1 files changed, 254 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch b/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch
new file mode 100644
index 0000000000..4bc354d256
--- /dev/null
+++ b/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch
@@ -0,0 +1,254 @@
+From 70fe022f9dac760eaece0228cad17e3d29a57fb8 Mon Sep 17 00:00:00 2001
+From: Simon Josefsson <simon@josefsson.org>
+Date: Mon, 31 Jul 2023 13:59:05 +0200
+Subject: [PATCH] CVE-2023-40303: Indent changes in previous commit.
+CVE: CVE-2023-40303
+Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
+---
+ src/rcp.c    | 42 ++++++++++++++++++++++++------------------
+ src/rlogin.c | 12 ++++++------
+ src/rsh.c    | 24 ++++++++++++------------
+ src/rshd.c   | 24 ++++++++++++------------
+ src/uucpd.c  | 16 ++++++++--------
+ 5 files changed, 62 insertions(+), 56 deletions(-)
+diff --git a/src/rcp.c b/src/rcp.c
+index cdcf8500..652f22e6 100644
+--- a/src/rcp.c
+++ b/src/rcp.c
+@@ -347,9 +347,10 @@ main (int argc, char *argv[])
+       response ();
+ 
+       if (setuid (userid) == -1)
+-      {
+-        error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
+-      }
+       {
+         error (EXIT_FAILURE, 0,
+                "Could not drop privileges (setuid() failed)");
+       }
+ 
+       source (argc, argv);
+       exit (errs);
+@@ -358,9 +359,10 @@ main (int argc, char *argv[])
+   if (to_option)
+     {                          /* Receive data. */
+       if (setuid (userid) == -1)
+-      {
+-        error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
+-      }
+       {
+         error (EXIT_FAILURE, 0,
+                "Could not drop privileges (setuid() failed)");
+       }
+ 
+       sink (argc, argv);
+       exit (errs);
+@@ -548,9 +550,10 @@ toremote (char *targ, int argc, char *argv[])
+              free (bp);
+ 
+              if (setuid (userid) == -1)
+-              {
+-                error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
+-              }
+               {
+                 error (EXIT_FAILURE, 0,
+                        "Could not drop privileges (setuid() failed)");
+               }
+            }
+          source (1, argv + i);
+          close (rem);
+@@ -645,9 +648,10 @@ tolocal (int argc, char *argv[])
+        }
+ 
+       if (seteuid (userid) == -1)
+-      {
+-        error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
+-      }
+       {
+         error (EXIT_FAILURE, 0,
+                "Could not drop privileges (seteuid() failed)");
+       }
+ 
+ #if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
+       sslen = sizeof (ss);
+@@ -663,9 +667,10 @@ tolocal (int argc, char *argv[])
+       sink (1, vect);
+ 
+       if (seteuid (effuid) == -1)
+-      {
+-        error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
+-      }
+       {
+         error (EXIT_FAILURE, 0,
+                "Could not drop privileges (seteuid() failed)");
+       }
+ 
+       close (rem);
+       rem = -1;
+@@ -1465,9 +1470,10 @@ susystem (char *s, int userid)
+ 
+     case 0:
+       if (setuid (userid) == -1)
+-      {
+-        error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
+-      }
+       {
+         error (EXIT_FAILURE, 0,
+                "Could not drop privileges (setuid() failed)");
+       }
+ 
+       execl (PATH_BSHELL, "sh", "-c", s, NULL);
+       _exit (127);
+diff --git a/src/rlogin.c b/src/rlogin.c
+index c543de0c..4360202f 100644
+--- a/src/rlogin.c
+++ b/src/rlogin.c
+@@ -648,14 +648,14 @@ try_connect:
+      to get the privileged port that rcmd () uses.  We now want, however,
+      to run as the real user who invoked us.  */
+   if (seteuid (uid) == -1)
+-  {
+-    error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
+-  }
+    {
+      error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
+    }
+ 
+   if (setuid (uid) == -1)
+-  {
+-    error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
+-  }
+    {
+      error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
+    }
+ 
+   doit (&osmask);      /* The old mask will activate SIGURG and SIGUSR1!  */
+ 
+diff --git a/src/rsh.c b/src/rsh.c
+index 6f60667d..179b47cd 100644
+--- a/src/rsh.c
+++ b/src/rsh.c
+@@ -278,14 +278,14 @@ main (int argc, char **argv)
+        *argv = (char *) "rlogin";
+ 
+       if (seteuid (getuid ()) == -1)
+-      {
+-        error (EXIT_FAILURE, errno, "seteuid() failed");
+-      }
+       {
+         error (EXIT_FAILURE, errno, "seteuid() failed");
+       }
+ 
+       if (setuid (getuid ()) == -1)
+-      {
+-        error (EXIT_FAILURE, errno, "setuid() failed");
+-      }
+       {
+         error (EXIT_FAILURE, errno, "setuid() failed");
+       }
+ 
+       execv (PATH_RLOGIN, argv);
+       error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN);
+@@ -551,14 +551,14 @@ try_connect:
+     }
+ 
+   if (seteuid (uid) == -1)
+-  {
+-    error (EXIT_FAILURE, errno, "seteuid() failed");
+-  }
+    {
+      error (EXIT_FAILURE, errno, "seteuid() failed");
+    }
+ 
+   if (setuid (uid) == -1)
+-  {
+-    error (EXIT_FAILURE, errno, "setuid() failed");
+-  }
+    {
+      error (EXIT_FAILURE, errno, "setuid() failed");
+    }
+ 
+ #ifdef HAVE_SIGACTION
+   sigemptyset (&sigs);
+diff --git a/src/rshd.c b/src/rshd.c
+index 707790e7..3a153a18 100644
+--- a/src/rshd.c
+++ b/src/rshd.c
+@@ -1848,16 +1848,16 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
+ 
+   /* Set the gid, then uid to become the user specified by "locuser" */
+   if (setegid ((gid_t) pwd->pw_gid) == -1)
+-  {
+-    rshd_error ("Cannot drop privileges (setegid() failed)\n");
+-    exit (EXIT_FAILURE);
+-  }
+    {
+      rshd_error ("Cannot drop privileges (setegid() failed)\n");
+      exit (EXIT_FAILURE);
+    }
+ 
+   if (setgid ((gid_t) pwd->pw_gid) == -1)
+-  {
+-    rshd_error ("Cannot drop privileges (setgid() failed)\n");
+-    exit (EXIT_FAILURE);
+-  }
+    {
+      rshd_error ("Cannot drop privileges (setgid() failed)\n");
+      exit (EXIT_FAILURE);
+    }
+ 
+ #ifdef HAVE_INITGROUPS
+   initgroups (pwd->pw_name, pwd->pw_gid);      /* BSD groups */
+@@ -1881,10 +1881,10 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
+ #endif /* WITH_PAM */
+ 
+   if (setuid ((uid_t) pwd->pw_uid) == -1)
+-  {
+-    rshd_error ("Cannot drop privileges (setuid() failed)\n");
+-    exit (EXIT_FAILURE);
+-  }
+    {
+      rshd_error ("Cannot drop privileges (setuid() failed)\n");
+      exit (EXIT_FAILURE);
+    }
+ 
+   /* We'll execute the client's command in the home directory
+    * of locuser. Note, that the chdir must be executed after
+diff --git a/src/uucpd.c b/src/uucpd.c
+index 29cfce35..fde7b9c9 100644
+--- a/src/uucpd.c
+++ b/src/uucpd.c
+@@ -254,10 +254,10 @@ doit (struct sockaddr *sap, socklen_t salen)
+   dologin (pw, sap, salen);
+ 
+   if (setgid (pw->pw_gid) == -1)
+-  {
+-    fprintf (stderr, "setgid() failed");
+-    return;
+-  }
+    {
+      fprintf (stderr, "setgid() failed");
+      return;
+    }
+ #ifdef HAVE_INITGROUPS
+   initgroups (pw->pw_name, pw->pw_gid);
+ #endif
+@@ -268,10 +268,10 @@ doit (struct sockaddr *sap, socklen_t salen)
+     }
+ 
+   if (setuid (pw->pw_uid) == -1)
+-  {
+-    fprintf (stderr, "setuid() failed");
+-    return;
+-  }
+    {
+      fprintf (stderr, "setuid() failed");
+      return;
+    }
+ 
+   execl (uucico_location, "uucico", NULL);
+   perror ("uucico server: execl");

diff --git a/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch b/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch new file mode 100644 index 0000000000..4bc354d256 --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch
@@ -0,0 +1,254 @@
	1	From 70fe022f9dac760eaece0228cad17e3d29a57fb8 Mon Sep 17 00:00:00 2001
	2	From: Simon Josefsson <simon@josefsson.org>
	3	Date: Mon, 31 Jul 2023 13:59:05 +0200
	4	Subject: [PATCH] CVE-2023-40303: Indent changes in previous commit.
	5
	6	CVE: CVE-2023-40303
	7	Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d]
	8	Signed-off-by: Khem Raj <raj.khem@gmail.com>
	9	Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
	10	---
	11	src/rcp.c \| 42 ++++++++++++++++++++++++------------------
	12	src/rlogin.c \| 12 ++++++------
	13	src/rsh.c \| 24 ++++++++++++------------
	14	src/rshd.c \| 24 ++++++++++++------------
	15	src/uucpd.c \| 16 ++++++++--------
	16	5 files changed, 62 insertions(+), 56 deletions(-)
	17
	18	diff --git a/src/rcp.c b/src/rcp.c
	19	index cdcf8500..652f22e6 100644
	20	--- a/src/rcp.c
	21	+++ b/src/rcp.c
	22	@@ -347,9 +347,10 @@ main (int argc, char *argv[])
	23	response ();
	24
	25	if (setuid (userid) == -1)
	26	- {
	27	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
	28	- }
	29	+ {
	30	+ error (EXIT_FAILURE, 0,
	31	+ "Could not drop privileges (setuid() failed)");
	32	+ }
	33
	34	source (argc, argv);
	35	exit (errs);
	36	@@ -358,9 +359,10 @@ main (int argc, char *argv[])
	37	if (to_option)
	38	{ /* Receive data. */
	39	if (setuid (userid) == -1)
	40	- {
	41	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
	42	- }
	43	+ {
	44	+ error (EXIT_FAILURE, 0,
	45	+ "Could not drop privileges (setuid() failed)");
	46	+ }
	47
	48	sink (argc, argv);
	49	exit (errs);
	50	@@ -548,9 +550,10 @@ toremote (char targ, int argc, char argv[])
	51	free (bp);
	52
	53	if (setuid (userid) == -1)
	54	- {
	55	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
	56	- }
	57	+ {
	58	+ error (EXIT_FAILURE, 0,
	59	+ "Could not drop privileges (setuid() failed)");
	60	+ }
	61	}
	62	source (1, argv + i);
	63	close (rem);
	64	@@ -645,9 +648,10 @@ tolocal (int argc, char *argv[])
	65	}
	66
	67	if (seteuid (userid) == -1)
	68	- {
	69	- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
	70	- }
	71	+ {
	72	+ error (EXIT_FAILURE, 0,
	73	+ "Could not drop privileges (seteuid() failed)");
	74	+ }
	75
	76	#if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
	77	sslen = sizeof (ss);
	78	@@ -663,9 +667,10 @@ tolocal (int argc, char *argv[])
	79	sink (1, vect);
	80
	81	if (seteuid (effuid) == -1)
	82	- {
	83	- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
	84	- }
	85	+ {
	86	+ error (EXIT_FAILURE, 0,
	87	+ "Could not drop privileges (seteuid() failed)");
	88	+ }
	89
	90	close (rem);
	91	rem = -1;
	92	@@ -1465,9 +1470,10 @@ susystem (char *s, int userid)
	93
	94	case 0:
	95	if (setuid (userid) == -1)
	96	- {
	97	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
	98	- }
	99	+ {
	100	+ error (EXIT_FAILURE, 0,
	101	+ "Could not drop privileges (setuid() failed)");
	102	+ }
	103
	104	execl (PATH_BSHELL, "sh", "-c", s, NULL);
	105	_exit (127);
	106	diff --git a/src/rlogin.c b/src/rlogin.c
	107	index c543de0c..4360202f 100644
	108	--- a/src/rlogin.c
	109	+++ b/src/rlogin.c
	110	@@ -648,14 +648,14 @@ try_connect:
	111	to get the privileged port that rcmd () uses. We now want, however,
	112	to run as the real user who invoked us. */
	113	if (seteuid (uid) == -1)
	114	- {
	115	- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
	116	- }
	117	+ {
	118	+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
	119	+ }
	120
	121	if (setuid (uid) == -1)
	122	- {
	123	- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
	124	- }
	125	+ {
	126	+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
	127	+ }
	128
	129	doit (&osmask); /* The old mask will activate SIGURG and SIGUSR1! */
	130
	131	diff --git a/src/rsh.c b/src/rsh.c
	132	index 6f60667d..179b47cd 100644
	133	--- a/src/rsh.c
	134	+++ b/src/rsh.c
	135	@@ -278,14 +278,14 @@ main (int argc, char **argv)
	136	argv = (char ) "rlogin";
	137
	138	if (seteuid (getuid ()) == -1)
	139	- {
	140	- error (EXIT_FAILURE, errno, "seteuid() failed");
	141	- }
	142	+ {
	143	+ error (EXIT_FAILURE, errno, "seteuid() failed");
	144	+ }
	145
	146	if (setuid (getuid ()) == -1)
	147	- {
	148	- error (EXIT_FAILURE, errno, "setuid() failed");
	149	- }
	150	+ {
	151	+ error (EXIT_FAILURE, errno, "setuid() failed");
	152	+ }
	153
	154	execv (PATH_RLOGIN, argv);
	155	error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN);
	156	@@ -551,14 +551,14 @@ try_connect:
	157	}
	158
	159	if (seteuid (uid) == -1)
	160	- {
	161	- error (EXIT_FAILURE, errno, "seteuid() failed");
	162	- }
	163	+ {
	164	+ error (EXIT_FAILURE, errno, "seteuid() failed");
	165	+ }
	166
	167	if (setuid (uid) == -1)
	168	- {
	169	- error (EXIT_FAILURE, errno, "setuid() failed");
	170	- }
	171	+ {
	172	+ error (EXIT_FAILURE, errno, "setuid() failed");
	173	+ }
	174
	175	#ifdef HAVE_SIGACTION
	176	sigemptyset (&sigs);
	177	diff --git a/src/rshd.c b/src/rshd.c
	178	index 707790e7..3a153a18 100644
	179	--- a/src/rshd.c
	180	+++ b/src/rshd.c
	181	@@ -1848,16 +1848,16 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
	182
	183	/* Set the gid, then uid to become the user specified by "locuser" */
	184	if (setegid ((gid_t) pwd->pw_gid) == -1)
	185	- {
	186	- rshd_error ("Cannot drop privileges (setegid() failed)\n");
	187	- exit (EXIT_FAILURE);
	188	- }
	189	+ {
	190	+ rshd_error ("Cannot drop privileges (setegid() failed)\n");
	191	+ exit (EXIT_FAILURE);
	192	+ }
	193
	194	if (setgid ((gid_t) pwd->pw_gid) == -1)
	195	- {
	196	- rshd_error ("Cannot drop privileges (setgid() failed)\n");
	197	- exit (EXIT_FAILURE);
	198	- }
	199	+ {
	200	+ rshd_error ("Cannot drop privileges (setgid() failed)\n");
	201	+ exit (EXIT_FAILURE);
	202	+ }
	203
	204	#ifdef HAVE_INITGROUPS
	205	initgroups (pwd->pw_name, pwd->pw_gid); /* BSD groups */
	206	@@ -1881,10 +1881,10 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
	207	#endif /* WITH_PAM */
	208
	209	if (setuid ((uid_t) pwd->pw_uid) == -1)
	210	- {
	211	- rshd_error ("Cannot drop privileges (setuid() failed)\n");
	212	- exit (EXIT_FAILURE);
	213	- }
	214	+ {
	215	+ rshd_error ("Cannot drop privileges (setuid() failed)\n");
	216	+ exit (EXIT_FAILURE);
	217	+ }
	218
	219	/* We'll execute the client's command in the home directory
	220	* of locuser. Note, that the chdir must be executed after
	221	diff --git a/src/uucpd.c b/src/uucpd.c
	222	index 29cfce35..fde7b9c9 100644
	223	--- a/src/uucpd.c
	224	+++ b/src/uucpd.c
	225	@@ -254,10 +254,10 @@ doit (struct sockaddr *sap, socklen_t salen)
	226	dologin (pw, sap, salen);
	227
	228	if (setgid (pw->pw_gid) == -1)
	229	- {
	230	- fprintf (stderr, "setgid() failed");
	231	- return;
	232	- }
	233	+ {
	234	+ fprintf (stderr, "setgid() failed");
	235	+ return;
	236	+ }
	237	#ifdef HAVE_INITGROUPS
	238	initgroups (pw->pw_name, pw->pw_gid);
	239	#endif
	240	@@ -268,10 +268,10 @@ doit (struct sockaddr *sap, socklen_t salen)
	241	}
	242
	243	if (setuid (pw->pw_uid) == -1)
	244	- {
	245	- fprintf (stderr, "setuid() failed");
	246	- return;
	247	- }
	248	+ {
	249	+ fprintf (stderr, "setuid() failed");
	250	+ return;
	251	+ }
	252
	253	execl (uucico_location, "uucico", NULL);
	254	perror ("uucico server: execl");