Hello community, here is the log from the commit of package krb5-appl for openSUSE:Factory checked in at Thu Jul 7 08:47:09 CEST 2011. -------- --- krb5-appl/krb5-appl.changes 2011-04-29 14:18:18.000000000 +0200 +++ /mounts/work_src_done/STABLE/krb5-appl/krb5-appl.changes 2011-07-06 15:51:40.000000000 +0200 @@ -1,0 +2,6 @@ +Wed Jul 6 15:47:31 CEST 2011 - mc@suse.de + +- fix krb5 ftpd unauthorized file access + (bnc#698471, MITKRB5-SA-2011-005, CVE-2011-1526) + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- krb5-appl-MITKRB5-SA-2011-005.dif ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ krb5-appl.spec ++++++ --- /var/tmp/diff_new_pack.fOkEx5/_old 2011-07-07 08:39:05.000000000 +0200 +++ /var/tmp/diff_new_pack.fOkEx5/_new 2011-07-07 08:39:05.000000000 +0200 @@ -26,7 +26,7 @@ Url: http://web.mit.edu/kerberos/www/ BuildRequires: bison krb5-devel libcom_err-devel ncurses-devel Version: 1.0.1 -Release: 1 +Release: 3 Summary: MIT Kerberos5 Implementation--Applications Group: Productivity/Networking/Security Source0: krb5-appl-1.0.1.tar.bz2 @@ -36,6 +36,7 @@ Patch1: krb5-appl-1.0-fix-ftp-var-used-uninitialized.dif Patch2: krb5-appl-1.0-fix-var-used-before-value-set.dif Patch3: krb5-appl-1.0-fix-path-in-manpages.dif +Patch4: krb5-appl-MITKRB5-SA-2011-005.dif BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -109,9 +110,11 @@ %patch1 -p1 %patch2 -p1 %patch3 -p1 +%patch4 -p1 %build %{?suse_update_config:%{suse_update_config -f}} +./autogen.sh CFLAGS="$RPM_OPT_FLAGS -I/usr/include/et -fpie" \ LDFLAGS="-pie " \ ./configure \ ++++++ krb5-appl-MITKRB5-SA-2011-005.dif ++++++ Index: krb5-appl-1.0/configure.ac =================================================================== --- krb5-appl-1.0.orig/configure.ac +++ krb5-appl-1.0/configure.ac @@ -107,6 +107,7 @@ AC_CHECK_FUNCS(_getpty cgetent getcwd ge AC_CHECK_FUNCS(getutmpx grantpt inet_aton initgroups isatty killpg killpg) AC_CHECK_FUNCS(line_push ptsname revoke rmufile rresvport_af) AC_CHECK_FUNCS(seteuid setlogin setpgid setpriority setresuid setreuid) +AC_CHECK_FUNCS(setegid setregid setresgid) AC_CHECK_FUNCS(setutent setutsent setutxent strsave tcgetpgrp tcsetpgrp) AC_CHECK_FUNCS(ttyname unsetenv updwtmp updwtmpx utimes utmpname utmpxname) AC_CHECK_FUNCS(vhangup vsnprintf waitpid) Index: krb5-appl-1.0/gssftp/ftpd/ftpd.c =================================================================== --- krb5-appl-1.0.orig/gssftp/ftpd/ftpd.c +++ krb5-appl-1.0/gssftp/ftpd/ftpd.c @@ -986,9 +986,14 @@ login(passwd, logincode) #endif } - (void) krb5_setegid((gid_t)pw->pw_gid); - (void) initgroups(pw->pw_name, pw->pw_gid); - + if (krb5_setegid((gid_t)pw->pw_gid) < 0) { + reply(550, "Can't set egid."); + goto bad; + } + if (geteuid() == 0 && initgroups(pw->pw_name, pw->pw_gid) < 0) { + reply(550, "Can't initgroups"); + goto bad; + } /* open wtmp before chroot */ (void) snprintf(ttyline, sizeof(ttyline), "ftp%ld", (long) getpid()); pty_logwtmp(ttyline, pw->pw_name, rhost_sane); Index: krb5-appl-1.0/k5-util.h =================================================================== --- krb5-appl-1.0.orig/k5-util.h +++ krb5-appl-1.0/k5-util.h @@ -69,8 +69,7 @@ #elif defined(HAVE_SETREUID) # define krb5_seteuid(EUID) setreuid(geteuid(), (uid_t)(EUID)) #else - /* You need to add a case to deal with this operating system.*/ -# define krb5_seteuid(EUID) (errno = EPERM, -1) +# error "You need to add a case to deal with this operating system." #endif #ifdef HAVE_SETEGID @@ -80,8 +79,7 @@ #elif defined(HAVE_SETREGID) # define krb5_setegid(EGID) (setregid(getegid(), (gid_t)(EGID))) #else - /* You need to add a case to deal with this operating system.*/ -# define krb5_setegid(EGID) (errno = EPERM, -1) +# error "You need to add a case to deal with this operating system." #endif #endif ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org