diff options
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch | 52 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch | 41 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch | 65 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/CVE-2023-29383.patch | 53 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/CVE-2023-4641.patch | 147 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch | 16 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/shadow.inc | 20 | ||||
-rw-r--r-- | meta/recipes-extended/shadow/shadow_4.14.2.bb (renamed from meta/recipes-extended/shadow/shadow_4.13.bb) | 0 |
8 files changed, 16 insertions, 378 deletions
diff --git a/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch b/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch deleted file mode 100644 index fa1532c831..0000000000 --- a/meta/recipes-extended/shadow/files/0001-Disable-use-of-syslog-for-sysroot.patch +++ /dev/null | |||
@@ -1,52 +0,0 @@ | |||
1 | From 85d0444229ee3d14fefcf10d093f49c862826f82 Mon Sep 17 00:00:00 2001 | ||
2 | From: Richard Purdie <richard.purdie@linuxfoundation.org> | ||
3 | Date: Thu, 14 Apr 2022 23:11:53 +0000 | ||
4 | Subject: [PATCH] Disable use of syslog for shadow-native tools | ||
5 | |||
6 | Disable use of syslog to prevent sysroot user and group additions from | ||
7 | writing entries to the host's syslog. This patch should only be used | ||
8 | with the shadow-native recipe. | ||
9 | |||
10 | Upstream-Status: Inappropriate [OE specific configuration] | ||
11 | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> | ||
12 | Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> | ||
13 | |||
14 | --- | ||
15 | configure.ac | 2 +- | ||
16 | src/login_nopam.c | 3 ++- | ||
17 | 2 files changed, 3 insertions(+), 2 deletions(-) | ||
18 | |||
19 | diff --git a/configure.ac b/configure.ac | ||
20 | index 924254a..603af81 100644 | ||
21 | --- a/configure.ac | ||
22 | +++ b/configure.ac | ||
23 | @@ -191,7 +191,7 @@ AC_DEFINE_UNQUOTED(PASSWD_PROGRAM, "$shadow_cv_passwd_dir/passwd", | ||
24 | [Path to passwd program.]) | ||
25 | |||
26 | dnl XXX - quick hack, should disappear before anyone notices :). | ||
27 | -AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().]) | ||
28 | +#AC_DEFINE(USE_SYSLOG, 1, [Define to use syslog().]) | ||
29 | if test "$ac_cv_func_ruserok" = "yes"; then | ||
30 | AC_DEFINE(RLOGIN, 1, [Define if login should support the -r flag for rlogind.]) | ||
31 | AC_DEFINE(RUSEROK, 0, [Define to the ruserok() "success" return value (0 or 1).]) | ||
32 | diff --git a/src/login_nopam.c b/src/login_nopam.c | ||
33 | index df6ba88..fc24e13 100644 | ||
34 | --- a/src/login_nopam.c | ||
35 | +++ b/src/login_nopam.c | ||
36 | @@ -29,7 +29,6 @@ | ||
37 | #ifndef USE_PAM | ||
38 | #ident "$Id$" | ||
39 | |||
40 | -#include "prototypes.h" | ||
41 | /* | ||
42 | * This module implements a simple but effective form of login access | ||
43 | * control based on login names and on host (or domain) names, internet | ||
44 | @@ -57,6 +56,8 @@ | ||
45 | #include <netinet/in.h> | ||
46 | #include <arpa/inet.h> /* for inet_ntoa() */ | ||
47 | |||
48 | +#include "prototypes.h" | ||
49 | + | ||
50 | #if !defined(MAXHOSTNAMELEN) || (MAXHOSTNAMELEN < 64) | ||
51 | #undef MAXHOSTNAMELEN | ||
52 | #define MAXHOSTNAMELEN 256 | ||
diff --git a/meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch b/meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch deleted file mode 100644 index 89f9c05c8d..0000000000 --- a/meta/recipes-extended/shadow/files/0001-Fix-can-not-print-full-login.patch +++ /dev/null | |||
@@ -1,41 +0,0 @@ | |||
1 | commit 670cae834827a8f794e6f7464fa57790d911b63c | ||
2 | Author: SoumyaWind <121475834+SoumyaWind@users.noreply.github.com> | ||
3 | Date: Tue Dec 27 17:40:17 2022 +0530 | ||
4 | |||
5 | shadow: Fix can not print full login timeout message | ||
6 | |||
7 | Login timed out message prints only first few bytes when write is immediately followed by exit. | ||
8 | Calling exit from new handler provides enough time to display full message. | ||
9 | |||
10 | Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/670cae834827a8f794e6f7464fa57790d911b63c] | ||
11 | |||
12 | diff --git a/src/login.c b/src/login.c | ||
13 | index 116e2cb3..c55f4de0 100644 | ||
14 | --- a/src/login.c | ||
15 | +++ b/src/login.c | ||
16 | @@ -120,6 +120,7 @@ static void get_pam_user (char **ptr_pam_user); | ||
17 | |||
18 | static void init_env (void); | ||
19 | static void alarm_handler (int); | ||
20 | +static void exit_handler (int); | ||
21 | |||
22 | /* | ||
23 | * usage - print login command usage and exit | ||
24 | @@ -391,11 +392,16 @@ static void init_env (void) | ||
25 | #endif /* !USE_PAM */ | ||
26 | } | ||
27 | |||
28 | +static void exit_handler (unused int sig) | ||
29 | +{ | ||
30 | + _exit (0); | ||
31 | +} | ||
32 | |||
33 | static void alarm_handler (unused int sig) | ||
34 | { | ||
35 | write (STDERR_FILENO, tmsg, strlen (tmsg)); | ||
36 | - _exit (0); | ||
37 | + signal(SIGALRM, exit_handler); | ||
38 | + alarm(2); | ||
39 | } | ||
40 | |||
41 | #ifdef USE_PAM | ||
diff --git a/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch b/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch deleted file mode 100644 index ac08be515b..0000000000 --- a/meta/recipes-extended/shadow/files/0001-Overhaul-valid_field.patch +++ /dev/null | |||
@@ -1,65 +0,0 @@ | |||
1 | From 2eaea70111f65b16d55998386e4ceb4273c19eb4 Mon Sep 17 00:00:00 2001 | ||
2 | From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com> | ||
3 | Date: Fri, 31 Mar 2023 14:46:50 +0200 | ||
4 | Subject: [PATCH] Overhaul valid_field() | ||
5 | |||
6 | e5905c4b ("Added control character check") introduced checking for | ||
7 | control characters but had the logic inverted, so it rejects all | ||
8 | characters that are not control ones. | ||
9 | |||
10 | Cast the character to `unsigned char` before passing to the character | ||
11 | checking functions to avoid UB. | ||
12 | |||
13 | Use strpbrk(3) for the illegal character test and return early. | ||
14 | |||
15 | Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/2eaea70111f65b16d55998386e4ceb4273c19eb4] | ||
16 | |||
17 | Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> | ||
18 | --- | ||
19 | lib/fields.c | 24 ++++++++++-------------- | ||
20 | 1 file changed, 10 insertions(+), 14 deletions(-) | ||
21 | |||
22 | diff --git a/lib/fields.c b/lib/fields.c | ||
23 | index fb51b582..53929248 100644 | ||
24 | --- a/lib/fields.c | ||
25 | +++ b/lib/fields.c | ||
26 | @@ -37,26 +37,22 @@ int valid_field (const char *field, const char *illegal) | ||
27 | |||
28 | /* For each character of field, search if it appears in the list | ||
29 | * of illegal characters. */ | ||
30 | + if (illegal && NULL != strpbrk (field, illegal)) { | ||
31 | + return -1; | ||
32 | + } | ||
33 | + | ||
34 | + /* Search if there are non-printable or control characters */ | ||
35 | for (cp = field; '\0' != *cp; cp++) { | ||
36 | - if (strchr (illegal, *cp) != NULL) { | ||
37 | + unsigned char c = *cp; | ||
38 | + if (!isprint (c)) { | ||
39 | + err = 1; | ||
40 | + } | ||
41 | + if (iscntrl (c)) { | ||
42 | err = -1; | ||
43 | break; | ||
44 | } | ||
45 | } | ||
46 | |||
47 | - if (0 == err) { | ||
48 | - /* Search if there are non-printable or control characters */ | ||
49 | - for (cp = field; '\0' != *cp; cp++) { | ||
50 | - if (!isprint (*cp)) { | ||
51 | - err = 1; | ||
52 | - } | ||
53 | - if (!iscntrl (*cp)) { | ||
54 | - err = -1; | ||
55 | - break; | ||
56 | - } | ||
57 | - } | ||
58 | - } | ||
59 | - | ||
60 | return err; | ||
61 | } | ||
62 | |||
63 | -- | ||
64 | 2.34.1 | ||
65 | |||
diff --git a/meta/recipes-extended/shadow/files/CVE-2023-29383.patch b/meta/recipes-extended/shadow/files/CVE-2023-29383.patch deleted file mode 100644 index f53341d3fc..0000000000 --- a/meta/recipes-extended/shadow/files/CVE-2023-29383.patch +++ /dev/null | |||
@@ -1,53 +0,0 @@ | |||
1 | From e5905c4b84d4fb90aefcd96ee618411ebfac663d Mon Sep 17 00:00:00 2001 | ||
2 | From: tomspiderlabs <128755403+tomspiderlabs@users.noreply.github.com> | ||
3 | Date: Thu, 23 Mar 2023 23:39:38 +0000 | ||
4 | Subject: [PATCH] Added control character check | ||
5 | |||
6 | Added control character check, returning -1 (to "err") if control characters are present. | ||
7 | |||
8 | CVE: CVE-2023-29383 | ||
9 | Upstream-Status: Backport | ||
10 | |||
11 | Reference to upstream: | ||
12 | https://github.com/shadow-maint/shadow/commit/e5905c4b84d4fb90aefcd96ee618411ebfac663d | ||
13 | |||
14 | Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> | ||
15 | --- | ||
16 | lib/fields.c | 11 +++++++---- | ||
17 | 1 file changed, 7 insertions(+), 4 deletions(-) | ||
18 | |||
19 | diff --git a/lib/fields.c b/lib/fields.c | ||
20 | index 640be931..fb51b582 100644 | ||
21 | --- a/lib/fields.c | ||
22 | +++ b/lib/fields.c | ||
23 | @@ -21,9 +21,9 @@ | ||
24 | * | ||
25 | * The supplied field is scanned for non-printable and other illegal | ||
26 | * characters. | ||
27 | - * + -1 is returned if an illegal character is present. | ||
28 | - * + 1 is returned if no illegal characters are present, but the field | ||
29 | - * contains a non-printable character. | ||
30 | + * + -1 is returned if an illegal or control character is present. | ||
31 | + * + 1 is returned if no illegal or control characters are present, | ||
32 | + * but the field contains a non-printable character. | ||
33 | * + 0 is returned otherwise. | ||
34 | */ | ||
35 | int valid_field (const char *field, const char *illegal) | ||
36 | @@ -45,10 +45,13 @@ int valid_field (const char *field, const char *illegal) | ||
37 | } | ||
38 | |||
39 | if (0 == err) { | ||
40 | - /* Search if there are some non-printable characters */ | ||
41 | + /* Search if there are non-printable or control characters */ | ||
42 | for (cp = field; '\0' != *cp; cp++) { | ||
43 | if (!isprint (*cp)) { | ||
44 | err = 1; | ||
45 | + } | ||
46 | + if (!iscntrl (*cp)) { | ||
47 | + err = -1; | ||
48 | break; | ||
49 | } | ||
50 | } | ||
51 | -- | ||
52 | 2.34.1 | ||
53 | |||
diff --git a/meta/recipes-extended/shadow/files/CVE-2023-4641.patch b/meta/recipes-extended/shadow/files/CVE-2023-4641.patch deleted file mode 100644 index 1fabfe928e..0000000000 --- a/meta/recipes-extended/shadow/files/CVE-2023-4641.patch +++ /dev/null | |||
@@ -1,147 +0,0 @@ | |||
1 | From 25dbe2ce166a13322b7536ff2f738786ea2e61e7 Mon Sep 17 00:00:00 2001 | ||
2 | From: Alejandro Colomar <alx@kernel.org> | ||
3 | Date: Sat, 10 Jun 2023 16:20:05 +0200 | ||
4 | Subject: [PATCH] gpasswd(1): Fix password leak | ||
5 | |||
6 | How to trigger this password leak? | ||
7 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
8 | |||
9 | When gpasswd(1) asks for the new password, it asks twice (as is usual | ||
10 | for confirming the new password). Each of those 2 password prompts | ||
11 | uses agetpass() to get the password. If the second agetpass() fails, | ||
12 | the first password, which has been copied into the 'static' buffer | ||
13 | 'pass' via STRFCPY(), wasn't being zeroed. | ||
14 | |||
15 | agetpass() is defined in <./libmisc/agetpass.c> (around line 91), and | ||
16 | can fail for any of the following reasons: | ||
17 | |||
18 | - malloc(3) or readpassphrase(3) failure. | ||
19 | |||
20 | These are going to be difficult to trigger. Maybe getting the system | ||
21 | to the limits of memory utilization at that exact point, so that the | ||
22 | next malloc(3) gets ENOMEM, and possibly even the OOM is triggered. | ||
23 | About readpassphrase(3), ENFILE and EINTR seem the only plausible | ||
24 | ones, and EINTR probably requires privilege or being the same user; | ||
25 | but I wouldn't discard ENFILE so easily, if a process starts opening | ||
26 | files. | ||
27 | |||
28 | - The password is longer than PASS_MAX. | ||
29 | |||
30 | The is plausible with physical access. However, at that point, a | ||
31 | keylogger will be a much simpler attack. | ||
32 | |||
33 | And, the attacker must be able to know when the second password is being | ||
34 | introduced, which is not going to be easy. | ||
35 | |||
36 | How to read the password after the leak? | ||
37 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | ||
38 | |||
39 | Provoking the leak yourself at the right point by entering a very long | ||
40 | password is easy, and inspecting the process stack at that point should | ||
41 | be doable. Try to find some consistent patterns. | ||
42 | |||
43 | Then, search for those patterns in free memory, right after the victim | ||
44 | leaks their password. | ||
45 | |||
46 | Once you get the leak, a program should read all the free memory | ||
47 | searching for patterns that gpasswd(1) leaves nearby the leaked | ||
48 | password. | ||
49 | |||
50 | On 6/10/23 03:14, Seth Arnold wrote: | ||
51 | > An attacker process wouldn't be able to use malloc(3) for this task. | ||
52 | > There's a handful of tools available for userspace to allocate memory: | ||
53 | > | ||
54 | > - brk / sbrk | ||
55 | > - mmap MAP_ANONYMOUS | ||
56 | > - mmap /dev/zero | ||
57 | > - mmap some other file | ||
58 | > - shm_open | ||
59 | > - shmget | ||
60 | > | ||
61 | > Most of these return only pages of zeros to a process. Using mmap of an | ||
62 | > existing file, you can get some of the contents of the file demand-loaded | ||
63 | > into the memory space on the first use. | ||
64 | > | ||
65 | > The MAP_UNINITIALIZED flag only works if the kernel was compiled with | ||
66 | > CONFIG_MMAP_ALLOW_UNINITIALIZED. This is rare. | ||
67 | > | ||
68 | > malloc(3) doesn't zero memory, to our collective frustration, but all the | ||
69 | > garbage in the allocations is from previous allocations in the current | ||
70 | > process. It isn't leftover from other processes. | ||
71 | > | ||
72 | > The avenues available for reading the memory: | ||
73 | > - /dev/mem and /dev/kmem (requires root, not available with Secure Boot) | ||
74 | > - /proc/pid/mem (requires ptrace privileges, mediated by YAMA) | ||
75 | > - ptrace (requires ptrace privileges, mediated by YAMA) | ||
76 | > - causing memory to be swapped to disk, and then inspecting the swap | ||
77 | > | ||
78 | > These all require a certain amount of privileges. | ||
79 | |||
80 | How to fix it? | ||
81 | ~~~~~~~~~~~~~~ | ||
82 | |||
83 | memzero(), which internally calls explicit_bzero(3), or whatever | ||
84 | alternative the system provides with a slightly different name, will | ||
85 | make sure that the buffer is zeroed in memory, and optimizations are not | ||
86 | allowed to impede this zeroing. | ||
87 | |||
88 | This is not really 100% effective, since compilers may place copies of | ||
89 | the string somewhere hidden in the stack. Those copies won't get zeroed | ||
90 | by explicit_bzero(3). However, that's arguably a compiler bug, since | ||
91 | compilers should make everything possible to avoid optimizing strings | ||
92 | that are later passed to explicit_bzero(3). But we all know that | ||
93 | sometimes it's impossible to have perfect knowledge in the compiler, so | ||
94 | this is plausible. Nevertheless, there's nothing we can do against such | ||
95 | issues, except minimizing the time such passwords are stored in plain | ||
96 | text. | ||
97 | |||
98 | Security concerns | ||
99 | ~~~~~~~~~~~~~~~~~ | ||
100 | |||
101 | We believe this isn't easy to exploit. Nevertheless, and since the fix | ||
102 | is trivial, this fix should probably be applied soon, and backported to | ||
103 | all supported distributions, to prevent someone else having more | ||
104 | imagination than us to find a way. | ||
105 | |||
106 | Affected versions | ||
107 | ~~~~~~~~~~~~~~~~~ | ||
108 | |||
109 | All. Bug introduced in shadow 19990709. That's the second commit in | ||
110 | the git history. | ||
111 | |||
112 | Fixes: 45c6603cc86c ("[svn-upgrade] Integrating new upstream version, shadow (19990709)") | ||
113 | |||
114 | CVE: CVE-2023-4641 | ||
115 | Upstream-Status: Backport [https://github.com/shadow-maint/shadow/commit/65c88a43a23c2391dcc90c0abda3e839e9c57904] | ||
116 | |||
117 | Reported-by: Alejandro Colomar <alx@kernel.org> | ||
118 | Cc: Serge Hallyn <serge@hallyn.com> | ||
119 | Cc: Iker Pedrosa <ipedrosa@redhat.com> | ||
120 | Cc: Seth Arnold <seth.arnold@canonical.com> | ||
121 | Cc: Christian Brauner <christian@brauner.io> | ||
122 | Cc: Balint Reczey <rbalint@debian.org> | ||
123 | Cc: Sam James <sam@gentoo.org> | ||
124 | Cc: David Runge <dvzrv@archlinux.org> | ||
125 | Cc: Andreas Jaeger <aj@suse.de> | ||
126 | Cc: <~hallyn/shadow@lists.sr.ht> | ||
127 | Signed-off-by: Alejandro Colomar <alx@kernel.org> | ||
128 | Signed-off-by: Xiangyu Chen <xiangyu.chen@windriver.com> | ||
129 | --- | ||
130 | src/gpasswd.c | 1 + | ||
131 | 1 file changed, 1 insertion(+) | ||
132 | |||
133 | diff --git a/src/gpasswd.c b/src/gpasswd.c | ||
134 | index 5983f787..2d8869ef 100644 | ||
135 | --- a/src/gpasswd.c | ||
136 | +++ b/src/gpasswd.c | ||
137 | @@ -896,6 +896,7 @@ static void change_passwd (struct group *gr) | ||
138 | strzero (cp); | ||
139 | cp = getpass (_("Re-enter new password: ")); | ||
140 | if (NULL == cp) { | ||
141 | + memzero (pass, sizeof pass); | ||
142 | exit (1); | ||
143 | } | ||
144 | |||
145 | -- | ||
146 | 2.34.1 | ||
147 | |||
diff --git a/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch b/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch index 85d9175105..4a932d2dbb 100644 --- a/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch +++ b/meta/recipes-extended/shadow/files/commonio.c-fix-unexpected-open-failure-in-chroot-env.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 21583da072aa66901d859ac00ce209bac87ddecc Mon Sep 17 00:00:00 2001 | 1 | From a773c6b240d27e23d6be41decef0edf24fcee523 Mon Sep 17 00:00:00 2001 |
2 | From: Chen Qi <Qi.Chen@windriver.com> | 2 | From: Chen Qi <Qi.Chen@windriver.com> |
3 | Date: Thu, 17 Jul 2014 15:53:34 +0800 | 3 | Date: Thu, 17 Jul 2014 15:53:34 +0800 |
4 | Subject: [PATCH] commonio.c-fix-unexpected-open-failure-in-chroot-env | 4 | Subject: [PATCH] commonio.c-fix-unexpected-open-failure-in-chroot-env |
@@ -15,35 +15,37 @@ Note that this patch doesn't change the logic in the code, it just expands | |||
15 | the codes. | 15 | the codes. |
16 | 16 | ||
17 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> | 17 | Signed-off-by: Chen Qi <Qi.Chen@windriver.com> |
18 | |||
19 | --- | 18 | --- |
20 | lib/commonio.c | 16 ++++++++++++---- | 19 | lib/commonio.c | 16 ++++++++++++---- |
21 | 1 file changed, 12 insertions(+), 4 deletions(-) | 20 | 1 file changed, 12 insertions(+), 4 deletions(-) |
22 | 21 | ||
23 | diff --git a/lib/commonio.c b/lib/commonio.c | 22 | diff --git a/lib/commonio.c b/lib/commonio.c |
24 | index 9a02ce1..61384ec 100644 | 23 | index 73fdb3a..d1231e9 100644 |
25 | --- a/lib/commonio.c | 24 | --- a/lib/commonio.c |
26 | +++ b/lib/commonio.c | 25 | +++ b/lib/commonio.c |
27 | @@ -616,10 +616,18 @@ int commonio_open (struct commonio_db *db, int mode) | 26 | @@ -606,10 +606,18 @@ int commonio_open (struct commonio_db *db, int mode) |
28 | db->cursor = NULL; | 27 | db->cursor = NULL; |
29 | db->changed = false; | 28 | db->changed = false; |
30 | 29 | ||
31 | - fd = open (db->filename, | 30 | - fd = open (db->filename, |
32 | - (db->readonly ? O_RDONLY : O_RDWR) | 31 | - (db->readonly ? O_RDONLY : O_RDWR) |
33 | - | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW); | 32 | - | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW | O_CLOEXEC); |
34 | - saved_errno = errno; | 33 | - saved_errno = errno; |
35 | + if (db->readonly) { | 34 | + if (db->readonly) { |
36 | + fd = open (db->filename, | 35 | + fd = open (db->filename, |
37 | + (true ? O_RDONLY : O_RDWR) | 36 | + (true ? O_RDONLY : O_RDWR) |
38 | + | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW); | 37 | + | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW | O_CLOEXEC); |
39 | + saved_errno = errno; | 38 | + saved_errno = errno; |
40 | + } else { | 39 | + } else { |
41 | + fd = open (db->filename, | 40 | + fd = open (db->filename, |
42 | + (false ? O_RDONLY : O_RDWR) | 41 | + (false ? O_RDONLY : O_RDWR) |
43 | + | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW); | 42 | + | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW| O_CLOEXEC); |
44 | + saved_errno = errno; | 43 | + saved_errno = errno; |
45 | + } | 44 | + } |
46 | + | 45 | + |
47 | db->fp = NULL; | 46 | db->fp = NULL; |
48 | if (fd >= 0) { | 47 | if (fd >= 0) { |
49 | #ifdef WITH_TCB | 48 | #ifdef WITH_TCB |
49 | -- | ||
50 | 2.30.2 | ||
51 | |||
diff --git a/meta/recipes-extended/shadow/shadow.inc b/meta/recipes-extended/shadow/shadow.inc index ce3ce62715..c024746d4f 100644 --- a/meta/recipes-extended/shadow/shadow.inc +++ b/meta/recipes-extended/shadow/shadow.inc | |||
@@ -5,7 +5,7 @@ BUGTRACKER = "http://github.com/shadow-maint/shadow/issues" | |||
5 | SECTION = "base/utils" | 5 | SECTION = "base/utils" |
6 | LICENSE = "BSD-3-Clause" | 6 | LICENSE = "BSD-3-Clause" |
7 | LIC_FILES_CHKSUM = "file://COPYING;md5=c9a450b7be84eac23e6353efecb60b5b \ | 7 | LIC_FILES_CHKSUM = "file://COPYING;md5=c9a450b7be84eac23e6353efecb60b5b \ |
8 | file://src/passwd.c;beginline=2;endline=30;md5=758c26751513b6795395275969dd3be1 \ | 8 | file://src/passwd.c;beginline=2;endline=7;md5=67bcf314687820b2f010d4863fce3fc5 \ |
9 | " | 9 | " |
10 | 10 | ||
11 | DEPENDS = "virtual/crypt" | 11 | DEPENDS = "virtual/crypt" |
@@ -14,10 +14,6 @@ GITHUB_BASE_URI = "https://github.com/shadow-maint/shadow/releases" | |||
14 | SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.gz \ | 14 | SRC_URI = "${GITHUB_BASE_URI}/download/${PV}/${BP}.tar.gz \ |
15 | ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \ | 15 | ${@bb.utils.contains('PACKAGECONFIG', 'pam', '${PAM_SRC_URI}', '', d)} \ |
16 | file://useradd \ | 16 | file://useradd \ |
17 | file://0001-Fix-can-not-print-full-login.patch \ | ||
18 | file://CVE-2023-29383.patch \ | ||
19 | file://0001-Overhaul-valid_field.patch \ | ||
20 | file://CVE-2023-4641.patch \ | ||
21 | " | 17 | " |
22 | 18 | ||
23 | SRC_URI:append:class-target = " \ | 19 | SRC_URI:append:class-target = " \ |
@@ -26,14 +22,9 @@ SRC_URI:append:class-target = " \ | |||
26 | " | 22 | " |
27 | 23 | ||
28 | SRC_URI:append:class-native = " \ | 24 | SRC_URI:append:class-native = " \ |
29 | file://0001-Disable-use-of-syslog-for-sysroot.patch \ | ||
30 | file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \ | 25 | file://commonio.c-fix-unexpected-open-failure-in-chroot-env.patch \ |
31 | " | 26 | " |
32 | SRC_URI:append:class-nativesdk = " \ | 27 | SRC_URI[sha256sum] = "a305edf5d19bddbdf5e836d2d609fa8bff2d35458819de4d9f06306a1cf24342" |
33 | file://0001-Disable-use-of-syslog-for-sysroot.patch \ | ||
34 | " | ||
35 | SRC_URI[sha256sum] = "813057047499c7fe81108adcf0cffa3ad4ec75e19a80151f9cbaa458ff2e86cd" | ||
36 | |||
37 | 28 | ||
38 | # Additional Policy files for PAM | 29 | # Additional Policy files for PAM |
39 | PAM_SRC_URI = "file://pam.d/chfn \ | 30 | PAM_SRC_URI = "file://pam.d/chfn \ |
@@ -44,7 +35,7 @@ PAM_SRC_URI = "file://pam.d/chfn \ | |||
44 | file://pam.d/passwd \ | 35 | file://pam.d/passwd \ |
45 | file://pam.d/su" | 36 | file://pam.d/su" |
46 | 37 | ||
47 | inherit autotools gettext github-releases | 38 | inherit autotools gettext github-releases pkgconfig |
48 | 39 | ||
49 | export CONFIG_SHELL="/bin/sh" | 40 | export CONFIG_SHELL="/bin/sh" |
50 | 41 | ||
@@ -54,6 +45,8 @@ EXTRA_OECONF += "--without-libcrack \ | |||
54 | --without-sssd \ | 45 | --without-sssd \ |
55 | ${NSCDOPT}" | 46 | ${NSCDOPT}" |
56 | 47 | ||
48 | CFLAGS:append:libc-musl = " -DLIBBSD_OVERLAY" | ||
49 | |||
57 | NSCDOPT = "" | 50 | NSCDOPT = "" |
58 | NSCDOPT:class-native = "--without-nscd" | 51 | NSCDOPT:class-native = "--without-nscd" |
59 | NSCDOPT:class-nativesdk = "--without-nscd" | 52 | NSCDOPT:class-nativesdk = "--without-nscd" |
@@ -73,13 +66,14 @@ PAM_PLUGINS = "libpam-runtime \ | |||
73 | 66 | ||
74 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \ | 67 | PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \ |
75 | ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)}" | 68 | ${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)}" |
76 | PACKAGECONFIG:class-native ??= "${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)}" | 69 | PACKAGECONFIG:class-native ??= "${@bb.utils.contains('DISTRO_FEATURES', 'xattr', 'attr', '', d)} libbsd" |
77 | PACKAGECONFIG:class-nativesdk = "" | 70 | PACKAGECONFIG:class-nativesdk = "" |
78 | PACKAGECONFIG[pam] = "--with-libpam,--without-libpam,libpam,${PAM_PLUGINS}" | 71 | PACKAGECONFIG[pam] = "--with-libpam,--without-libpam,libpam,${PAM_PLUGINS}" |
79 | PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr" | 72 | PACKAGECONFIG[attr] = "--with-attr,--without-attr,attr" |
80 | PACKAGECONFIG[acl] = "--with-acl,--without-acl,acl" | 73 | PACKAGECONFIG[acl] = "--with-acl,--without-acl,acl" |
81 | PACKAGECONFIG[audit] = "--with-audit,--without-audit,audit" | 74 | PACKAGECONFIG[audit] = "--with-audit,--without-audit,audit" |
82 | PACKAGECONFIG[selinux] = "--with-selinux,--without-selinux,libselinux libsemanage" | 75 | PACKAGECONFIG[selinux] = "--with-selinux,--without-selinux,libselinux libsemanage" |
76 | PACKAGECONFIG[libbsd] = "--with-libbsd,--without-libbsd,libbsd" | ||
83 | 77 | ||
84 | RDEPENDS:${PN} = "shadow-securetty \ | 78 | RDEPENDS:${PN} = "shadow-securetty \ |
85 | base-passwd \ | 79 | base-passwd \ |
diff --git a/meta/recipes-extended/shadow/shadow_4.13.bb b/meta/recipes-extended/shadow/shadow_4.14.2.bb index 4e55446312..4e55446312 100644 --- a/meta/recipes-extended/shadow/shadow_4.13.bb +++ b/meta/recipes-extended/shadow/shadow_4.14.2.bb | |||