rpms/libuser
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Update to libuser-0.59 (CVE-2012-5630, CVE-2012-5644)

Browse Source
This commit is contained in:
Miloslav Trmač 2013-03-29 15:58:25 +01:00
parent e24a4214d2
commit f44715d5f9
4 changed files with 9 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -10,3 +10,4 @@ libuser-0.56.16.tar.xz
/libuser-0.57.6.tar.xz
/libuser-0.57.7.tar.xz
/libuser-0.58.tar.xz
/libuser-0.59.tar.xz

49
libuser-force-secure-getenv.patch
View File

@ -1,49 +0,0 @@
diff --git a/configure.in b/configure.in
index b9692c8..28364c3 100644
--- a/configure.in
+++ b/configure.in
@@ -13,6 +13,7 @@ AC_CHECK_PROG([YACC], [bison -y], [bison -y], [:])
AC_PATH_PROG([NSCD], [nscd], [/usr/sbin/nscd],
[$PATH$PATH_SEPARATOR/usr/sbin$PATH_SEPARATOR/sbin])
AC_ARG_VAR([NSCD], [Path to nscd])
+AC_USE_SYSTEM_EXTENSIONS
LT_INIT([disable-static])
@@ -115,7 +116,7 @@ AC_TYPE_MODE_T
AC_TYPE_OFF_T
AC_TYPE_SIZE_T
-AC_CHECK_FUNCS_ONCE([__secure_getenv])
+AC_CHECK_FUNCS([__secure_getenv secure_getenv])
# Modify CFLAGS after all tests are run (some of them could fail because
# of the -Werror).
diff --git a/lib/config.c b/lib/config.c
index 1b30f97..29e7120 100644
--- a/lib/config.c
+++ b/lib/config.c
@@ -40,8 +40,12 @@
* from the libuser configuration.
*/
-#ifdef HAVE___SECURE_GETENV
-#define getenv(string) __secure_getenv(string)
+#if defined(HAVE_SECURE_GETENV)
+# define safe_getenv(string) secure_getenv(string)
+#elif defined(HAVE___SECURE_GETENV)
+# define safe_getenv(string) __secure_getenv(string)
+#else
+# error Neither secure_getenv not __secure_getenv are available
#endif
struct config_config {
@@ -266,7 +270,7 @@ lu_cfg_init(struct lu_context *context, struct lu_error **error)
if ((getuid() == geteuid()) && (getgid() == getegid())) {
const char *t;
- t = getenv("LIBUSER_CONF");
+ t = safe_getenv("LIBUSER_CONF");
if (t != NULL)
filename = t;
}

23
libuser.spec
View File

@ -1,22 +1,18 @@
%{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}
Name: libuser
Version: 0.58
Release: 2%{?dist}
Version: 0.59
Release: 1%{?dist}
Group: System Environment/Base
License: LGPLv2+
URL: https://fedorahosted.org/libuser/
# Upstream commit 51e9d56ed656c3aeceb39b7de5a1db7d976d4e51
Patch0: libuser-force-secure-getenv.patch
Source: https://fedorahosted.org/releases/l/i/libuser/libuser-%{version}.tar.xz
BuildRequires: glib2-devel, linuxdoc-tools, pam-devel, popt-devel, python2-devel
BuildRequires: cyrus-sasl-devel, libselinux-devel, openldap-devel
# To make sure the configure script can find it
BuildRequires: nscd
# For %%check
BuildRequires: openldap-clients, openldap-servers, openssl
# For regenerating autoconf/automake files
BuildRequires: gtk-doc, libtool, gettext-devel, automake, autoconf
BuildRequires: fakeroot, openldap-clients, openldap-servers, openssl
Summary: A user and group account administration library
%description
@ -49,17 +45,8 @@ administering user and group accounts.
%prep
%setup -q
%patch0 -p1 -b .force_secure_getenv
%build
# Copied from upstream autogen.sh
gtkdocize --docdir docs/reference
libtoolize --force
autopoint
aclocal -I m4
autoconf -Wall
autoheader -Wall
automake -Wall --add-missing
%configure --with-selinux --with-ldap --with-html-dir=%{_datadir}/gtk-doc/html
make
@ -109,6 +96,10 @@ python -c "import libuser"
%{_datadir}/gtk-doc/html/*
%changelog
* Thu Mar 28 2013 Miloslav Trmač <mitr@redhat.com> - 0.59-1
- Update to libuser-0.59 (CVE-2012-5630, CVE-2012-5644)
Resolves: #928846
* Mon Feb 4 2013 Miloslav Trmač <mitr@redhat.com> - 0.58-2
- Always use secure_getenv() or __secure_getenv(), fail build if neither is
available. Patch by Viktor Hercinger <vhercing@redhat.com>.

2
sources
View File

@ -1 +1 @@
1fc3ef3f3a3955b2d78562ff4daed793 libuser-0.58.tar.xz
22835cbfec894b1e9491845ed5023244 libuser-0.59.tar.xz