[packages/shadow] up to 4.5
glen
glen at pld-linux.org
Wed May 17 22:17:43 CEST 2017
commit fb1d8215283e20083572f4f381f12081da465195
Author: Elan Ruusamäe <glen at delfi.ee>
Date: Wed May 17 23:07:46 2017 +0300
up to 4.5
https://github.com/shadow-maint/shadow/releases/tag/4.5
Changelog since 4.4:
* Patch from Tobias Stoeckmann fixing regression in previous CVE fix
preventing SIGTERM to su from being propagated to the job.
* Patch from Chris Lamb making sp_lstchg shadow field reproducible.
* Merge Russian translation updates from Yuri Kozlov
* Fix missing close of subuid file on error
* Merge patch by Tobias Stoeckmann <tobias at stoeckmann.org> to fix
the equivalent of util-linux CVE-2017-2616.
* Update Kazakh translations
* Consult configuration before calculating subuids
* Remove misplaced semicolon
* Patch from Fedora to improve performance with SSSD, Winbind,
or nss_ldap. (Tomas Mraz)
* Make sure knowndef_table is NULL-terminated. (Bernhard Rosenkränzer)
* Drop leading underscore from _COMMONIO_H and _SHADOWIO_H
* Fix readability in usermod error messages.
* Reset user in tallylog
* Add audit support to su
* Use sizeof rather than hardcoding snprintf args
* Fix useradd improper default loading
* Update Vietnamese translations
* Update Polish translations
* Remove non-POSIX chmod option in Makefile
* Fix suidubins assignments
* Fix --add-subuids etc spelling in manpages
* Audit homedir ownership change.
* Print error on selinux file context update failure
* Keep original file perms when creating a backup
shadow-pld.patch | 48 ++++++++++++++++++++++++++----------------------
shadow.spec | 9 ++++-----
su.patch | 51 ---------------------------------------------------
3 files changed, 30 insertions(+), 78 deletions(-)
---
diff --git a/shadow.spec b/shadow.spec
index 99201fe..dc6b4c2 100644
--- a/shadow.spec
+++ b/shadow.spec
@@ -33,15 +33,15 @@ Summary(pl.UTF-8): Narzędzia do obsługi mechanizmu ukrytych haseł
Summary(pt_BR.UTF-8): Utilitários para o arquivo de senhas Shadow
Summary(tr.UTF-8): Gölge parola dosyası araçları
Name: shadow
-Version: 4.4
+Version: 4.5
#BuildRequires: useradd -g is broken, use pwdutils, or fix it:
# http://zie.pg.gda.pl/mailman/pipermail/shadow/2006-September/000395.html
Release: 0.1
Epoch: 1
License: BSD
Group: Applications/System
-Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/%{name}-%{version}.tar.gz
-# Source0-md5: 014062a24c2ba450f85d7bd1147a8528
+Source0: https://github.com/shadow-maint/shadow/releases/download/%{version}/%{name}-%{version}.tar.xz
+# Source0-md5: c350da50c2120de6bb29177699d89fe3
Source2: %{name}-login.defs
Source3: %{name}.useradd
Source10: chage.pamd
@@ -61,7 +61,6 @@ Source23: usermod.pamd
Patch0: %{name}-pld.patch
# allow names with upper case letters or containing dot in the middle
Patch1: %{name}-goodname.patch
-Patch2: su.patch
URL: https://github.com/shadow-maint/shadow
BuildRequires: acl-devel
BuildRequires: attr-devel
@@ -146,10 +145,10 @@ utilitários e senhas shadow em geral.
%setup -q
%patch0 -p1
%patch1 -p1
-%patch2 -p1
%build
%configure \
+ --disable-silent-rules \
--bindir=/bin \
--sbindir=/sbin \
%{?with_shared:--enable-shared --disable-static} \
diff --git a/shadow-pld.patch b/shadow-pld.patch
index 0f0837b..69836c2 100644
--- a/shadow-pld.patch
+++ b/shadow-pld.patch
@@ -23,25 +23,29 @@
static uid_t user_id;
static gid_t user_gid;
static const char *user_comment = "";
---- shadow-4.1.5.1/libmisc/find_new_gid.c~ 2011-07-29 17:38:23.000000000 +0200
-+++ shadow-4.1.5.1/libmisc/find_new_gid.c 2012-12-14 14:03:45.355638812 +0100
-@@ -68,7 +68,7 @@
- return -1;
- }
- } else {
-- gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL);
-+ gid_min = (gid_t) getdef_ulong ("SYS_GID_MIN", 10UL);
- gid_max = (gid_t) getdef_ulong ("GID_MIN", 1000UL) - 1;
- gid_max = (gid_t) getdef_ulong ("SYS_GID_MAX", (unsigned long) gid_max);
- if (gid_max < gid_min) {
---- shadow-4.1.5.1/libmisc/find_new_uid.c~ 2011-07-29 17:39:16.000000000 +0200
-+++ shadow-4.1.5.1/libmisc/find_new_uid.c 2012-12-14 14:03:29.645639367 +0100
-@@ -68,7 +68,7 @@
- return -1;
- }
- } else {
-- uid_min = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL);
-+ uid_min = (uid_t) getdef_ulong ("SYS_UID_MIN", 1UL);
- uid_max = (uid_t) getdef_ulong ("UID_MIN", 1000UL) - 1;
- uid_max = (uid_t) getdef_ulong ("SYS_UID_MAX", (unsigned long) uid_max);
- if (uid_max < uid_min) {
+--- shadow-4.5/libmisc/find_new_gid.c~ 2017-01-29 22:37:22.000000000 +0200
++++ shadow-4.5/libmisc/find_new_gid.c 2017-05-17 23:13:32.785253060 +0300
+@@ -61,8 +61,8 @@
+ /* A requested ID is allowed to be below the autoselect range */
+ *preferred_min = (gid_t) 1;
+
+- /* Get the minimum ID range from login.defs or default to 101 */
+- *min_id = (gid_t) getdef_ulong ("SYS_GID_MIN", 101UL);
++ /* Get the minimum ID range from login.defs or default to 10 */
++ *min_id = (gid_t) getdef_ulong ("SYS_GID_MIN", 10UL);
+
+ /*
+ * If SYS_GID_MAX is unspecified, we should assume it to be one
+--- shadow-4.5/libmisc/find_new_uid.c~ 2017-01-29 22:37:22.000000000 +0200
++++ shadow-4.5/libmisc/find_new_uid.c 2017-05-17 23:10:38.366687971 +0300
+@@ -61,8 +61,8 @@
+ /* A requested ID is allowed to be below the autoselect range */
+ *preferred_min = (uid_t) 1;
+
+- /* Get the minimum ID range from login.defs or default to 101 */
+- *min_id = (uid_t) getdef_ulong ("SYS_UID_MIN", 101UL);
++ /* Get the minimum ID range from login.defs or default to 1 */
++ *min_id = (uid_t) getdef_ulong ("SYS_UID_MIN", 1UL);
+
+ /*
+ * If SYS_UID_MAX is unspecified, we should assume it to be one
diff --git a/su.patch b/su.patch
deleted file mode 100644
index 832d411..0000000
--- a/su.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-
-https://github.com/shadow-maint/shadow/issues/32
-
-From 67d2bb6e0a5ac124ce1f026dd5723217b1493194 Mon Sep 17 00:00:00 2001
-From: Serge Hallyn <serge at hallyn.com>
-Date: Sun, 18 Sep 2016 21:31:18 -0500
-Subject: [PATCH] su.c: fix missing length argument to snprintf
-
----
- src/su.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/su.c b/src/su.c
-index 0c50a94..93ffd2f 100644
---- a/src/su.c
-+++ b/src/su.c
-@@ -373,8 +373,8 @@ static void prepare_pam_close_session (void)
- stderr);
- (void) kill (-pid_child, caught);
-
-- snprintf (kill_msg, _(" ...killed.\n"));
-- snprintf (wait_msg, _(" ...waiting for child to terminate.\n"));
-+ snprintf (kill_msg, 256, _(" ...killed.\n"));
-+ snprintf (wait_msg, 256, _(" ...waiting for child to terminate.\n"));
-
- (void) signal (SIGALRM, kill_child);
- (void) alarm (2);
-From 924cc346475dea7dc394316cd7c3d5d0414e538e Mon Sep 17 00:00:00 2001
-From: Adam Sampson <ats at offog.org>
-Date: Thu, 15 Sep 2016 16:54:42 +0100
-Subject: [PATCH] Use sizeof rather than hardcoding snprintf's size argument.
-
----
- src/su.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/su.c b/src/su.c
-index 93ffd2f..d605af8 100644
---- a/src/su.c
-+++ b/src/su.c
-@@ -373,8 +373,8 @@ static void prepare_pam_close_session (void)
- stderr);
- (void) kill (-pid_child, caught);
-
-- snprintf (kill_msg, 256, _(" ...killed.\n"));
-- snprintf (wait_msg, 256, _(" ...waiting for child to terminate.\n"));
-+ snprintf (kill_msg, sizeof kill_msg, _(" ...killed.\n"));
-+ snprintf (wait_msg, sizeof wait_msg, _(" ...waiting for child to terminate.\n"));
-
- (void) signal (SIGALRM, kill_child);
- (void) alarm (2);
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/shadow.git/commitdiff/fb1d8215283e20083572f4f381f12081da465195
More information about the pld-cvs-commit
mailing list