rpms/util-linux/F-7 util-linux-2.13-mount-setuid.patch, NONE, 1.1 util-linux.spec, 1.157, 1.158
Karel Zak (kzak)
fedora-extras-commits at redhat.com
Mon Oct 8 13:31:01 UTC 2007
- Previous message (by thread): rpms/claws-mail-plugins/devel .cvsignore, 1.9, 1.10 claws-mail-plugins.spec, 1.20, 1.21 sources, 1.9, 1.10
- Next message (by thread): rpms/kdepim/F-7 kdepim-enterprise-svn_checkout.sh, NONE, 1.1 kdepim-xdg_open.patch, NONE, 1.1 .cvsignore, 1.35, 1.36 kdepim.spec, 1.128, 1.129 sources, 1.41, 1.42 cr16-app-kandy.png, 1.1, NONE cr32-app-kandy.png, 1.1, NONE cr48-app-kandy.png, 1.1, NONE kdepim-3.4.0-s390.patch, 1.1, NONE kdepim-3.4.92-libz.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: kzak
Update of /cvs/pkgs/rpms/util-linux/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv18722
Modified Files:
util-linux.spec
Added Files:
util-linux-2.13-mount-setuid.patch
Log Message:
* Mon Oct 8 2007 Karel Zak <kzak at redhat.com> 2.13-0.55
- fix #320131 - CVE-2007-5191 util-linux (u)mount doesn't drop privileges properly when calling helpers [F7]
util-linux-2.13-mount-setuid.patch:
--- NEW FILE util-linux-2.13-mount-setuid.patch ---
diff -up util-linux-2.13-pre7/mount/umount.c.kzak util-linux-2.13-pre7/mount/umount.c
--- util-linux-2.13-pre7/mount/umount.c.kzak 2007-10-08 15:22:38.000000000 +0200
+++ util-linux-2.13-pre7/mount/umount.c 2007-10-08 15:24:01.000000000 +0200
@@ -102,8 +102,12 @@ check_special_umountprog(const char *spe
char *umountargs[8];
int i = 0;
- setuid(getuid());
- setgid(getgid());
+ if(setgid(getgid()) < 0)
+ die(EX_FAIL, _("umount: cannot set group id: %s"), strerror(errno));
+
+ if(setuid(getuid()) < 0)
+ die(EX_FAIL, _("umount: cannot set user id: %s"), strerror(errno));
+
umountargs[i++] = umountprog;
umountargs[i++] = xstrdup(node);
if (nomtab)
diff -up util-linux-2.13-pre7/mount/mount.c.kzak util-linux-2.13-pre7/mount/mount.c
--- util-linux-2.13-pre7/mount/mount.c.kzak 2007-10-08 15:22:38.000000000 +0200
+++ util-linux-2.13-pre7/mount/mount.c 2007-10-08 15:24:01.000000000 +0200
@@ -600,8 +600,12 @@ check_special_mountprog(const char *spec
char *oo, *mountargs[11];
int i = 0;
- setuid(getuid());
- setgid(getgid());
+ if(setgid(getgid()) < 0)
+ die(EX_FAIL, _("mount: cannot set group id: %s"), strerror(errno));
+
+ if(setuid(getuid()) < 0)
+ die(EX_FAIL, _("mount: cannot set user id: %s"), strerror(errno));
+
oo = fix_opts_string (flags, extra_opts, NULL);
mountargs[i++] = mountprog;
mountargs[i++] = spec;
Index: util-linux.spec
===================================================================
RCS file: /cvs/pkgs/rpms/util-linux/F-7/util-linux.spec,v
retrieving revision 1.157
retrieving revision 1.158
diff -u -r1.157 -r1.158
--- util-linux.spec 8 Aug 2007 14:58:29 -0000 1.157
+++ util-linux.spec 8 Oct 2007 13:30:28 -0000 1.158
@@ -9,7 +9,7 @@
Summary: A collection of basic system utilities.
Name: util-linux
Version: 2.13
-Release: 0.54%{?dist}
+Release: 0.55%{?dist}
License: distributable
Group: System Environment/Base
@@ -264,6 +264,8 @@
Patch272: util-linux-2.13-blockdev-unsigned.patch
# backport MS_RELATIME
Patch273: util-linux-2.13-mount-relatime.patch
+# 320131 - CVE-2007-5191 util-linux (u)mount doesn't drop privileges properly when calling helpers [F7]
+Patch274: util-linux-2.13-mount-setuid.patch
%description
The util-linux package contains a large variety of low-level system
@@ -372,6 +374,7 @@
%patch271 -p1
%patch272 -p1
%patch273 -p1
+%patch274 -p1
%build
unset LINGUAS || :
@@ -785,6 +788,9 @@
/sbin/losetup
%changelog
+* Mon Oct 8 2007 Karel Zak <kzak at redhat.com> 2.13-0.55
+- fix #320131 - CVE-2007-5191 util-linux (u)mount doesn't drop privileges properly when calling helpers [F7]
+
* Wed Aug 8 2007 Karel Zak <kzak at redhat.com> 2.13-0.54
- backport mount relatime patch
- Previous message (by thread): rpms/claws-mail-plugins/devel .cvsignore, 1.9, 1.10 claws-mail-plugins.spec, 1.20, 1.21 sources, 1.9, 1.10
- Next message (by thread): rpms/kdepim/F-7 kdepim-enterprise-svn_checkout.sh, NONE, 1.1 kdepim-xdg_open.patch, NONE, 1.1 .cvsignore, 1.35, 1.36 kdepim.spec, 1.128, 1.129 sources, 1.41, 1.42 cr16-app-kandy.png, 1.1, NONE cr32-app-kandy.png, 1.1, NONE cr48-app-kandy.png, 1.1, NONE kdepim-3.4.0-s390.patch, 1.1, NONE kdepim-3.4.92-libz.patch, 1.1, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list