shadow: upgrade to 4.1.4.3 to fix security vulnerability

For CVE-2011-0721: http://lists.debian.org/debian-security-announce/2011/msg00030.html Signed-off-by: Yu Ke <ke.yu@intel.com>
author: Yu Ke <ke.yu@intel.com> 2011-02-28 19:34:45 +0800
committer: Saul Wold <sgw@linux.intel.com> 2011-03-01 07:27:31 -0800
commit: f3a482b47678819b4a91bb58810c7bc6ef9e6f3e (patch)
tree: c3301f389f7b617859e7a56619d24f6bf798384d /meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch
parent: 0e1f8c2609233b3f95f97d13c7793d7572036c99 (diff)
download: poky-f3a482b47678819b4a91bb58810c7bc6ef9e6f3e.tar.gz
1 files changed, 27 insertions, 0 deletions
diff --git a/meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch b/meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch
new file mode 100644
index 0000000000..124065c7f9
--- /dev/null
+++ b/meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch
@@ -0,0 +1,27 @@
+# commit message copied from openembedded:
+#    commit 246c80637b135f3a113d319b163422f98174ee6c
+#    Author: Khem Raj <raj.khem@gmail.com>
+#    Date:   Wed Jun 9 13:37:03 2010 -0700
+#
+#    shadow-4.1.4.2: Add patches to support dots in login id.
+#    
+#    Signed-off-by: Khem Raj <raj.khem@gmail.com>
+#
+# comment added by Kevin Tian <kevin.tian@intel.com>, 2010-08-11
+http://bugs.gentoo.org/283725
+https://alioth.debian.org/tracker/index.php?func=detail&aid=311740&group_id=30580&atid=411480
+Index: shadow-4.1.4.2/libmisc/env.c
+===================================================================
+--- shadow-4.1.4.2.orig/libmisc/env.c   2009-04-27 13:07:56.000000000 -0700
+++ shadow-4.1.4.2/libmisc/env.c        2010-06-03 17:44:51.456408474 -0700
+@@ -251,7 +251,7 @@ void sanitize_env (void)
+                        if (strncmp (*cur, *bad, strlen (*bad)) != 0) {
+                                continue;
+                        }
+-                       if (strchr (*cur, '/') != NULL) {
+                       if (strchr (*cur, '/') == NULL) {
+                                continue;       /* OK */
+                        }
+                        for (move = cur; NULL != *move; move++) {
author	Yu Ke <ke.yu@intel.com>	2011-02-28 19:34:45 +0800
committer	Saul Wold <sgw@linux.intel.com>	2011-03-01 07:27:31 -0800
commit	f3a482b47678819b4a91bb58810c7bc6ef9e6f3e (patch)
tree	c3301f389f7b617859e7a56619d24f6bf798384d /meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch
parent	0e1f8c2609233b3f95f97d13c7793d7572036c99 (diff)
download	poky-f3a482b47678819b4a91bb58810c7bc6ef9e6f3e.tar.gz

diff --git a/meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch b/meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch new file mode 100644 index 0000000000..124065c7f9 --- /dev/null +++ b/meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch
@@ -0,0 +1,27 @@
	1	# commit message copied from openembedded:
	2	# commit 246c80637b135f3a113d319b163422f98174ee6c
	3	# Author: Khem Raj <raj.khem@gmail.com>
	4	# Date: Wed Jun 9 13:37:03 2010 -0700
	5	#
	6	# shadow-4.1.4.2: Add patches to support dots in login id.
	7	#
	8	# Signed-off-by: Khem Raj <raj.khem@gmail.com>
	9	#
	10	# comment added by Kevin Tian <kevin.tian@intel.com>, 2010-08-11
	11
	12	http://bugs.gentoo.org/283725
	13	https://alioth.debian.org/tracker/index.php?func=detail&aid=311740&group_id=30580&atid=411480
	14
	15	Index: shadow-4.1.4.2/libmisc/env.c
	16	===================================================================
	17	--- shadow-4.1.4.2.orig/libmisc/env.c 2009-04-27 13:07:56.000000000 -0700
	18	+++ shadow-4.1.4.2/libmisc/env.c 2010-06-03 17:44:51.456408474 -0700
	19	@@ -251,7 +251,7 @@ void sanitize_env (void)
	20	if (strncmp (cur, bad, strlen (*bad)) != 0) {
	21	continue;
	22	}
	23	- if (strchr (*cur, '/') != NULL) {
	24	+ if (strchr (*cur, '/') == NULL) {
	25	continue; /* OK */
	26	}
	27	for (move = cur; NULL != *move; move++) {