[Pkg-shadow-commits] r3678 - in debian/trunk/debian: . patches
Nicolas FRANÇOIS
nekral-guest at alioth.debian.org
Tue Jan 24 19:36:45 UTC 2012
Author: nekral-guest
Date: 2012-01-24 19:36:45 +0000 (Tue, 24 Jan 2012)
New Revision: 3678
Modified:
debian/trunk/debian/changelog
debian/trunk/debian/patches/401_cppw_src.dpatch
debian/trunk/debian/patches/501_commonio_group_shadow
debian/trunk/debian/patches/506_relaxed_usernames
debian/trunk/debian/patches/542_useradd-O_option
Log:
* Raisethe security issue at the top of the debian changelog.
* Refreshed patches
Modified: debian/trunk/debian/changelog
===================================================================
--- debian/trunk/debian/changelog 2012-01-23 22:29:33 UTC (rev 3677)
+++ debian/trunk/debian/changelog 2012-01-24 19:36:45 UTC (rev 3678)
@@ -4,14 +4,14 @@
[ Nicolas FRANCOIS (Nekral) ]
* New upstream release:
+ - su: Fix possible tty hijacking by dropping the controlling terminal when
+ executing a command (CVE-2005-4890). Closes: #628843
- userdel: Check the existence of the user's mail spool before trying to
remove it. If it does not exist, a warning is issued, but no failure.
Closes: #617295
- userdel: Do not remove a group with the same name as the user
(usergroup) if this group isn't the user's primary group.
Closes: #584868
- - su: Fix possible tty hijacking by dropping the controlling terminal when
- executing a command. Closes: #628843
- su: Close the PAM session as root (fix issues with pam_mount and
pam_systemd). Closes: #580434
- Fix several typos in manpages. Thanks to Simon Brandmair.
Modified: debian/trunk/debian/patches/401_cppw_src.dpatch
===================================================================
--- debian/trunk/debian/patches/401_cppw_src.dpatch 2012-01-23 22:29:33 UTC (rev 3677)
+++ debian/trunk/debian/patches/401_cppw_src.dpatch 2012-01-24 19:36:45 UTC (rev 3678)
@@ -266,7 +266,7 @@
groupdel_LDADD = $(LDADD) $(LIBPAM_SUID) $(LIBAUDIT) $(LIBSELINUX)
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
-@@ -83,6 +83,7 @@
+@@ -85,6 +85,7 @@
src/chgpasswd.c
src/chpasswd.c
src/chsh.c
Modified: debian/trunk/debian/patches/501_commonio_group_shadow
===================================================================
--- debian/trunk/debian/patches/501_commonio_group_shadow 2012-01-23 22:29:33 UTC (rev 3677)
+++ debian/trunk/debian/patches/501_commonio_group_shadow 2012-01-24 19:36:45 UTC (rev 3678)
@@ -10,9 +10,9 @@
#include <signal.h>
+#include <grp.h>
#include "nscd.h"
- #ifdef WITH_SELINUX
- #include <selinux/selinux.h>
-@@ -988,13 +989,20 @@
+ #ifdef WITH_TCB
+ #include <tcb.h>
+@@ -966,13 +967,20 @@
goto fail;
}
} else {
Modified: debian/trunk/debian/patches/506_relaxed_usernames
===================================================================
--- debian/trunk/debian/patches/506_relaxed_usernames 2012-01-23 22:29:33 UTC (rev 3677)
+++ debian/trunk/debian/patches/506_relaxed_usernames 2012-01-24 19:36:45 UTC (rev 3678)
@@ -54,7 +54,7 @@
}
--- a/man/useradd.8.xml
+++ b/man/useradd.8.xml
-@@ -631,12 +631,20 @@
+@@ -635,12 +635,20 @@
</para>
<para>
@@ -78,7 +78,7 @@
</refsect1>
--- a/man/groupadd.8.xml
+++ b/man/groupadd.8.xml
-@@ -237,12 +237,18 @@
+@@ -240,12 +240,18 @@
<refsect1 id='caveats'>
<title>CAVEATS</title>
<para>
Modified: debian/trunk/debian/patches/542_useradd-O_option
===================================================================
--- debian/trunk/debian/patches/542_useradd-O_option 2012-01-23 22:29:33 UTC (rev 3677)
+++ debian/trunk/debian/patches/542_useradd-O_option 2012-01-24 19:36:45 UTC (rev 3678)
@@ -21,19 +21,19 @@
<varlistentry>
--- a/src/useradd.c
+++ b/src/useradd.c
-@@ -1009,9 +1009,9 @@
+@@ -1011,9 +1011,9 @@
};
while ((c = getopt_long (argc, argv,
#ifdef WITH_SELINUX
- "b:c:d:De:f:g:G:hk:K:lmMNop:rR:s:u:UZ:",
+ "b:c:d:De:f:g:G:hk:O:K:lmMNop:rR:s:u:UZ:",
- #else
+ #else /* !WITH_SELINUX */
- "b:c:d:De:f:g:G:hk:K:lmMNop:rR:s:u:U",
+ "b:c:d:De:f:g:G:hk:O:K:lmMNop:rR:s:u:U",
- #endif
+ #endif /* !WITH_SELINUX */
long_options, NULL)) != -1) {
switch (c) {
-@@ -1134,6 +1134,7 @@
+@@ -1136,6 +1136,7 @@
kflg = true;
break;
case 'K':
More information about the Pkg-shadow-commits
mailing list