[gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/files/, sys-apps/systemd/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

From: "Mike Gilbert" <floppym@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/files/, sys-apps/systemd/
Date: Tue, 24 Nov 2015 16:28:00 +0000 (UTC)	[thread overview]
Message-ID: <1448382369.7f59a94c88c938260171d6b5327ea8ae79a032c1.floppym@gentoo> (raw)

commit:     7f59a94c88c938260171d6b5327ea8ae79a032c1
Author:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
AuthorDate: Tue Nov 24 16:25:56 2015 +0000
Commit:     Mike Gilbert <floppym <AT> gentoo <DOT> org>
CommitDate: Tue Nov 24 16:26:09 2015 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7f59a94c

sys-apps/systemd: Backport fix for CVE-2015-7510

Bug: https://bugs.gentoo.org/566716

Package-Manager: portage-2.2.25_p7

 sys-apps/systemd/files/CVE-2015-7510.patch         | 37 ++++++++++++++++++++++
 ...systemd-226-r1.ebuild => systemd-226-r2.ebuild} |  1 +
 .../{systemd-228.ebuild => systemd-228-r1.ebuild}  |  1 +
 3 files changed, 39 insertions(+)

diff --git a/sys-apps/systemd/files/CVE-2015-7510.patch b/sys-apps/systemd/files/CVE-2015-7510.patch
new file mode 100644
index 0000000..088adbb
--- /dev/null
+++ b/sys-apps/systemd/files/CVE-2015-7510.patch
@@ -0,0 +1,37 @@
+From cb31827d62066a04b02111df3052949fda4b6888 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
+Date: Mon, 23 Nov 2015 13:59:43 -0500
+Subject: [PATCH] nss-mymachines: do not allow overlong machine names
+
+https://github.com/systemd/systemd/issues/2002
+---
+ src/nss-mymachines/nss-mymachines.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/nss-mymachines/nss-mymachines.c b/src/nss-mymachines/nss-mymachines.c
+index 969fa96..c98a959 100644
+--- a/src/nss-mymachines/nss-mymachines.c
++++ b/src/nss-mymachines/nss-mymachines.c
+@@ -416,6 +416,9 @@ enum nss_status _nss_mymachines_getpwnam_r(
+         if (!e || e == p)
+                 goto not_found;
+ 
++        if (e - p > HOST_NAME_MAX - 1) /* -1 for the last dash */
++                goto not_found;
++
+         r = parse_uid(e + 1, &uid);
+         if (r < 0)
+                 goto not_found;
+@@ -573,6 +576,9 @@ enum nss_status _nss_mymachines_getgrnam_r(
+         if (!e || e == p)
+                 goto not_found;
+ 
++        if (e - p > HOST_NAME_MAX - 1)  /* -1 for the last dash */
++                goto not_found;
++
+         r = parse_gid(e + 1, &gid);
+         if (r < 0)
+                 goto not_found;
+-- 
+2.6.3
+

diff --git a/sys-apps/systemd/systemd-226-r1.ebuild b/sys-apps/systemd/systemd-226-r2.ebuild
similarity index 99%
rename from sys-apps/systemd/systemd-226-r1.ebuild
rename to sys-apps/systemd/systemd-226-r2.ebuild
index 9a7bc96..10471ac 100644
--- a/sys-apps/systemd/systemd-226-r1.ebuild
+++ b/sys-apps/systemd/systemd-226-r2.ebuild
@@ -146,6 +146,7 @@ src_prepare() {
 	sed -i -e 's/GROUP="dialout"/GROUP="uucp"/' rules/*.rules || die
 	epatch "${FILESDIR}/218-Dont-enable-audit-by-default.patch"
 	epatch "${FILESDIR}/226-noclean-tmp.patch"
+	epatch "${FILESDIR}/CVE-2015-7510.patch"
 	epatch_user
 	eautoreconf
 }

diff --git a/sys-apps/systemd/systemd-228.ebuild b/sys-apps/systemd/systemd-228-r1.ebuild
similarity index 99%
rename from sys-apps/systemd/systemd-228.ebuild
rename to sys-apps/systemd/systemd-228-r1.ebuild
index 440c35f..1ca11da 100644
--- a/sys-apps/systemd/systemd-228.ebuild
+++ b/sys-apps/systemd/systemd-228-r1.ebuild
@@ -146,6 +146,7 @@ src_prepare() {
 	sed -i -e 's/GROUP="dialout"/GROUP="uucp"/' rules/*.rules || die
 	epatch "${FILESDIR}/218-Dont-enable-audit-by-default.patch"
 	epatch "${FILESDIR}/228-noclean-tmp.patch"
+	epatch "${FILESDIR}/CVE-2015-7510.patch"
 	epatch_user
 	eautoreconf
 }

next             reply	other threads:[~2015-11-24 16:28 UTC|newest]

Thread overview: 62+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-11-24 16:28 Mike Gilbert [this message]
  -- strict thread matches above, loose matches on Subject: below --
2024-09-26 19:15 [gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/files/, sys-apps/systemd/ Mike Gilbert
2024-04-29 17:27 Sam James
2023-12-28  3:53 Sam James
2023-07-06  8:15 Sam James
2023-05-05  4:13 Sam James
2023-04-29  3:50 Mike Gilbert
2023-01-30  2:14 Mike Gilbert
2023-01-13 20:06 Mike Gilbert
2023-01-13  5:33 Sam James
2023-01-11  7:50 Sam James
2022-10-15 18:57 Mike Gilbert
2022-10-14 21:18 Sam James
2022-09-18 15:52 Mike Gilbert
2022-08-02 23:40 Sam James
2022-05-24 22:35 Sam James
2022-05-23 18:35 Mike Gilbert
2022-05-21 22:22 Mike Gilbert
2022-05-07 18:32 Mike Gilbert
2022-04-30  0:30 Sam James
2022-04-28  1:26 Sam James
2022-01-15 15:41 Mike Gilbert
2022-01-13 16:29 Mike Gilbert
2021-10-26 15:00 Mike Gilbert
2021-07-20 19:19 Mike Gilbert
2021-07-11 14:41 Mike Gilbert
2021-06-20 17:33 Mike Gilbert
2021-04-27 18:16 Mike Gilbert
2021-03-17 14:19 Mike Gilbert
2020-11-03 15:48 Mike Gilbert
2020-10-14 19:15 Mike Gilbert
2020-09-24 14:51 Mike Gilbert
2020-08-22  1:56 Mike Gilbert
2020-07-06 14:05 Mike Gilbert
2020-06-11  2:29 Mike Gilbert
2020-03-09 21:22 Mike Gilbert
2020-01-26 17:19 Mike Gilbert
2020-01-07  7:19 Mike Gilbert
2019-09-03 15:27 Mike Gilbert
2019-07-31 14:06 Mike Gilbert
2019-06-17 16:19 Mike Gilbert
2019-05-23 12:26 Louis Sautier
2019-05-09 13:41 Mike Gilbert
2019-05-08 17:29 Mike Gilbert
2019-04-05 20:56 Mike Gilbert
2018-10-30 14:34 Mike Gilbert
2018-09-29 15:27 Mike Gilbert
2018-03-26 21:14 Pacho Ramos
2017-12-31  1:40 Mike Gilbert
2017-12-28 16:01 Mike Gilbert
2017-10-28 18:58 Mike Gilbert
2017-10-08 17:11 Mike Gilbert
2017-09-08 21:16 Mike Gilbert
2017-08-13 23:32 Mike Gilbert
2017-07-12 20:23 Mike Gilbert
2017-06-28 17:01 Mike Gilbert
2017-03-12 17:59 Mike Gilbert
2017-01-03 18:15 Mike Gilbert
2016-12-18 23:08 Mike Gilbert
2016-04-16 20:32 Mike Gilbert
2015-12-12 15:17 Mike Gilbert
2015-10-25  9:11 Michał Górny

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:088adbb dfblob:9a7bc96 dfblob:10471ac dfblob:440c35f
dfblob:1ca11da )
 OR (
bs:"[gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/files/, sys-apps/systemd/" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1448382369.7f59a94c88c938260171d6b5327ea8ae79a032c1.floppym@gentoo \
    --to=floppym@gentoo.org \
    --cc=gentoo-commits@lists.gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox