[Pkg-shadow-commits] r1086 - branches/sarge/debian
Nicolas FRANCOIS
nekral-guest at costa.debian.org
Wed Aug 16 16:36:54 UTC 2006
Author: nekral-guest
Date: 2006-08-16 16:36:53 +0000 (Wed, 16 Aug 2006)
New Revision: 1086
Modified:
branches/sarge/debian/changelog
branches/sarge/debian/passwd.postinst
Log:
Apply the 4.0.3-31sarge9 patch.
Modified: branches/sarge/debian/changelog
===================================================================
--- branches/sarge/debian/changelog 2006-08-16 16:32:01 UTC (rev 1085)
+++ branches/sarge/debian/changelog 2006-08-16 16:36:53 UTC (rev 1086)
@@ -1,3 +1,12 @@
+shadow (1:4.0.3-31sarge9) stable; urgency=low
+
+ * passwd.postinst: On upgrades from any prior version, chmod 600 various
+ base-config and d-i log files that might contain sensative information,
+ including in some cases, passwords. Thanks to Joey Hess for the patch.
+ Closes: #356939
+
+ -- Christian Perrier <bubulle at debian.org> Sat, 12 Aug 2006 09:23:46 +0200
+
shadow (1:4.0.3-31sarge8) stable-security; urgency=high
* SECURITY UPDATE: CVE-2006-3378: Root privilege escalation.
Modified: branches/sarge/debian/passwd.postinst
===================================================================
--- branches/sarge/debian/passwd.postinst 2006-08-16 16:32:01 UTC (rev 1085)
+++ branches/sarge/debian/passwd.postinst 2006-08-16 16:36:53 UTC (rev 1086)
@@ -10,6 +10,18 @@
if test "$1" = configure
then
+ # Fix permissions on various log files from old versions of the debian
+ # installer, some unrelated to passwd but we decided to put the fix
+ # here since there was no better place. This can safely be removed
+ # after etch is released.
+ if dpkg --compare-versions "$2" lt "1:4.0.3-31sarge6"; then
+ for log in /var/log/base-config* \
+ $(find /var/log/debian-installer/ /var/log/installer/ -type f 2>/dev/null ); do
+ if [ -e "$log" ]; then
+ chmod 600 "$log"
+ fi
+ done
+ fi
rm -f /etc/pam.d/passwd.pre-upgrade 2>/dev/null
if ! getent group shadow | grep -q '^shadow:[^:]*:42'
then
More information about the Pkg-shadow-commits
mailing list