shadow: upgrade to 4.1.4.3 to fix security vulnerability

For CVE-2011-0721: http://lists.debian.org/debian-security-announce/2011/msg00030.html Signed-off-by: Yu Ke <ke.yu@intel.com>
author: Yu Ke <ke.yu@intel.com> 2011-02-28 19:34:45 +0800
committer: Saul Wold <sgw@linux.intel.com> 2011-03-01 10:01:40 -0800
commit: 87e8e1b31c3b37b82766fff00050930e04c37219 (patch)
tree: 1cb6214f8612b9eeed44c9d31d80ce8f34e32376 /meta/recipes-extended/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch
parent: f68e7a365f5626a462a151710ea151dd460a1683 (diff)
download: poky-87e8e1b31c3b37b82766fff00050930e04c37219.tar.gz
1 files changed, 27 insertions, 0 deletions
diff --git a/meta/recipes-extended/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch b/meta/recipes-extended/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch
new file mode 100644
index 0000000000..f67251c840
--- /dev/null
+++ b/meta/recipes-extended/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch
@@ -0,0 +1,27 @@
+# commit message copied from openembedded:
+#    commit 246c80637b135f3a113d319b163422f98174ee6c
+#    Author: Khem Raj <raj.khem@gmail.com>
+#    Date:   Wed Jun 9 13:37:03 2010 -0700
+#
+#    shadow-4.1.4.2: Add patches to support dots in login id.
+#    
+#    Signed-off-by: Khem Raj <raj.khem@gmail.com>
+#
+# comment added by Kevin Tian <kevin.tian@intel.com>, 2010-08-11
+http://bugs.gentoo.org/show_bug.cgi?id=301957
+https://alioth.debian.org/scm/browser.php?group_id=30580
+Index: shadow-4.1.4.2/src/su.c
+===================================================================
+--- shadow-4.1.4.2.orig/src/su.c        2009-07-23 13:38:56.000000000 -0700
+++ shadow-4.1.4.2/src/su.c     2010-06-03 17:46:47.718944010 -0700
+@@ -378,7 +378,7 @@ int main (int argc, char **argv)
+ #endif
+ #endif                         /* !USE_PAM */
+ 
+-       sanitize_env ();
+       /* sanitize_env (); */
+ 
+        (void) setlocale (LC_ALL, "");
+        (void) bindtextdomain (PACKAGE, LOCALEDIR);
author	Yu Ke <ke.yu@intel.com>	2011-02-28 19:34:45 +0800
committer	Saul Wold <sgw@linux.intel.com>	2011-03-01 10:01:40 -0800
commit	87e8e1b31c3b37b82766fff00050930e04c37219 (patch)
tree	1cb6214f8612b9eeed44c9d31d80ce8f34e32376 /meta/recipes-extended/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch
parent	f68e7a365f5626a462a151710ea151dd460a1683 (diff)
download	poky-87e8e1b31c3b37b82766fff00050930e04c37219.tar.gz

diff --git a/meta/recipes-extended/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch b/meta/recipes-extended/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch new file mode 100644 index 0000000000..f67251c840 --- /dev/null +++ b/meta/recipes-extended/shadow/files/shadow-4.1.4.2-su_no_sanitize_env.patch
@@ -0,0 +1,27 @@
	1	# commit message copied from openembedded:
	2	# commit 246c80637b135f3a113d319b163422f98174ee6c
	3	# Author: Khem Raj <raj.khem@gmail.com>
	4	# Date: Wed Jun 9 13:37:03 2010 -0700
	5	#
	6	# shadow-4.1.4.2: Add patches to support dots in login id.
	7	#
	8	# Signed-off-by: Khem Raj <raj.khem@gmail.com>
	9	#
	10	# comment added by Kevin Tian <kevin.tian@intel.com>, 2010-08-11
	11
	12	http://bugs.gentoo.org/show_bug.cgi?id=301957
	13	https://alioth.debian.org/scm/browser.php?group_id=30580
	14
	15	Index: shadow-4.1.4.2/src/su.c
	16	===================================================================
	17	--- shadow-4.1.4.2.orig/src/su.c 2009-07-23 13:38:56.000000000 -0700
	18	+++ shadow-4.1.4.2/src/su.c 2010-06-03 17:46:47.718944010 -0700
	19	@@ -378,7 +378,7 @@ int main (int argc, char **argv)
	20	#endif
	21	#endif /* !USE_PAM */
	22
	23	- sanitize_env ();
	24	+ /* sanitize_env (); */
	25
	26	(void) setlocale (LC_ALL, "");
	27	(void) bindtextdomain (PACKAGE, LOCALEDIR);