Hello community, here is the log from the commit of package cronie for openSUSE:Factory checked in at 2013-02-04 21:08:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cronie (Old) and /work/SRC/openSUSE:Factory/.cronie.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cronie", Maintainer is "" Changes: -------- --- /work/SRC/openSUSE:Factory/cronie/cronie.changes 2012-10-31 13:51:13.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.cronie.new/cronie.changes 2013-02-04 21:08:14.000000000 +0100 @@ -1,0 +2,11 @@ +Mon Feb 4 14:20:48 UTC 2013 - [email protected] + +- Regenerate cronie-pam_config.diff, last line of the patch was not + properly added, causing bnc#801553. + +------------------------------------------------------------------- +Mon Nov 12 13:44:06 UTC 2012 - [email protected] + +-Fix Bug 786096 - VUL-1: cron: does not close file descriptors before invocation of commands + +------------------------------------------------------------------- New: ---- bug-786096_cronie-fdleak.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cronie.spec ++++++ --- /var/tmp/diff_new_pack.7yF3A5/_old 2013-02-04 21:08:15.000000000 +0100 +++ /var/tmp/diff_new_pack.7yF3A5/_new 2013-02-04 21:08:15.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package cronie # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -58,6 +58,8 @@ Patch8: cronie-anacron-1.4.7-run-crons.patch Patch9: cronie-1.4.8-bug_756197.diff Patch10: cronie-nofork-nopid.patch +# PATCH-FIX-UPSTREAM bnc#786096 +Patch11: bug-786096_cronie-fdleak.diff Conflicts: cron <= 4.1 # When finish update protection of sles11 we could uncomment line bellow and drop all # ugly hacks with subpackage cron needed for proper update proces @@ -103,6 +105,7 @@ %patch9 cp %{S:7} ./cron_to_cronie.README %patch10 +%patch11 -p1 %build # fill macro CRON_VERSION it is used in top three lines of crontab file,should be reworked export CFLAGS="$RPM_OPT_FLAGS -DCRON_VERSION=\\\"%{version}\\\"" ++++++ bug-786096_cronie-fdleak.diff ++++++ Index: cronie-1.4.8/src/do_command.c =================================================================== --- cronie-1.4.8.orig/src/do_command.c +++ cronie-1.4.8/src/do_command.c @@ -69,6 +69,7 @@ static int child_process(entry * e, user int stdin_pipe[2], stdout_pipe[2]; char *input_data, *usernm, *mailto, *mailfrom; int children = 0; + int i = 3, open_max = -1; pid_t pid = getpid(); struct sigaction sa; @@ -154,6 +155,12 @@ static int child_process(entry * e, user *p = '\0'; } + open_max = sysconf(_SC_OPEN_MAX); + if (open_max < 0) + open_max = 1024; + for (i = STDERR + 1; i < open_max; ++i) + close(i); + /* fork again, this time so we can exec the user's command. */ ++++++ cronie-pam_config.diff ++++++ --- /var/tmp/diff_new_pack.7yF3A5/_old 2013-02-04 21:08:16.000000000 +0100 +++ /var/tmp/diff_new_pack.7yF3A5/_new 2013-02-04 21:08:16.000000000 +0100 @@ -1,8 +1,8 @@ -Index: cronie-1.4.4/pam/crond +Index: cronie-1.4.8/pam/crond =================================================================== ---- cronie-1.4.4.orig/pam/crond -+++ cronie-1.4.4/pam/crond -@@ -3,8 +3,9 @@ +--- cronie-1.4.8.orig/pam/crond ++++ cronie-1.4.8/pam/crond +@@ -3,8 +3,10 @@ # # # No PAM authentication called, auth modules not needed -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
