diff options
author | Yu Ke <ke.yu@intel.com> | 2011-02-28 19:34:45 +0800 |
---|---|---|
committer | Saul Wold <sgw@linux.intel.com> | 2011-03-01 07:27:31 -0800 |
commit | f3a482b47678819b4a91bb58810c7bc6ef9e6f3e (patch) | |
tree | c3301f389f7b617859e7a56619d24f6bf798384d /meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch | |
parent | 0e1f8c2609233b3f95f97d13c7793d7572036c99 (diff) | |
download | poky-f3a482b47678819b4a91bb58810c7bc6ef9e6f3e.tar.gz |
shadow: upgrade to 4.1.4.3 to fix security vulnerability
For CVE-2011-0721: http://lists.debian.org/debian-security-announce/2011/msg00030.html
Signed-off-by: Yu Ke <ke.yu@intel.com>
Diffstat (limited to 'meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch')
-rw-r--r-- | meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch b/meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch new file mode 100644 index 0000000000..124065c7f9 --- /dev/null +++ b/meta/recipes-extended/shadow/files/shadow-4.1.4.2-env-reset-keep-locale.patch | |||
@@ -0,0 +1,27 @@ | |||
1 | # commit message copied from openembedded: | ||
2 | # commit 246c80637b135f3a113d319b163422f98174ee6c | ||
3 | # Author: Khem Raj <raj.khem@gmail.com> | ||
4 | # Date: Wed Jun 9 13:37:03 2010 -0700 | ||
5 | # | ||
6 | # shadow-4.1.4.2: Add patches to support dots in login id. | ||
7 | # | ||
8 | # Signed-off-by: Khem Raj <raj.khem@gmail.com> | ||
9 | # | ||
10 | # comment added by Kevin Tian <kevin.tian@intel.com>, 2010-08-11 | ||
11 | |||
12 | http://bugs.gentoo.org/283725 | ||
13 | https://alioth.debian.org/tracker/index.php?func=detail&aid=311740&group_id=30580&atid=411480 | ||
14 | |||
15 | Index: shadow-4.1.4.2/libmisc/env.c | ||
16 | =================================================================== | ||
17 | --- shadow-4.1.4.2.orig/libmisc/env.c 2009-04-27 13:07:56.000000000 -0700 | ||
18 | +++ shadow-4.1.4.2/libmisc/env.c 2010-06-03 17:44:51.456408474 -0700 | ||
19 | @@ -251,7 +251,7 @@ void sanitize_env (void) | ||
20 | if (strncmp (*cur, *bad, strlen (*bad)) != 0) { | ||
21 | continue; | ||
22 | } | ||
23 | - if (strchr (*cur, '/') != NULL) { | ||
24 | + if (strchr (*cur, '/') == NULL) { | ||
25 | continue; /* OK */ | ||
26 | } | ||
27 | for (move = cur; NULL != *move; move++) { | ||