gentoo resync : 14.04.2018

author: V3n3RiX <venerix@redcorelinux.org> 2018-04-14 01:05:40 +0100
committer: V3n3RiX <venerix@redcorelinux.org> 2018-04-14 01:05:40 +0100
commit: 76cba73c47c8694e74377004634daca18f2d9c08 (patch)
tree: 468603ebdc189bcfae77696162761b3be936baea /sys-apps/shadow
parent: 6957f5c65b02bba533954eabc0b62f5de36be206 (diff)
5 files changed, 0 insertions, 174 deletions
diff --git a/sys-apps/shadow/Manifest b/sys-apps/shadow/Manifest
index ad8f03165658..3c41719e4157 100644
--- a/sys-apps/shadow/Manifest
+++ b/sys-apps/shadow/Manifest
@@ -2,10 +2,6 @@ AUX default/useradd 96 BLAKE2B 64b694bdff7f901e19ac21695e3b2eebeb5a03683be5a01e3
 AUX pam.d-include/passwd 144 BLAKE2B 95e159c70416218950ad5cdc41c83b52f8d2ec042d35c9908ca400bd57dcb234fb7691aa2a5a7646a379553aa6dee0dd96ee569aa492d7f20774e991a90f8602 SHA512 31611a08d97cd2c129f18d451a555ff6c781f91603c77fc0c66ff406b5fa4a97db19ae4ce104816a6324529d10e131de0d5329646bdab2abc8dc3ee5b82b057f
 AUX pam.d-include/shadow 152 BLAKE2B 82d1f678abc60586ea873da7e2f4907349d77a64085cc475fa09c47cb008b41a7a00a7de2816b2c5cb2f48452d1b07523be35f8dd29026736ba8fbd3ae3d7c56 SHA512 d07611c350d0d6f3386db5080c80a84e4135cf33e44fd3a390cb1092e034f9bd2a69495fadd4bda6ede9962e9658e77f2c8e12d3189cdcda6c7b3c607336f0c3
 AUX shadow-4.1.3-dots-in-usernames.patch 302 BLAKE2B a83f463be9267c3a704997b98d67cd0daddf8ee05debf447d091530517a855078bd53ce28c87045643b2b8c467dd09caad06a4eb0a6568c271e6a42b49a54dcc SHA512 ad20fb3f4f0292f39b5da796e41df71e9e8b1b81dd11a99b2d988440c1b435b0061333a0a5a37a909598d5a840a75946e8c59c74426bae7452de88cf673a5f7d
-AUX shadow-4.4-CVE-2017-2616.patch 2159 BLAKE2B e51b0c81392207d8e07dd6d4b8b16410a3e62b011eca15e41c5fb7658a7761ff622147416524eab64f51c97feced712ac92bc860d08ecc565ed13d17770b315a SHA512 72cba0857ac6611532a99769d22568816d21a29f77f76f9d22e6b5b400cb936088087e811e9715cb891c70a11c76321653611a2c49d85acb1b163158863634fe
-AUX shadow-4.4-load_defaults.patch 1027 BLAKE2B 632c18631d1218bed95a043e89a2599f008f8af87c230703c759acaab20768920cdfc21233ebd6a065553a92577a6e5a81f2a0d6d7cdecb9c16cacad4df4f22b SHA512 c821149fdcb71b0c1c7b0de72126a3ec625bd54f2edaff1666ccd30abe3f3d516db329dbe873ae020a6670f93caaf7d235283666113d5b02936043d6dd976d36
-AUX shadow-4.4-prototypes.patch 1232 BLAKE2B 757a6db113b6873994dcacfd6867a14e7d35def2d4ba6749b887f28cf7278117722bda2c8b981e23694dafcc25d6f2d7cd9531aeb3d3eb597c9b822729678dc2 SHA512 970f79efaf77e91baa22049230f2a97e6a045f2f03ef846f4c35dc4f5702941e61db5b6544c24d112faafd6d516fc5054725039f28fe81e17926a5e8ef6f0432
-AUX shadow-4.4-su-snprintf.patch 849 BLAKE2B 62cb1498bd79991373b1bc8241a07dfcd731ebba7a39406958b30bd0287c8acab65a9a22bcee8ba95073e36c7a8d0b1931b988b4b5963041f61db9ef4c5dbdeb SHA512 2aaa1c847ec34002c6e63af66fb36664e0fc5dc0b719ab38959043f990e84191f5e2f85c2dc44e324abcfe67691c9a9b8181da49077031e2eaaf979dde95b2d9
 AUX shadow-4.5-CVE-2018-7169.patch 5778 BLAKE2B 59e06cda2d3b48d77548c22073f9c4ce018c16bdd128089ce6ae6d8eebe1ad9b73438530fb32b628bc5e72201852b7c452264a13707bcbfa826777b778a7b90b SHA512 fef082516e47ee4e3d9627916c47ffb8e1987580586639374d461b7b9d041370abe5b80dbbfacd4fd256a1bc2f9d23e0e71497298dd60ccd96d795811a13cd58
 DIST shadow-4.5.tar.gz 3804933 BLAKE2B c4714b7fe9a1af5a5751d4274e70e7fb31994cc40058b44c401bbbdf83c238fcf48e6e6e663d8a61f614b6291ea524862d9d2425d7d839340a10f8fb7c8eaa85 SHA512 02d6482a1159689e404dd49a68b4e2db85e9ffdcdfbacc8efcbd9043f14a1ec3fc4d749700df915d375df67d589219b6b0f57a6cfd9fb5b197012888a608913b
 EBUILD shadow-4.5-r1.ebuild 5405 BLAKE2B 7518b3700adf543a619413066415f64959a50efbbe669b28622e8d2d4cd749705b256c62e3ba73a88e6f3c0d6c195c87c377e7541e165ccbf4328ec5f4b1b0df SHA512 a50352c9b189d5265e921e977acff5c96dedef2634b046f66b376e6d6e2fdab40b629e453695a3153dd1edb13740e94d6d205daed544b3bba885fd35dbb7251e
diff --git a/sys-apps/shadow/files/shadow-4.4-CVE-2017-2616.patch b/sys-apps/shadow/files/shadow-4.4-CVE-2017-2616.patch
deleted file mode 100644
index b788ec35342f..000000000000
--- a/sys-apps/shadow/files/shadow-4.4-CVE-2017-2616.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From 08fd4b69e84364677a10e519ccb25b71710ee686 Mon Sep 17 00:00:00 2001
-From: Tobias Stoeckmann <tobias@stoeckmann.org>
-Date: Thu, 23 Feb 2017 09:47:29 -0600
-Subject: [PATCH] su: properly clear child PID
-
-If su is compiled with PAM support, it is possible for any local user
-to send SIGKILL to other processes with root privileges. There are
-only two conditions. First, the user must be able to perform su with
-a successful login. This does NOT have to be the root user, even using
-su with the same id is enough, e.g. "su $(whoami)". Second, SIGKILL
-can only be sent to processes which were executed after the su process.
-It is not possible to send SIGKILL to processes which were already
-running. I consider this as a security vulnerability, because I was
-able to write a proof of concept which unlocked a screen saver of
-another user this way.
----
- src/su.c | 19 +++++++++++++++++--
- 1 file changed, 17 insertions(+), 2 deletions(-)
-
-diff --git a/src/su.c b/src/su.c
-index f20d230..d86aa86 100644
---- a/src/su.c
-+++ b/src/su.c
-@@ -379,11 +379,13 @@ static void prepare_pam_close_session (void)
- 				/* wake child when resumed */
- 				kill (pid, SIGCONT);
- 				stop = false;
-+			} else {
-+				pid_child = 0;
- 			}
- 		} while (!stop);
- 	}
- 
--	if (0 != caught) {
-+	if (0 != caught && 0 != pid_child) {
- 		(void) fputs ("\n", stderr);
- 		(void) fputs (_("Session terminated, terminating shell..."),
- 		              stderr);
-@@ -393,9 +395,22 @@ static void prepare_pam_close_session (void)
- 		snprintf (wait_msg, sizeof wait_msg, _(" ...waiting for child to terminate.\n"));
- 
- 		(void) signal (SIGALRM, kill_child);
-+		(void) signal (SIGCHLD, catch_signals);
- 		(void) alarm (2);
- 
--		(void) wait (&status);
-+		sigemptyset (&ourset);
-+		if ((sigaddset (&ourset, SIGALRM) != 0)
-+		    || (sigprocmask (SIG_BLOCK, &ourset, NULL) != 0)) {
-+			fprintf (stderr, _("%s: signal masking malfunction\n"), Prog);
-+			kill_child (0);
-+		} else {
-+			while (0 == waitpid (pid_child, &status, WNOHANG)) {
-+				sigsuspend (&ourset);
-+			}
-+			pid_child = 0;
-+			(void) sigprocmask (SIG_UNBLOCK, &ourset, NULL);
-+		}
-+
- 		(void) fputs (_(" ...terminated.\n"), stderr);
- 	}
- 
diff --git a/sys-apps/shadow/files/shadow-4.4-load_defaults.patch b/sys-apps/shadow/files/shadow-4.4-load_defaults.patch
deleted file mode 100644
index 4c0b84f68036..000000000000
--- a/sys-apps/shadow/files/shadow-4.4-load_defaults.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 507f96cdeb54079fb636c7ce21e371f7a16a520e Mon Sep 17 00:00:00 2001
-From: Tomas Mraz <tmraz@fedoraproject.org>
-Date: Thu, 25 Aug 2016 11:20:34 +0200
-Subject: [PATCH] Fix regression in useradd not loading defaults properly.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The get_defaults() has to be called before processing the flags.
-
-Signed-off-by: Tomáš Mráz <tmraz@fedoraproject.org>
----
- src/useradd.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/useradd.c b/src/useradd.c
-index fefa234..6c43e7e 100644
---- a/src/useradd.c
-+++ b/src/useradd.c
-@@ -2027,6 +2027,8 @@ int main (int argc, char **argv)
- 	is_shadow_grp = sgr_file_present ();
- #endif
- 
-+	get_defaults ();
-+
- 	process_flags (argc, argv);
- 
- #ifdef ENABLE_SUBIDS
-@@ -2036,8 +2038,6 @@ int main (int argc, char **argv)
- 	    (!user_id || (user_id <= uid_max && user_id >= uid_min));
- #endif				/* ENABLE_SUBIDS */
- 
--	get_defaults ();
--
- #ifdef ACCT_TOOLS_SETUID
- #ifdef USE_PAM
- 	{
diff --git a/sys-apps/shadow/files/shadow-4.4-prototypes.patch b/sys-apps/shadow/files/shadow-4.4-prototypes.patch
deleted file mode 100644
index 5209a2988f7b..000000000000
--- a/sys-apps/shadow/files/shadow-4.4-prototypes.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-https://github.com/shadow-maint/shadow/pull/53
-
-From 32c0b283ef5d68b63e4ec05fb22ed0db938fea67 Mon Sep 17 00:00:00 2001
-From: Mike Frysinger <vapier@gentoo.org>
-Date: Mon, 5 Dec 2016 17:15:29 -0500
-Subject: [PATCH] include getdef.h for getdef_bool prototype
-
-Otherwise we get build warnings like:
-sgroupio.c:255:6: warning: implicit declaration of function 'getdef_bool' [-Wimplicit-function-declaration]
-shadowio.c:131:6: warning: implicit declaration of function 'getdef_bool' [-Wimplicit-function-declaration]
----
- lib/sgroupio.c | 1 +
- lib/shadowio.c | 1 +
- 2 files changed, 2 insertions(+)
-
-diff --git a/lib/sgroupio.c b/lib/sgroupio.c
-index f2685779a12b..5423626a01da 100644
---- a/lib/sgroupio.c
-+++ b/lib/sgroupio.c
-@@ -40,6 +40,7 @@
- #include "prototypes.h"
- #include "defines.h"
- #include "commonio.h"
-+#include "getdef.h"
- #include "sgroupio.h"
- 
- /*@null@*/ /*@only@*/struct sgrp *__sgr_dup (const struct sgrp *sgent)
-diff --git a/lib/shadowio.c b/lib/shadowio.c
-index 6e44ab24d69c..5fa3d312bbf9 100644
---- a/lib/shadowio.c
-+++ b/lib/shadowio.c
-@@ -40,6 +40,7 @@
- #include <shadow.h>
- #include <stdio.h>
- #include "commonio.h"
-+#include "getdef.h"
- #include "shadowio.h"
- #ifdef WITH_TCB
- #include <tcb.h>
--- 
-2.11.0.rc2
-
diff --git a/sys-apps/shadow/files/shadow-4.4-su-snprintf.patch b/sys-apps/shadow/files/shadow-4.4-su-snprintf.patch
deleted file mode 100644
index 45667c8e4bf9..000000000000
--- a/sys-apps/shadow/files/shadow-4.4-su-snprintf.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-fix from upstream
-
-From 67d2bb6e0a5ac124ce1f026dd5723217b1493194 Mon Sep 17 00:00:00 2001
-From: Serge Hallyn <serge@hallyn.com>
-Date: Sun, 18 Sep 2016 21:31:18 -0500
-Subject: [PATCH] su.c: fix missing length argument to snprintf
-
----
- src/su.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/su.c b/src/su.c
-index 0c50a9456afd..93ffd2fbe2b4 100644
---- a/src/su.c
-+++ b/src/su.c
-@@ -373,8 +373,8 @@ static void prepare_pam_close_session (void)
- 		              stderr);
- 		(void) kill (-pid_child, caught);
- 
--		snprintf (kill_msg, _(" ...killed.\n"));
--		snprintf (wait_msg, _(" ...waiting for child to terminate.\n"));
-+		snprintf (kill_msg, 256, _(" ...killed.\n"));
-+		snprintf (wait_msg, 256, _(" ...waiting for child to terminate.\n"));
- 
- 		(void) signal (SIGALRM, kill_child);
- 		(void) alarm (2);
--- 
-2.11.0.rc2
-
author	V3n3RiX <venerix@redcorelinux.org>	2018-04-14 01:05:40 +0100
committer	V3n3RiX <venerix@redcorelinux.org>	2018-04-14 01:05:40 +0100
commit	76cba73c47c8694e74377004634daca18f2d9c08 (patch)
tree	468603ebdc189bcfae77696162761b3be936baea /sys-apps/shadow
parent	6957f5c65b02bba533954eabc0b62f5de36be206 (diff)