From 0f317e9fbde341549c0cd7c3d43742739d123c97 Mon Sep 17 00:00:00 2001 From: Rosen Penev Date: Tue, 24 Nov 2020 16:52:51 -0800 Subject: [PATCH] libpam: update to 1.5.0 Fixes CVE-2020-27780 Removed upstreamed patches. Signed-off-by: Rosen Penev --- libs/libpam/Makefile | 4 +- libs/libpam/patches/010-crypt.patch | 35 ------- libs/libpam/patches/020-fgetpwent_r.patch | 110 ---------------------- 3 files changed, 2 insertions(+), 147 deletions(-) delete mode 100644 libs/libpam/patches/010-crypt.patch delete mode 100644 libs/libpam/patches/020-fgetpwent_r.patch diff --git a/libs/libpam/Makefile b/libs/libpam/Makefile index d5a51b2b1..719ab826c 100644 --- a/libs/libpam/Makefile +++ b/libs/libpam/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libpam -PKG_VERSION:=1.4.0 +PKG_VERSION:=1.5.0 PKG_RELEASE:=1 PKG_SOURCE:=Linux-PAM-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://github.com/linux-pam/linux-pam/releases/download/v$(PKG_VERSION) -PKG_HASH:=cd6d928c51e64139be3bdb38692c68183a509b83d4f2c221024ccd4bcddfd034 +PKG_HASH:=02d39854b508fae9dc713f7733bbcdadbe17b50de965aedddd65bcb6cc7852c8 PKG_BUILD_DIR:=$(BUILD_DIR)/Linux-PAM-$(PKG_VERSION) PKG_MAINTAINER:=Nikos Mavrogiannopoulos diff --git a/libs/libpam/patches/010-crypt.patch b/libs/libpam/patches/010-crypt.patch deleted file mode 100644 index 705e80991..000000000 --- a/libs/libpam/patches/010-crypt.patch +++ /dev/null @@ -1,35 +0,0 @@ -From aef363c7e8e942224e6cffc4398366c6e5d31749 Mon Sep 17 00:00:00 2001 -From: Fabrice Fontaine -Date: Thu, 11 Jun 2020 00:04:32 +0200 -Subject: [PATCH] configure.ac: fix build failure when crypt() does not require - libcrypt - -Since commit 522246d20e4cd92fadc2d760228cb7e78cbeb4c5, the build fails -if "none required" is returned by AC_SEARCH_LIBS for libcrypt. - -Resolves: https://github.com/linux-pam/linux-pam/pull/235 -Fixes: http://autobuild.buildroot.org/results/92b3dd7c984d2b843ac9aacacd69eec99f28743e -Fixes: v1.4.0~228 ("Use cached 'crypt' library result correctly") - -Signed-off-by: Fabrice Fontaine ---- - configure.ac | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index ea08a7a3..c1862ea7 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -428,7 +428,11 @@ AS_IF([test "x$ac_cv_header_xcrypt_h" = "xyes"], - [crypt_libs="crypt"]) - - BACKUP_LIBS=$LIBS --AC_SEARCH_LIBS([crypt],[$crypt_libs], LIBCRYPT="${ac_cv_search_crypt}", LIBCRYPT="") -+AC_SEARCH_LIBS([crypt],[$crypt_libs]) -+case "$ac_cv_search_crypt" in -+ -l*) LIBCRYPT="$ac_cv_search_crypt" ;; -+ *) LIBCRYPT="" ;; -+esac - AC_CHECK_FUNCS(crypt_r crypt_gensalt_r) - LIBS=$BACKUP_LIBS - AC_SUBST(LIBCRYPT) diff --git a/libs/libpam/patches/020-fgetpwent_r.patch b/libs/libpam/patches/020-fgetpwent_r.patch deleted file mode 100644 index cc8042997..000000000 --- a/libs/libpam/patches/020-fgetpwent_r.patch +++ /dev/null @@ -1,110 +0,0 @@ ---- a/modules/pam_faillock/pam_faillock.c -+++ b/modules/pam_faillock/pam_faillock.c -@@ -348,42 +348,81 @@ set_conf_opt(pam_handle_t *pamh, struct options *opts, const char *name, const c - static int - check_local_user (pam_handle_t *pamh, const char *user) - { -- struct passwd pw, *pwp; -- char buf[16384]; -- int found = 0; -+ int rc; -+ size_t user_len; - FILE *fp; -- int errn; -+ char line[BUFSIZ]; - -- fp = fopen(PATH_PASSWD, "r"); -- if (fp == NULL) { -- pam_syslog(pamh, LOG_ERR, "unable to open %s: %m", -- PATH_PASSWD); -- return -1; -+ /* Validate the user name. */ -+ if ((user_len = strlen(user)) == 0) { -+ pam_syslog(pamh, LOG_NOTICE, "user name is not valid"); -+ return PAM_SERVICE_ERR; -+ } -+ -+ if (user_len > sizeof(line) - sizeof(":")) { -+ pam_syslog(pamh, LOG_NOTICE, "user name is too long"); -+ return PAM_SERVICE_ERR; -+ } -+ -+ if (strchr(user, ':') != NULL) { -+ /* -+ * "root:x" is not a local user name even if the passwd file -+ * contains a line starting with "root:x:". -+ */ -+ return PAM_PERM_DENIED; - } - -- for (;;) { -- errn = fgetpwent_r(fp, &pw, buf, sizeof (buf), &pwp); -- if (errn == ERANGE) { -- pam_syslog(pamh, LOG_WARNING, "%s contains very long lines; corrupted?", -- PATH_PASSWD); -+ /* Open the passwd file. */ -+ FILE *file_name = "/etc/passwd"; -+ if ((fp = fopen(file_name, "r")) == NULL) { -+ pam_syslog(pamh, LOG_ERR, "error opening %s: %m", file_name); -+ return PAM_SERVICE_ERR; -+ } -+ -+ /* -+ * Scan the file using fgets() instead of fgetpwent_r() because -+ * the latter is not flexible enough in handling long lines -+ * in passwd files. -+ */ -+ rc = PAM_PERM_DENIED; -+ while (fgets(line, sizeof(line), fp) != NULL) { -+ size_t line_len; -+ const char *str; -+ -+ /* -+ * Does this line start with the user name -+ * followed by a colon? -+ */ -+ if (strncmp(user, line, user_len) == 0 && -+ line[user_len] == ':') { -+ rc = PAM_SUCCESS; - break; - } -- if (errn != 0) -- break; -- if (strcmp(pwp->pw_name, user) == 0) { -- found = 1; -+ /* Has a newline been read? */ -+ line_len = strlen(line); -+ if (line_len < sizeof(line) - 1 || -+ line[line_len - 1] == '\n') { -+ /* Yes, continue with the next line. */ -+ continue; -+ } -+ -+ /* No, read till the end of this line first. */ -+ while ((str = fgets(line, sizeof(line), fp)) != NULL) { -+ line_len = strlen(line); -+ if (line_len == 0 || -+ line[line_len - 1] == '\n') { -+ break; -+ } -+ } -+ if (str == NULL) { -+ /* fgets returned NULL, we are done. */ - break; - } -+ /* Continue with the next line. */ - } - -- fclose (fp); -- -- if (errn != 0 && errn != ENOENT) { -- pam_syslog(pamh, LOG_ERR, "unable to enumerate local accounts: %m"); -- return -1; -- } else { -- return found; -- } -+ fclose(fp); -+ return rc; - } - - static int