[Pkg-shadow-commits] r1084 - in branches/sarge: debian src
Nicolas FRANCOIS
nekral-guest at costa.debian.org
Wed Aug 16 16:25:28 UTC 2006
Author: nekral-guest
Date: 2006-08-16 16:25:27 +0000 (Wed, 16 Aug 2006)
New Revision: 1084
Modified:
branches/sarge/debian/changelog
branches/sarge/src/passwd.c
Log:
Apply the sarge8 patch.
Modified: branches/sarge/debian/changelog
===================================================================
--- branches/sarge/debian/changelog 2006-08-16 16:23:45 UTC (rev 1083)
+++ branches/sarge/debian/changelog 2006-08-16 16:25:27 UTC (rev 1084)
@@ -1,3 +1,14 @@
+shadow (1:4.0.3-31sarge8) stable-security; urgency=high
+
+ * SECURITY UPDATE: CVE-2006-3378: Root privilege escalation.
+ * src/passwd.c:
+ - Check for failing setuid() (which can happen if user hits PAM
+ limits). Before, passwd continued to run as root and executed
+ chfn/chsh/gpasswd as root instead of as the user.
+ - Thanks to Sune Kloppenborg Jeppesen for pointing this out.
+
+ -- Martin Zobel-Helas <zobel at debian.org> Fri, 11 Aug 2006 22:17:14 +0000
+
shadow (1:4.0.3-31sarge5) testing-proposed-updates; urgency=high
* Re-apply the debian/patches/036_CAN-2004-1001_passwd_check patch
Modified: branches/sarge/src/passwd.c
===================================================================
--- branches/sarge/src/passwd.c 2006-08-16 16:23:45 UTC (rev 1083)
+++ branches/sarge/src/passwd.c 2006-08-16 16:25:27 UTC (rev 1084)
@@ -958,7 +958,13 @@
if (argc > 1 && argv[1][0] == '-' && strchr ("gfs", argv[1][1])) {
char buf[200];
- setuid (getuid ());
+ uid_t uid = getuid();
+ setuid (uid);
+ if (getuid() != uid) {
+ perror("cannot set user id");
+ SYSLOG ((LOG_ERR, "setuid to %i failed", uid));
+ exit(E_FAILURE);
+ }
switch (argv[1][1]) {
case 'g':
argv[1] = GPASSWD_PROGRAM; /* XXX warning: const */
More information about the Pkg-shadow-commits
mailing list