diff --git a/shadow-4.9-salt-remove-rounds.patch b/shadow-4.9-salt-remove-rounds.patch new file mode 100644 index 0000000..27c8986 --- /dev/null +++ b/shadow-4.9-salt-remove-rounds.patch @@ -0,0 +1,14 @@ +diff -up shadow-4.9/libmisc/salt.c.salt-remove-rounds shadow-4.9/libmisc/salt.c +--- shadow-4.9/libmisc/salt.c.salt-remove-rounds 2024-11-04 10:36:46.063856730 +0100 ++++ shadow-4.9/libmisc/salt.c 2024-11-04 10:40:40.890708080 +0100 +@@ -528,6 +528,10 @@ static /*@observer@*/const char *gensalt + result[salt_len] = '\0'; + } + ++ if (strstr(result, "rounds=") != NULL) { ++ result[3] = '\0'; ++ } ++ + char *retval = crypt_gensalt (result, rounds, NULL, 0); + + /* Should not happen, but... */ diff --git a/shadow-utils.spec b/shadow-utils.spec index 402ac4b..e3a3a83 100644 --- a/shadow-utils.spec +++ b/shadow-utils.spec @@ -1,7 +1,7 @@ Summary: Utilities for managing accounts and shadow password files Name: shadow-utils Version: 4.9 -Release: 10%{?dist} +Release: 11%{?dist} Epoch: 2 License: BSD and GPLv2+ URL: https://github.com/shadow-maint/shadow @@ -82,6 +82,7 @@ Patch29: shadow-4.9-skip-over-reserved-ids.patch Patch30: shadow-4.9-gpasswd-fix-password-leak.patch # Downstream only patch Patch31: shadow-4.9-disable-sssd.patch +Patch32: shadow-4.9-salt-remove-rounds.patch ### Dependencies ### Requires: audit-libs >= 1.6.5 @@ -174,6 +175,7 @@ Development files for shadow-utils-subid. %patch29 -p1 -b .skip-over-reserved-ids %patch30 -p1 -b .gpasswd-fix-password-leak %patch31 -p1 -b .disable-sssd +%patch32 -p1 -b .salt-remove-rounds iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 cp -f doc/HOWTO.utf8 doc/HOWTO @@ -344,6 +346,9 @@ rm -f $RPM_BUILD_ROOT/%{_libdir}/libsubid.la %{_libdir}/libsubid.so %changelog +* Mon Nov 4 2024 Iker Pedrosa - 2:4.9-11 +- salt: remove rounds from salt string. Resolves: RHEL-58978 + * Fri Sep 13 2024 Iker Pedrosa - 2:4.9-10 - Disable sssd integration by default. Resolves: RHEL-56352