257	+ if (setgid (pw->pw_gid) == -1)
258	+ {
259	+ fprintf (stderr, "setgid() failed");
260	+ return;
261	+ }
262	#ifdef HAVE_INITGROUPS
263	initgroups (pw->pw_name, pw->pw_gid);
264	#endif
265	@@ -261,7 +266,13 @@ doit (struct sockaddr *sap, socklen_t salen)
266	fprintf (stderr, "Login incorrect.");
267	return;
268	}
269	- setuid (pw->pw_uid);
270	+
271	+ if (setuid (pw->pw_uid) == -1)
272	+ {
273	+ fprintf (stderr, "setuid() failed");
274	+ return;
275	+ }
276	+
277	execl (uucico_location, "uucico", NULL);
278	perror ("uucico server: execl");
279	}


diff --git a/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch b/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch deleted file mode 100644 index 1b972aac29..0000000000 --- a/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch +++ /dev/null
@@ -1,253 +0,0 @@
1	From 70fe022f9dac760eaece0228cad17e3d29a57fb8 Mon Sep 17 00:00:00 2001
2	From: Simon Josefsson <simon@josefsson.org>
3	Date: Mon, 31 Jul 2023 13:59:05 +0200
4	Subject: [PATCH] CVE-2023-40303: Indent changes in previous commit.
5
6	CVE: CVE-2023-40303
7	Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d]
8	Signed-off-by: Khem Raj <raj.khem@gmail.com>
9	---
10	src/rcp.c \| 42 ++++++++++++++++++++++++------------------
11	src/rlogin.c \| 12 ++++++------
12	src/rsh.c \| 24 ++++++++++++------------
13	src/rshd.c \| 24 ++++++++++++------------
14	src/uucpd.c \| 16 ++++++++--------
15	5 files changed, 62 insertions(+), 56 deletions(-)
16
17	diff --git a/src/rcp.c b/src/rcp.c
18	index cdcf8500..652f22e6 100644
19	--- a/src/rcp.c
20	+++ b/src/rcp.c
21	@@ -347,9 +347,10 @@ main (int argc, char *argv[])
22	response ();
23
24	if (setuid (userid) == -1)
25	- {
26	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
27	- }
28	+ {
29	+ error (EXIT_FAILURE, 0,
30	+ "Could not drop privileges (setuid() failed)");
31	+ }
32
33	source (argc, argv);
34	exit (errs);
35	@@ -358,9 +359,10 @@ main (int argc, char *argv[])
36	if (to_option)
37	{ /* Receive data. */
38	if (setuid (userid) == -1)
39	- {
40	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
41	- }
42	+ {
43	+ error (EXIT_FAILURE, 0,
44	+ "Could not drop privileges (setuid() failed)");
45	+ }
46
47	sink (argc, argv);
48	exit (errs);
49	@@ -548,9 +550,10 @@ toremote (char targ, int argc, char argv[])
50	free (bp);
51
52	if (setuid (userid) == -1)
53	- {
54	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
55	- }
56	+ {
57	+ error (EXIT_FAILURE, 0,
58	+ "Could not drop privileges (setuid() failed)");
59	+ }
60	}
61	source (1, argv + i);
62	close (rem);
63	@@ -645,9 +648,10 @@ tolocal (int argc, char *argv[])
64	}
65
66	if (seteuid (userid) == -1)
67	- {
68	- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
69	- }
70	+ {
71	+ error (EXIT_FAILURE, 0,
72	+ "Could not drop privileges (seteuid() failed)");
73	+ }
74
75	#if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
76	sslen = sizeof (ss);
77	@@ -663,9 +667,10 @@ tolocal (int argc, char *argv[])
78	sink (1, vect);
79
80	if (seteuid (effuid) == -1)
81	- {
82	- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
83	- }
84	+ {
85	+ error (EXIT_FAILURE, 0,
86	+ "Could not drop privileges (seteuid() failed)");
87	+ }
88
89	close (rem);
90	rem = -1;
91	@@ -1465,9 +1470,10 @@ susystem (char *s, int userid)
92
93	case 0:
94	if (setuid (userid) == -1)
95	- {
96	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
97	- }
98	+ {
99	+ error (EXIT_FAILURE, 0,
100	+ "Could not drop privileges (setuid() failed)");
101	+ }
102
103	execl (PATH_BSHELL, "sh", "-c", s, NULL);
104	_exit (127);
105	diff --git a/src/rlogin.c b/src/rlogin.c
106	index c543de0c..4360202f 100644
107	--- a/src/rlogin.c
108	+++ b/src/rlogin.c
109	@@ -648,14 +648,14 @@ try_connect:
110	to get the privileged port that rcmd () uses. We now want, however,
111	to run as the real user who invoked us. */
112	if (seteuid (uid) == -1)
113	- {
114	- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
115	- }
116	+ {
117	+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
118	+ }
119
120	if (setuid (uid) == -1)
121	- {
122	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
123	- }
124	+ {
125	+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
126	+ }
127
128	doit (&osmask); /* The old mask will activate SIGURG and SIGUSR1! */
129
130	diff --git a/src/rsh.c b/src/rsh.c
131	index 6f60667d..179b47cd 100644
132	--- a/src/rsh.c
133	+++ b/src/rsh.c
134	@@ -278,14 +278,14 @@ main (int argc, char **argv)
135	argv = (char ) "rlogin";
136
137	if (seteuid (getuid ()) == -1)
138	- {
139	- error (EXIT_FAILURE, errno, "seteuid() failed");
140	- }
141	+ {
142	+ error (EXIT_FAILURE, errno, "seteuid() failed");
143	+ }
144
145	if (setuid (getuid ()) == -1)
146	- {
147	- error (EXIT_FAILURE, errno, "setuid() failed");
148	- }
149	+ {
150	+ error (EXIT_FAILURE, errno, "setuid() failed");
151	+ }
152
153	execv (PATH_RLOGIN, argv);
154	error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN);
155	@@ -551,14 +551,14 @@ try_connect:
156	}
157
158	if (seteuid (uid) == -1)
159	- {
160	- error (EXIT_FAILURE, errno, "seteuid() failed");
161	- }
162	+ {
163	+ error (EXIT_FAILURE, errno, "seteuid() failed");
164	+ }
165
166	if (setuid (uid) == -1)
167	- {
168	- error (EXIT_FAILURE, errno, "setuid() failed");
169	- }
170	+ {
171	+ error (EXIT_FAILURE, errno, "setuid() failed");
172	+ }
173
174	#ifdef HAVE_SIGACTION
175	sigemptyset (&sigs);
176	diff --git a/src/rshd.c b/src/rshd.c
177	index 707790e7..3a153a18 100644
178	--- a/src/rshd.c
179	+++ b/src/rshd.c
180	@@ -1848,16 +1848,16 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
181
182	/* Set the gid, then uid to become the user specified by "locuser" */
183	if (setegid ((gid_t) pwd->pw_gid) == -1)
184	- {
185	- rshd_error ("Cannot drop privileges (setegid() failed)\n");
186	- exit (EXIT_FAILURE);
187	- }
188	+ {
189	+ rshd_error ("Cannot drop privileges (setegid() failed)\n");
190	+ exit (EXIT_FAILURE);
191	+ }
192
193	if (setgid ((gid_t) pwd->pw_gid) == -1)
194	- {
195	- rshd_error ("Cannot drop privileges (setgid() failed)\n");
196	- exit (EXIT_FAILURE);
197	- }
198	+ {
199	+ rshd_error ("Cannot drop privileges (setgid() failed)\n");
200	+ exit (EXIT_FAILURE);
201	+ }
202
203	#ifdef HAVE_INITGROUPS
204	initgroups (pwd->pw_name, pwd->pw_gid); /* BSD groups */
205	@@ -1881,10 +1881,10 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
206	#endif /* WITH_PAM */
207
208	if (setuid ((uid_t) pwd->pw_uid) == -1)
209	- {
210	- rshd_error ("Cannot drop privileges (setuid() failed)\n");
211	- exit (EXIT_FAILURE);
212	- }
213	+ {
214	+ rshd_error ("Cannot drop privileges (setuid() failed)\n");
215	+ exit (EXIT_FAILURE);
216	+ }
217
218	/* We'll execute the client's command in the home directory
219	* of locuser. Note, that the chdir must be executed after
220	diff --git a/src/uucpd.c b/src/uucpd.c
221	index 29cfce35..fde7b9c9 100644
222	--- a/src/uucpd.c
223	+++ b/src/uucpd.c
224	@@ -254,10 +254,10 @@ doit (struct sockaddr *sap, socklen_t salen)
225	dologin (pw, sap, salen);
226
227	if (setgid (pw->pw_gid) == -1)
228	- {
229	- fprintf (stderr, "setgid() failed");
230	- return;
231	- }
232	+ {
233	+ fprintf (stderr, "setgid() failed");
234	+ return;
235	+ }
236	#ifdef HAVE_INITGROUPS
237	initgroups (pw->pw_name, pw->pw_gid);
238	#endif
239	@@ -268,10 +268,10 @@ doit (struct sockaddr *sap, socklen_t salen)
240	}
241
242	if (setuid (pw->pw_uid) == -1)
243	- {
244	- fprintf (stderr, "setuid() failed");
245	- return;
246	- }
247	+ {
248	+ fprintf (stderr, "setuid() failed");
249	+ return;
250	+ }
251
252	execl (uucico_location, "uucico", NULL);
253	perror ("uucico server: execl");


diff --git a/meta/recipes-connectivity/inetutils/inetutils_2.4.bb b/meta/recipes-connectivity/inetutils/inetutils_2.5.bb index 957f1feac6..0f1a0736bd 100644 --- a/meta/recipes-connectivity/inetutils/inetutils_2.4.bb +++ b/meta/recipes-connectivity/inetutils/inetutils_2.5.bb
@@ -11,15 +11,13 @@ LICENSE = "GPL-3.0-only"
11		11
12	LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7"	12	LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7"
13		13
14	SRC_URI[sha256sum] = "1789d6b1b1a57dfe2a7ab7b533ee9f5dfd9cbf5b59bb1bb3c2612ed08d0f68b2"	14	SRC_URI[sha256sum] = "87697d60a31e10b5cb86a9f0651e1ec7bee98320d048c0739431aac3d5764fb6"
15	SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \	15	SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
16	file://rexec.xinetd.inetutils \	16	file://rexec.xinetd.inetutils \
17	file://rlogin.xinetd.inetutils \	17	file://rlogin.xinetd.inetutils \
18	file://rsh.xinetd.inetutils \	18	file://rsh.xinetd.inetutils \
19	file://telnet.xinetd.inetutils \	19	file://telnet.xinetd.inetutils \
20	file://tftpd.xinetd.inetutils \	20	file://tftpd.xinetd.inetutils \
21	file://0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch \
22	file://0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch \
23	"	21	"
24		22
25	inherit autotools gettext update-alternatives texinfo	23	inherit autotools gettext update-alternatives texinfo