rpms/busybox/devel busybox-1.1.1-anaconda.patch, NONE, 1.1 busybox-1.1.1-cve-2006-1058.patch, NONE, 1.1 busybox-1.1.1-selinux.patch, NONE, 1.1 busybox-1.1.1-static.patch, NONE, 1.1 .cvsignore, 1.9, 1.10 busybox.spec, 1.32, 1.33 sources, 1.9, 1.10 busybox-anaconda.patch, 1.8, NONE busybox-selinux.patch, 1.7, NONE busybox-static.patch, 1.8, NONE

fedora-cvs-commits at redhat.com fedora-cvs-commits at redhat.com
Thu Apr 6 12:21:31 UTC 2006


Author: varekova

Update of /cvs/dist/rpms/busybox/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv31776

Modified Files:
	.cvsignore busybox.spec sources 
Added Files:
	busybox-1.1.1-anaconda.patch busybox-1.1.1-cve-2006-1058.patch 
	busybox-1.1.1-selinux.patch busybox-1.1.1-static.patch 
Removed Files:
	busybox-anaconda.patch busybox-selinux.patch 
	busybox-static.patch 
Log Message:
- update to 1.1.1
- fix CVE-2006-1058 - BusyBox passwd command
  fails to generate password with salt (#187386)


busybox-1.1.1-anaconda.patch:
 Makefile              |    2 +-
 util-linux/nfsmount.c |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

--- NEW FILE busybox-1.1.1-anaconda.patch ---
--- busybox-1.1.1/util-linux/nfsmount.c.anaconda	2006-03-22 22:16:26.000000000 +0100
+++ busybox-1.1.1/util-linux/nfsmount.c	2006-04-05 13:00:33.401530040 +0200
@@ -439,7 +439,7 @@
 	intr = 0;
 	posix = 0;
 	nocto = 0;
-	nolock = 0;
+        nolock = 1;             /* anaconda disables this by default */
 	noac = 0;
 	retry = 10000;		/* 10000 minutes ~ 1 week */
 	tcp = 0;
--- busybox-1.1.1/Makefile.anaconda	2006-03-22 22:16:26.000000000 +0100
+++ busybox-1.1.1/Makefile	2006-04-05 12:49:18.196176856 +0200
@@ -196,7 +196,7 @@
 
 defconfig: scripts/config/conf
 	@./scripts/config/conf -y $(CONFIG_CONFIG_IN)
-	@$(SED) -i -r -e "s/^(USING_CROSS_COMPILER|CONFIG_(DEBUG.*|STATIC|BUILD_(AT_ONCE|LIBBUSYBOX)|FEATURE_(DEVFS|FULL_LIBBUSYBOX|SHARED_BUSYBOX|MTAB_SUPPORT|CLEAN_UP|UDHCP_DEBUG)|INSTALL_NO_USR))=.*/# \1 is not set/" .config
+	@$(SED) -i -r -e "s/^(CONFIG_FEATURE_UNARCHIVE_TAPE|CONFIG_FEATURE_LS_COLOR|CONFIG_FEATURE_VI_READONLY|CONFIG_INIT|CONFIG_POWEROFF|CONFIG_REBOOT|CONFIG_HALT|CONFIG_ASH_JOB_CONTROL|CONFIG_SYSLOGD|CONFIG_KLOGD|CONFIG_LOGGER|USING_CROSS_COMPILER|CONFIG_(DEBUG.*|STATIC|BUILD_(AT_ONCE|LIBBUSYBOX)|FEATURE_(DEVFS|FULL_LIBBUSYBOX|SHARED_BUSYBOX|MTAB_SUPPORT|CLEAN_UP|UDHCP_DEBUG)|INSTALL_NO_USR))=.*/# \1 is not set/" .config
 	@./scripts/config/conf -o $(CONFIG_CONFIG_IN)
 
 

busybox-1.1.1-cve-2006-1058.patch:
 passwd.c |   64 ++++++++++++++++++++++++---------------------------------------
 1 files changed, 25 insertions(+), 39 deletions(-)

--- NEW FILE busybox-1.1.1-cve-2006-1058.patch ---
--- busybox-1.1.1/loginutils/passwd.c.cve-2006-1058	2006-03-22 22:16:24.000000000 +0100
+++ busybox-1.1.1/loginutils/passwd.c	2006-04-03 10:56:53.418268928 +0200
@@ -21,16 +21,6 @@
 static void set_filesize_limit(int blocks);
 
 
-static int get_algo(char *a)
-{
-	int x = 1;					/* standard: MD5 */
-
-	if (strcasecmp(a, "des") == 0)
-		x = 0;
-	return x;
-}
-
-
 static int update_passwd(const struct passwd *pw, const char *crypt_pw)
 {
 	char filename[1024];
@@ -131,6 +121,12 @@
 	}
 }
 
+/*
+ * get_algo() returns:
+ * FALSE: in case of traditional MD5
+ * TRUE : in case of short SALT MD5
+ */
+#define get_algo(a) (!strcasecmp(a, "des"))
 
 int passwd_main(int argc, char **argv)
 {
@@ -287,33 +283,19 @@
 	return 0;
 }
 
-static int i64c(int i)
-{
-	if (i <= 0)
-		return ('.');
-	if (i == 1)
-		return ('/');
-	if (i >= 2 && i < 12)
-		return ('0' - 2 + i);
-	if (i >= 12 && i < 38)
-		return ('A' - 12 + i);
-	if (i >= 38 && i < 63)
-		return ('a' - 38 + i);
-	return ('z');
-}
+const unsigned char bb_base64[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJLKMNOPQRSTUVWXYZ0123456789./";
+#define bb_i64c(a) (bb_base64[((unsigned char)(a))%64])
 
-static char *crypt_make_salt(void)
+static void bb_read_random64_string(unsigned char *str, int len)
 {
-	time_t now;
-	static unsigned long x;
-	static char result[3];
-
-	time(&now);
-	x += now + getpid() + clock();
-	result[0] = i64c(((x >> 18) ^ (x >> 6)) & 077);
-	result[1] = i64c(((x >> 12) ^ x) & 077);
-	result[2] = '\0';
-	return result;
+        int i;
+        FILE *fp;
+        if(!(fp = fopen("/dev/random", "r")))
+                bb_perror_msg_and_die("open /dev/random");
+        bb_xread_all(fileno(fp), str, len);
+        for(i = 0; i < len; i++)
+                str[i] = bb_i64c(str[i]);
+        str[i] = 0;     //close the string
 }
 
 
@@ -324,6 +306,8 @@
 	char *cp;
 	char orig[200];
 	char pass[200];
+	unsigned char salt[12] = "$1$";
+
 
 	if (!amroot && crypt_passwd[0]) {
 		if (!(clear = bb_askpass(0, "Old password:"))) {
@@ -377,10 +361,12 @@
 	memset(cp, 0, strlen(cp));
 	memset(orig, 0, sizeof(orig));
 
-	if (algo == 1) {
-		cp = pw_encrypt(pass, "$1$");
-	} else
-		cp = pw_encrypt(pass, crypt_make_salt());
+        if(algo)
+                bb_read_random64_string(&salt[3], 8);
+        else
+                bb_read_random64_string(salt, 2);
+        cp = pw_encrypt(pass,salt);
+
 	memset(pass, 0, sizeof pass);
 	safe_strncpy(crypt_passwd, cp, sizeof(crypt_passwd));
 	return 0;

busybox-1.1.1-selinux.patch:
 Config.in             |    1 
 Makefile              |    4 +--
 include/applets.h     |    1 
 include/usage.h       |    9 ++++++++
 selinux/Config.in     |   16 ++++++++++++++
 selinux/Makefile      |   30 +++++++++++++++++++++++++++
 selinux/Makefile.in   |   35 +++++++++++++++++++++++++++++++
 selinux/load_policy.c |   55 ++++++++++++++++++++++++++++++++++++++++++++++++++
 8 files changed, 149 insertions(+), 2 deletions(-)

--- NEW FILE busybox-1.1.1-selinux.patch ---
--- /dev/null	2006-04-06 08:55:50.820704048 +0200
+++ busybox-1.1.1/selinux/Makefile.in	2006-04-06 12:28:37.485563704 +0200
@@ -0,0 +1,35 @@
+# Makefile for busybox
+#
+# Copyright (C) 2003 by Dan Walsh <dwalsh at redhat.com>
+# Copyright (C) 1999-2003 by Erik Andersen <andersen at codepoet.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+SELINUX_AR:=selinux.a
+ifndef $(SELINUX_DIR)
+SELINUX_DIR:=$(TOPDIR)selinux/
+endif
+
+SELINUX-y:=
+SELINUX-$(CONFIG_LOAD_POLICY)		+= load_policy.o
+libraries-y+=$(SELINUX_DIR)$(SELINUX_AR)
+
+$(SELINUX_DIR)$(SELINUX_AR): $(patsubst %,$(SELINUX_DIR)%, $(SELINUX-y))
+	$(AR) -ro $@ $(patsubst %,$(SELINUX_DIR)%, $(SELINUX-y))
+
+$(SELINUX_DIR)%.o: $(SELINUX_DIR)%.c
+	$(CC) $(CFLAGS) $(EXTRA_CFLAGS) -c -o $@ $<
+
--- /dev/null	2006-04-06 08:55:50.820704048 +0200
+++ busybox-1.1.1/selinux/Config.in	2006-04-06 12:28:37.490562944 +0200
@@ -0,0 +1,16 @@
+#
+# For a description of the syntax of this configuration file,
+# see scripts/kbuild/config-language.txt.
+#
+
+menu "Selinux Utilities"
+
+if CONFIG_SELINUX
+config CONFIG_LOAD_POLICY
+	bool "load_policy"
+	default n
+	help
+	  Enable support for loading SE Linux into the kernel.
+endif
+endmenu
+
--- /dev/null	2006-04-06 08:55:50.820704048 +0200
+++ busybox-1.1.1/selinux/Makefile	2006-04-06 12:28:37.491562792 +0200
@@ -0,0 +1,30 @@
+# Makefile for busybox
+#
+# Copyright (C) 1999-2003 by Erik Andersen <andersen at codepoet.org>
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+
+TOPDIR:= ../
+SELINUX_DIR:=./
+include $(TOPDIR).config
+include $(TOPDIR)Rules.mak
+include Makefile.in
+all: $(libraries-y)
+-include $(TOPDIR).depend
+
+clean:
+	rm -f *.o *.a $(AR_TARGET)
+
--- /dev/null	2006-04-06 08:55:50.820704048 +0200
+++ busybox-1.1.1/selinux/load_policy.c	2006-04-06 12:28:37.491562792 +0200
@@ -0,0 +1,55 @@
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <fcntl.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <sys/mman.h>
+#include <selinux/selinux.h>
+#include <locale.h>			    /* for setlocale() */
+#include <libintl.h>			    /* for gettext() */
+#define _(msgid) gettext (msgid)
+#ifndef PACKAGE
+#define PACKAGE "policycoreutils"   /* the name of this package lang translation */
+#endif
+
+extern int load_policy_main(int argc, char **argv) 
+{
+	int fd, ret;
+	struct stat sb;
+	void *map;
+
+	if (argc != 2) {
+		fprintf(stderr, _("usage:  %s policyfile\n"), argv[0]);
+		return 1;
+	}
+
+	fd = open(argv[1], O_RDONLY);
+	if (fd < 0) {
+		fprintf(stderr, _("Can't open '%s':  %s\n"),
+			argv[1], strerror(errno));
+		return 2;
+	}
+
+	if (fstat(fd, &sb) < 0) {
+		fprintf(stderr, _("Can't stat '%s':  %s\n"),
+			argv[1], strerror(errno));
+		return 2;
+	}
+
+	map = mmap(NULL, sb.st_size, PROT_READ, MAP_SHARED, fd, 0);
+	if (map == MAP_FAILED) {
+		fprintf(stderr, _("Can't map '%s':  %s\n"),
+			argv[1], strerror(errno));
+		return 2;
+	}
+
+	ret = security_load_policy(map, sb.st_size);
+	if (ret < 0) {
+		fprintf(stderr, _("%s:  security_load_policy failed\n"), argv[0]);
+		return 3;
+	}
+	return EXIT_SUCCESS;
+}
--- busybox-1.1.1/include/usage.h.selinux	2006-03-22 22:16:24.000000000 +0100
+++ busybox-1.1.1/include/usage.h	2006-04-06 12:28:37.493562488 +0200
@@ -2413,6 +2413,15 @@
 #else
 #define USAGE_PS "\nOptions:"
 #endif
+
+#define load_policy_trivial_usage \
+        ""
+#define load_policy_full_usage \
+	        "load SELinux policy\n"
+		
+#define load_policy_example_usage \
+        "$ load_policy /etc/selinux/strict/policy/policy.17\n"
+			
 #if ENABLE_FEATURE_PS_WIDE
 #define USAGE_PS_WIDE(a) a
 #else
--- busybox-1.1.1/include/applets.h.selinux	2006-03-22 22:16:24.000000000 +0100
+++ busybox-1.1.1/include/applets.h	2006-04-06 12:28:37.494562336 +0200
@@ -163,6 +163,7 @@
 USE_SETARCH(APPLET_NOUSAGE(linux64, setarch_main, _BB_DIR_BIN, _BB_SUID_NEVER))
 USE_FEATURE_INITRD(APPLET_NOUSAGE(linuxrc, init_main, _BB_DIR_ROOT, _BB_SUID_NEVER))
 USE_LN(APPLET(ln, ln_main, _BB_DIR_BIN, _BB_SUID_NEVER))
+USE_LOAD_POLICY(APPLET(load_policy, load_policy_main, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_LOADFONT(APPLET(loadfont, loadfont_main, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
 USE_LOADKMAP(APPLET(loadkmap, loadkmap_main, _BB_DIR_SBIN, _BB_SUID_NEVER))
 USE_LOGGER(APPLET(logger, logger_main, _BB_DIR_USR_BIN, _BB_SUID_NEVER))
--- busybox-1.1.1/Config.in.selinux	2006-03-22 22:16:26.000000000 +0100
+++ busybox-1.1.1/Config.in	2006-04-06 12:28:37.494562336 +0200
@@ -405,3 +405,4 @@
 source procps/Config.in
 source shell/Config.in
 source sysklogd/Config.in
+source selinux/Config.in
--- busybox-1.1.1/Makefile.selinux	2006-03-22 22:16:26.000000000 +0100
+++ busybox-1.1.1/Makefile	2006-04-06 12:30:20.636882320 +0200
@@ -27,7 +27,7 @@
 
 DIRS:=applets archival archival/libunarchive coreutils console-tools \
 	debianutils editors findutils init miscutils modutils networking \
-	networking/libiproute networking/udhcp procps loginutils shell \
+	networking/libiproute networking/udhcp procps loginutils selinux shell \
 	sysklogd util-linux e2fsprogs libpwdgrp coreutils/libcoreutils libbb
 
 SRC_DIRS:=$(patsubst %,$(top_srcdir)/%,$(DIRS))
@@ -196,7 +196,7 @@
 
 defconfig: scripts/config/conf
 	@./scripts/config/conf -y $(CONFIG_CONFIG_IN)
-	@$(SED) -i -r -e "s/^(USING_CROSS_COMPILER|CONFIG_(DEBUG.*|STATIC|SELINUX|BUILD_(AT_ONCE|LIBBUSYBOX)|FEATURE_(DEVFS|FULL_LIBBUSYBOX|SHARED_BUSYBOX|MTAB_SUPPORT|CLEAN_UP|UDHCP_DEBUG)|INSTALL_NO_USR))=.*/# \1 is not set/" .config
+	@$(SED) -i -r -e "s/^(USING_CROSS_COMPILER|CONFIG_(DEBUG.*|STATIC|BUILD_(AT_ONCE|LIBBUSYBOX)|FEATURE_(DEVFS|FULL_LIBBUSYBOX|SHARED_BUSYBOX|MTAB_SUPPORT|CLEAN_UP|UDHCP_DEBUG)|INSTALL_NO_USR))=.*/# \1 is not set/" .config
 	@./scripts/config/conf -o $(CONFIG_CONFIG_IN)
 
 

busybox-1.1.1-static.patch:
 Makefile |    2 +-
 1 files changed, 1 insertion(+), 1 deletion(-)

--- NEW FILE busybox-1.1.1-static.patch ---
--- busybox-1.1.1/Makefile.static	2006-03-22 22:16:26.000000000 +0100
+++ busybox-1.1.1/Makefile	2006-04-05 13:40:07.889552992 +0200
@@ -196,7 +196,7 @@
 
 defconfig: scripts/config/conf
 	@./scripts/config/conf -y $(CONFIG_CONFIG_IN)
-	@$(SED) -i -r -e "s/^(USING_CROSS_COMPILER|CONFIG_(DEBUG.*|STATIC|BUILD_(AT_ONCE|LIBBUSYBOX)|FEATURE_(DEVFS|FULL_LIBBUSYBOX|SHARED_BUSYBOX|MTAB_SUPPORT|CLEAN_UP|UDHCP_DEBUG)|INSTALL_NO_USR))=.*/# \1 is not set/" .config
+	@$(SED) -i -r -e "s/^(CONFIG_FEATURE_LS_COLOR|CONFIG_ASH|CONFIG_FDFLUSH|USING_CROSS_COMPILER|CONFIG_(DEBUG.*|BUILD_(AT_ONCE|LIBBUSYBOX)|FEATURE_(DEVFS|FULL_LIBBUSYBOX|SHARED_BUSYBOX|MTAB_SUPPORT|CLEAN_UP|UDHCP_DEBUG)|INSTALL_NO_USR))=.*/# \1 is not set/" .config
 	@./scripts/config/conf -o $(CONFIG_CONFIG_IN)
 
 


Index: .cvsignore
===================================================================
RCS file: /cvs/dist/rpms/busybox/devel/.cvsignore,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- .cvsignore	1 Sep 2005 13:12:02 -0000	1.9
+++ .cvsignore	6 Apr 2006 12:21:29 -0000	1.10
@@ -1 +1 @@
-busybox-1.01.tar.bz2
+busybox-1.1.1.tar.bz2


Index: busybox.spec
===================================================================
RCS file: /cvs/dist/rpms/busybox/devel/busybox.spec,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- busybox.spec	17 Feb 2006 18:54:23 -0000	1.32
+++ busybox.spec	6 Apr 2006 12:21:29 -0000	1.33
@@ -1,14 +1,15 @@
 Summary: Statically linked binary providing simplified versions of system commands
 Name: busybox
-Version: 1.01
-Release: 3
+Version: 1.1.1
+Release: 1
 Epoch: 1
 License: GPL
 Group: System Environment/Shells
 Source: http://www.busybox.net/downloads/%{name}-%{version}.tar.bz2
-Patch: busybox-static.patch
-Patch1: busybox-anaconda.patch
-Patch2: busybox-selinux.patch
+Patch: busybox-1.1.1-static.patch
+Patch1: busybox-1.1.1-anaconda.patch
+Patch2: busybox-1.1.1-selinux.patch
+Patch3: busybox-1.1.1-cve-2006-1058.patch
 URL: http://www.busybox.net
 BuildRoot: %{_tmppath}/%{name}-root
 BuildRequires: libselinux-devel >= 1.27.7-2
@@ -33,11 +34,10 @@
 
 %prep
 %setup -q
-cp sysdeps/linux/defconfig .config
 #SELINUX Patch
 %patch2 -b .selinux -p1
 %patch -b .static -p1
-#%patch1 -b .anaconda -p1
+%patch3 -b .cve-2006-1058 -p1
 
 %build
 make defconfig
@@ -75,6 +75,11 @@
 /sbin/busybox.anaconda
 
 %changelog
+* Wed Apr  6 2006 Ivana Varekova <varekova at redhat.com> - 1:1.1.1-1
+- update to 1.1.1
+- fix CVE-2006-1058 - BusyBox passwd command 
+  fails to generate password with salt (#187386)
+
 * Fri Feb 10 2006 Jesse Keating <jkeating at redhat.com> - 1:1.01-2.2.1
 - bump again for double-long bug on ppc(64)
 


Index: sources
===================================================================
RCS file: /cvs/dist/rpms/busybox/devel/sources,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- sources	1 Sep 2005 13:12:02 -0000	1.9
+++ sources	6 Apr 2006 12:21:29 -0000	1.10
@@ -1 +1 @@
-f250842dae2854a38470ed16a46bba66  busybox-1.01.tar.bz2
+ff1ade47255c643b68c9113c267ce712  busybox-1.1.1.tar.bz2


--- busybox-anaconda.patch DELETED ---


--- busybox-selinux.patch DELETED ---


--- busybox-static.patch DELETED ---




More information about the fedora-cvs-commits mailing list