[SCM] KDE Base Workspace module packaging branch, master, updated. debian/4.10.5-2-4-g235d1ca
Pino Toscano
pino at alioth.debian.org
Mon Jul 22 10:04:47 UTC 2013
Gitweb-URL: http://git.debian.org/?p=pkg-kde/kde-sc/kde-workspace.git;a=commitdiff;h=c4e1f39
The following commit has been merged in the master branch:
commit c4e1f3990f62b6e2502109d56ea24052abf088a9
Author: Pino Toscano <pino at debian.org>
Date: Mon Jul 22 11:57:38 2013 +0200
fix CVE-2013-4132 (#717180)
backport upstream commit 45b7f137fbc0b942fd2c9b4e8d8c1f0293e64ba7
---
debian/changelog | 4 +
debian/patches/series | 1 +
...ass-Check-for-NULL-return-from-crypt-3-an.patch | 103 ++++++++++++++++++++
3 files changed, 108 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index 956ffe2..12adbb4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,10 @@ kde-workspace (4:4.10.5-3) UNRELEASED; urgency=low
[ Pino Toscano ]
* Fix breaks/replaces of ktouchpadenabler: remove the ones against itself,
adjust version of kde-workspace-bin.
+ * Backport upstream commit 45b7f137fbc0b942fd2c9b4e8d8c1f0293e64ba7 to fix
+ NULL pointer dereference in kcheckpass and kdm, CVE-2013-4132; patch
+ upstream_kdm-kcheckpass-Check-for-NULL-return-from-crypt-3-an.patch.
+ (Closes: #717180)
-- Debian Qt/KDE Maintainers <debian-qt-kde at lists.debian.org> Sun, 21 Jul 2013 15:20:50 +0200
diff --git a/debian/patches/series b/debian/patches/series
index ff13579..ced992b 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
+upstream_kdm-kcheckpass-Check-for-NULL-return-from-crypt-3-an.patch
kdm_does_not_wreak_havoc.diff
kdmrc_defaults.diff
genkdmconf.diff
diff --git a/debian/patches/upstream_kdm-kcheckpass-Check-for-NULL-return-from-crypt-3-an.patch b/debian/patches/upstream_kdm-kcheckpass-Check-for-NULL-return-from-crypt-3-an.patch
new file mode 100644
index 0000000..f31f7db
--- /dev/null
+++ b/debian/patches/upstream_kdm-kcheckpass-Check-for-NULL-return-from-crypt-3-an.patch
@@ -0,0 +1,103 @@
+From 45b7f137fbc0b942fd2c9b4e8d8c1f0293e64ba7 Mon Sep 17 00:00:00 2001
+From: Michael Pyne <mpyne at kde.org>
+Date: Sat, 29 Jun 2013 16:13:20 -0400
+Subject: [PATCH] kdm, kcheckpass: Check for NULL return from crypt(3) and
+ friends.
+
+Potential issue noted and fixed by Mancha <mancha1 at hush.com>.
+
+Patch reviewed by myself and ossi. Backported to 4.10 by myself.
+
+REVIEW:111261
+FIXED-IN:4.10.5
+---
+ kcheckpass/checkpass_etcpasswd.c | 3 ++-
+ kcheckpass/checkpass_osfc2passwd.c | 3 ++-
+ kcheckpass/checkpass_shadow.c | 2 +-
+ kdm/backend/client.c | 7 +++++--
+ 4 files changed, 10 insertions(+), 5 deletions(-)
+
+diff --git a/kcheckpass/checkpass_etcpasswd.c b/kcheckpass/checkpass_etcpasswd.c
+index 1dbe06f..e261b7c 100644
+--- a/kcheckpass/checkpass_etcpasswd.c
++++ b/kcheckpass/checkpass_etcpasswd.c
+@@ -35,6 +35,7 @@ AuthReturn Authenticate(const char *method,
+ {
+ struct passwd *pw;
+ char *passwd;
++ char *crpt_passwd;
+
+ if (strcmp(method, "classic"))
+ return AuthError;
+@@ -49,7 +50,7 @@ AuthReturn Authenticate(const char *method,
+ if (!(passwd = conv(ConvGetHidden, 0)))
+ return AuthAbort;
+
+- if (!strcmp(pw->pw_passwd, crypt(passwd, pw->pw_passwd))) {
++ if ((crpt_passwd = crypt(passwd, pw->pw_passwd)) && !strcmp(pw->pw_passwd, crpt_passwd)) {
+ dispose(passwd);
+ return AuthOk; /* Success */
+ }
+diff --git a/kcheckpass/checkpass_osfc2passwd.c b/kcheckpass/checkpass_osfc2passwd.c
+index 9a074f9..d181233 100644
+--- a/kcheckpass/checkpass_osfc2passwd.c
++++ b/kcheckpass/checkpass_osfc2passwd.c
+@@ -38,6 +38,7 @@ AuthReturn Authenticate(const char *method,
+ const char *login, char *(*conv) (ConvRequest, const char *))
+ {
+ char *passwd;
++ char *crpt_passwd;
+ char c2passwd[256];
+
+ if (strcmp(method, "classic"))
+@@ -52,7 +53,7 @@ AuthReturn Authenticate(const char *method,
+ if (!(passwd = conv(ConvGetHidden, 0)))
+ return AuthAbort;
+
+- if (!strcmp(c2passwd, osf1c2crypt(passwd, c2passwd))) {
++ if ((crpt_passwd = osf1c2crypt(passwd, c2passwd)) && !strcmp(c2passwd, crpt_passwd)) {
+ dispose(passwd);
+ return AuthOk; /* Success */
+ }
+diff --git a/kcheckpass/checkpass_shadow.c b/kcheckpass/checkpass_shadow.c
+index ec3a4e0..c0f6913 100644
+--- a/kcheckpass/checkpass_shadow.c
++++ b/kcheckpass/checkpass_shadow.c
+@@ -69,7 +69,7 @@ AuthReturn Authenticate(const char *method,
+ crpt_passwd = crypt(typed_in_password, password);
+ #endif
+
+- if (!strcmp(password, crpt_passwd )) {
++ if (crpt_passwd && !strcmp(password, crpt_passwd )) {
+ dispose(typed_in_password);
+ return AuthOk; /* Success */
+ }
+diff --git a/kdm/backend/client.c b/kdm/backend/client.c
+index bdff6da..26bb0b4 100644
+--- a/kdm/backend/client.c
++++ b/kdm/backend/client.c
+@@ -540,6 +540,9 @@ verify(GConvFunc gconv, int rootok)
+ # if defined(HAVE_STRUCT_PASSWD_PW_EXPIRE) || defined(USESHADOW)
+ int tim, expir, warntime, quietlog;
+ # endif
++# if !defined(ultrix) && !defined(__ultrix__) && (defined(HAVE_PW_ENCRYPT) || defined(HAVE_CRYPT))
++ char *crpt_passwd;
++# endif
+ #endif
+
+ debug("verify ...
");
+@@ -752,9 +755,9 @@ verify(GConvFunc gconv, int rootok)
+ # if defined(ultrix) || defined(__ultrix__)
+ if (authenticate_user(p, curpass, 0) < 0)
+ # elif defined(HAVE_PW_ENCRYPT)
+- if (strcmp(pw_encrypt(curpass, p->pw_passwd), p->pw_passwd))
++ if (!(crpt_passwd = pw_encrypt(curpass, p->pw_passwd)) || strcmp(crpt_passwd, p->pw_passwd))
+ # elif defined(HAVE_CRYPT)
+- if (strcmp(crypt(curpass, p->pw_passwd), p->pw_passwd))
++ if (!(crpt_passwd = crypt(curpass, p->pw_passwd)) || strcmp(crpt_passwd, p->pw_passwd))
+ # else
+ if (strcmp(curpass, p->pw_passwd))
+ # endif
+--
+1.7.10.4
+
--
KDE Base Workspace module packaging
More information about the pkg-kde-commits
mailing list