01/01: gnu: util-linux: Fix CVE-2017-2616.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: gnu: util-linux: Fix CVE-2017-2616.

From:	Leo Famulari
Subject:	01/01: gnu: util-linux: Fix CVE-2017-2616.
Date:	Thu, 23 Feb 2017 15:02:05 -0500 (EST)

lfam pushed a commit to branch master
in repository guix.

commit 1d311009fe34a7b22814cc6a3386375ff9142d51
Author: Leo Famulari <address@hidden>
Date:   Thu Feb 23 14:49:47 2017 -0500

    gnu: util-linux: Fix CVE-2017-2616.
    
    * gnu/packages/patches/util-linux-CVE-2017-2616.patch: New file.
    * gnu/local.mk (dist_patch_DATA): Add it.
    * gnu/packages/linux.scm (util-linux)[replacement]: New field.
    (util-linux/fixed): New variable.
---
 gnu/local.mk                                       |  1 +
 gnu/packages/linux.scm                             | 12 ++++
 .../patches/util-linux-CVE-2017-2616.patch         | 65 ++++++++++++++++++++++
 3 files changed, 78 insertions(+)

diff --git a/gnu/local.mk b/gnu/local.mk
index 2954549..515b154 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -953,6 +953,7 @@ dist_patch_DATA =                                           
\
   %D%/packages/patches/unzip-overflow-long-fsize.patch         \
   %D%/packages/patches/unzip-remove-build-date.patch           \
   %D%/packages/patches/util-linux-tests.patch                  \
+  %D%/packages/patches/util-linux-CVE-2017-2616.patch          \
   %D%/packages/patches/upower-builddir.patch                   \
   %D%/packages/patches/valgrind-enable-arm.patch               \
   %D%/packages/patches/vdirsyncer-test-suite-slow-machines.patch       \
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index a6c564b..304c9f0 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -495,6 +495,7 @@ providing the system administrator with some help in common 
tasks.")
 (define-public util-linux
   (package
     (name "util-linux")
+    (replacement util-linux/fixed)
     (version "2.28.1")
     (source (origin
               (method url-fetch)
@@ -575,6 +576,17 @@ block devices, UUIDs, TTYs, and many other tools.")
     (license (list license:gpl3+ license:gpl2+ license:gpl2 license:lgpl2.0+
                    license:bsd-4 license:public-domain))))
 
+(define util-linux/fixed
+  (package
+    (inherit util-linux)
+    (source
+      (origin
+        (inherit (package-source util-linux))
+        (patches
+          (append
+            (origin-patches (package-source util-linux))
+            (search-patches "util-linux-CVE-2017-2616.patch")))))))
+
 (define-public procps
   (package
     (name "procps")
diff --git a/gnu/packages/patches/util-linux-CVE-2017-2616.patch 
b/gnu/packages/patches/util-linux-CVE-2017-2616.patch
new file mode 100644
index 0000000..2c82fb0
--- /dev/null
+++ b/gnu/packages/patches/util-linux-CVE-2017-2616.patch
@@ -0,0 +1,65 @@
+Fix CVE-2017-2616:
+
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616
+http://seclists.org/oss-sec/2017/q1/474
+
+Patch copied from upstream source repository:
+
+https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=dffab154d29a288aa171ff50263ecc8f2e14a891
+
+From b018571132cb8c9fece3d75ed240cc74cdb5f0f7 Mon Sep 17 00:00:00 2001
+From: Karel Zak <address@hidden>
+Date: Wed, 1 Feb 2017 11:58:09 +0100
+Subject: [PATCH] su: properly clear child PID
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Reported-by: Tobias Stöckmann <address@hidden>
+Signed-off-by: Karel Zak <address@hidden>
+---
+ login-utils/su-common.c | 14 ++++++++++----
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/login-utils/su-common.c b/login-utils/su-common.c
+index 0ea4e40bd..b1720f037 100644
+--- a/login-utils/su-common.c
++++ b/login-utils/su-common.c
+@@ -376,6 +376,9 @@ create_watching_parent (void)
+             }
+           else
+             status = WEXITSTATUS (status);
++
++        /* child is gone, don't use the PID anymore */
++        child = (pid_t) -1;
+         }
+       else if (caught_signal)
+         status = caught_signal + 128;
+@@ -385,7 +388,7 @@ create_watching_parent (void)
+   else
+     status = 1;
+ 
+-  if (caught_signal)
++  if (caught_signal && child != (pid_t)-1)
+     {
+       fprintf (stderr, _("\nSession terminated, killing shell..."));
+       kill (child, SIGTERM);
+@@ -395,9 +398,12 @@ create_watching_parent (void)
+ 
+   if (caught_signal)
+     {
+-      sleep (2);
+-      kill (child, SIGKILL);
+-      fprintf (stderr, _(" ...killed.\n"));
++      if (child != (pid_t)-1)
++      {
++        sleep (2);
++        kill (child, SIGKILL);
++        fprintf (stderr, _(" ...killed.\n"));
++      }
+ 
+       /* Let's terminate itself with the received signal.
+        *
+-- 
+2.11.1
+

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (1c851cb -> 1d31100), Leo Famulari, 2017/02/23
- 01/01: gnu: util-linux: Fix CVE-2017-2616., Leo Famulari <=

Prev by Date: branch master updated (1c851cb -> 1d31100)
Next by Date: branch master updated (1d31100 -> a20b084)
Previous by thread: branch master updated (1c851cb -> 1d31100)
Next by thread: branch master updated (1d31100 -> a20b084)
Index(es):
- Date
- Thread