Hello community, here is the log from the commit of package ncpfs for openSUSE:11.4 checked in at Wed Aug 24 17:56:58 CEST 2011. -------- --- old-versions/11.4/all/ncpfs/ncpfs.changes 2010-05-05 11:08:26.000000000 +0200 +++ 11.4/ncpfs/ncpfs.changes 2011-08-09 17:59:55.000000000 +0200 @@ -1,0 +2,8 @@ +Tue Aug 9 17:37:28 CEST 2011 - meissner@suse.de + +- correct permissions handling +- remove mtab locks on failure to mount (CVE-2011-1680 / bnc#686554) +- do not corrupt /etc/mtab on addmntent() failures like for filesystem + limited exceeded (CVE-2011-1679 / bnc#686554) + +------------------------------------------------------------------- Package does not exist at destination yet. Using Fallback old-versions/11.4/all/ncpfs Destination is old-versions/11.4/UPDATES/all/ncpfs calling whatdependson for 11.4-i586 New: ---- ncpfs-CVE-2011-1679-CVE-2011-1680.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ncpfs.spec ++++++ --- /var/tmp/diff_new_pack.igQ5yG/_old 2011-08-24 17:53:59.000000000 +0200 +++ /var/tmp/diff_new_pack.igQ5yG/_new 2011-08-24 17:53:59.000000000 +0200 @@ -1,7 +1,7 @@ # -# spec file for package ncpfs (Version 2.2.6) +# spec file for package ncpfs # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,8 +24,8 @@ Group: Productivity/Networking/Novell AutoReqProv: on Version: 2.2.6 -Release: 161 -PreReq: %insserv_prereq %fillup_prereq +Release: 169.<RELEASE170> +PreReq: %insserv_prereq %fillup_prereq permissions BuildRoot: %{_tmppath}/%{name}-%{version}-build Summary: Tools for Accessing Novell File Systems Source: ftp://platan.vc.cvut.cz/pub/linux/ncpfs/ncpfs-%{version}.tar.bz2 @@ -96,6 +96,7 @@ Patch1006: ncpfs.mount_hang.patch Patch1007: ncpfs-2.2.6-mount-issue-ver2.patch Patch1008: ncpfs-2_2_6_partial.patch +Patch1009: ncpfs-CVE-2011-1679-CVE-2011-1680.patch # In openSUSE 11.3 there is upstream compliant CUPS 1.4 # which means to have a fixed "/usr/lib/cups/" directory # on all platforms (see Novell/Suse Bugzilla bnc#575544): @@ -200,6 +201,7 @@ %patch1006 -p1 %patch1007 -p1 %patch1008 -p1 +%patch1009 -p1 tar xfvj %{SOURCE12} if [ "$UID" = 0 ] ; then chown -R 0:0 . ; fi @@ -247,6 +249,9 @@ %restart_on_update ipxmount %{insserv_cleanup} +%verifyscript +%verify_permissions -e /usr/bin/ncpmount -e /usr/bin/ncpumount -e /usr/bin/ncplogin -e /usr/bin/ncpmap -e /usr/bin/nwsfind + %files -n ncpfs -f %{name}.lang %defattr(-,root,root) %doc BUGS Changes COPYING FAQ README ncpfs*.lsm ++++++ ncpfs-CVE-2011-1679-CVE-2011-1680.patch ++++++ Index: ncpfs-2.2.6/sutil/ncpm_common.c =================================================================== --- ncpfs-2.2.6.orig/sutil/ncpm_common.c +++ ncpfs-2.2.6/sutil/ncpm_common.c @@ -1446,6 +1446,7 @@ void add_mnt_entry(char* mount_name, cha struct mntent ment; int fd; FILE* mtab; + off_t goodoffset; if (check_name(mount_name) == -1 || check_name(mpnt) == -1) errexit(107, _("Illegal character in mount entry\n")); @@ -1480,14 +1481,25 @@ void add_mnt_entry(char* mount_name, cha if ((mtab = setmntent(MOUNTED, "a+")) == NULL) { + unlink(MOUNTED "~"); errexit(59, _("Can't open %s\n"), MOUNTED); } + fseek (mtab, 0, SEEK_END); + goodoffset = ftell(mtab); if (addmntent(mtab, &ment) == 1) { + /* restore good state */ + ftruncate(fileno(mtab), goodoffset); + endmntent(mtab); + unlink(MOUNTED "~"); errexit(60, _("Can't write mount entry\n")); } if (fchmod(fileno(mtab), 0644) == -1) { + /* restore good state */ + ftruncate(fileno(mtab), goodoffset); + endmntent(mtab); + unlink(MOUNTED "~"); errexit(61, _("Can't set perms on %s\n"), MOUNTED); } endmntent(mtab); Index: ncpfs-2.2.6/sutil/ncpumount.c =================================================================== --- ncpfs-2.2.6.orig/sutil/ncpumount.c +++ ncpfs-2.2.6/sutil/ncpumount.c @@ -210,7 +210,12 @@ static int __clearMtab (const char* moun i++; } if (!found) { - addmntent(new_mtab, mnt); + if (addmntent(new_mtab, mnt)) { + eprintf(_("Can't addmntent to %s: %s\n"), MOUNTED_TMP, + strerror(errno)); + endmntent(mtab); + return 1; + } } } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org