diff options
| author | William A. Kennington III <william@wkennington.com> | 2015-05-10 22:39:31 -0700 |
|---|---|---|
| committer | William A. Kennington III <william@wkennington.com> | 2015-05-10 22:39:31 -0700 |
| commit | 5a117814b8b223bebf3a07243020720167939bd2 (patch) | |
| tree | 3321e1ee1d0d8ad2f2c9e1bf01f0361e6252fd50 /pkgs/os-specific/linux/pam | |
| parent | df3d2010aeed12f007acee02e23b10dcf4c5ac84 (diff) | |
| download | nixpkgs-5a117814b8b223bebf3a07243020720167939bd2.tar nixpkgs-5a117814b8b223bebf3a07243020720167939bd2.tar.gz nixpkgs-5a117814b8b223bebf3a07243020720167939bd2.tar.bz2 nixpkgs-5a117814b8b223bebf3a07243020720167939bd2.tar.lz nixpkgs-5a117814b8b223bebf3a07243020720167939bd2.tar.xz nixpkgs-5a117814b8b223bebf3a07243020720167939bd2.tar.zst nixpkgs-5a117814b8b223bebf3a07243020720167939bd2.zip | |
pam: 1.1.8 -> 1.2.0
Diffstat (limited to 'pkgs/os-specific/linux/pam')
| -rw-r--r-- | pkgs/os-specific/linux/pam/CVE-2014-2583.patch | 49 | ||||
| -rw-r--r-- | pkgs/os-specific/linux/pam/default.nix | 9 |
2 files changed, 4 insertions, 54 deletions
diff --git a/pkgs/os-specific/linux/pam/CVE-2014-2583.patch b/pkgs/os-specific/linux/pam/CVE-2014-2583.patch deleted file mode 100644 index 25b1f7549fa..00000000000 --- a/pkgs/os-specific/linux/pam/CVE-2014-2583.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 9dcead87e6d7f66d34e7a56d11a30daca367dffb Mon Sep 17 00:00:00 2001 -From: "Dmitry V. Levin" <ldv@altlinux.org> -Date: Wed, 26 Mar 2014 22:17:23 +0000 -Subject: pam_timestamp: fix potential directory traversal issue (ticket #27) - -pam_timestamp uses values of PAM_RUSER and PAM_TTY as components of -the timestamp pathname it creates, so extra care should be taken to -avoid potential directory traversal issues. - -* modules/pam_timestamp/pam_timestamp.c (check_tty): Treat -"." and ".." tty values as invalid. -(get_ruser): Treat "." and ".." ruser values, as well as any ruser -value containing '/', as invalid. - -Fixes CVE-2014-2583. - -Reported-by: Sebastian Krahmer <krahmer@suse.de> - -diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c -index 5193733..b3f08b1 100644 ---- a/modules/pam_timestamp/pam_timestamp.c -+++ b/modules/pam_timestamp/pam_timestamp.c -@@ -158,7 +158,7 @@ check_tty(const char *tty) - tty = strrchr(tty, '/') + 1; - } - /* Make sure the tty wasn't actually a directory (no basename). */ -- if (strlen(tty) == 0) { -+ if (!strlen(tty) || !strcmp(tty, ".") || !strcmp(tty, "..")) { - return NULL; - } - return tty; -@@ -243,6 +243,17 @@ get_ruser(pam_handle_t *pamh, char *ruserbuf, size_t ruserbuflen) - if (pwd != NULL) { - ruser = pwd->pw_name; - } -+ } else { -+ /* -+ * This ruser is used by format_timestamp_name as a component -+ * of constructed timestamp pathname, so ".", "..", and '/' -+ * are disallowed to avoid potential path traversal issues. -+ */ -+ if (!strcmp(ruser, ".") || -+ !strcmp(ruser, "..") || -+ strchr(ruser, '/')) { -+ ruser = NULL; -+ } - } - if (ruser == NULL || strlen(ruser) >= ruserbuflen) { - *ruserbuf = '\0'; diff --git a/pkgs/os-specific/linux/pam/default.nix b/pkgs/os-specific/linux/pam/default.nix index 43b8204f50c..29cfa64b22d 100644 --- a/pkgs/os-specific/linux/pam/default.nix +++ b/pkgs/os-specific/linux/pam/default.nix @@ -1,15 +1,14 @@ { stdenv, fetchurl, flex, cracklib }: stdenv.mkDerivation rec { - name = "linux-pam-1.1.8"; + name = "linux-pam-${version}"; + version = "1.2.0"; src = fetchurl { - url = http://www.linux-pam.org/library/Linux-PAM-1.1.8.tar.bz2; - sha256 = "0m8ygb40l1c13nsd4hkj1yh4p1ldawhhg8pyjqj9w5kd4cxg5cf4"; + url = "http://www.linux-pam.org/library/Linux-PAM-${version}.tar.bz2"; + sha256 = "192y2fgf24a5qsg7rl1mzgw5axs5lg8kqamkfff2x50yjv2ym2yd"; }; - patches = [ ./CVE-2014-2583.patch ]; - nativeBuildInputs = [ flex ]; buildInputs = [ cracklib ]; |