Date: Monday, July 16, 2018 @ 07:39:58 Author: alucryd Revision: 359632
upgpkg: lib32-pam 1.3.1-1 Modified: lib32-pam/trunk/PKGBUILD Deleted: lib32-pam/trunk/pam-1.1.8-cve-2013-7041.patch lib32-pam/trunk/pam-1.1.8-cve-2014-2583.patch lib32-pam/trunk/pam_unix2-glibc216.patch -------------------------------+ PKGBUILD | 15 +++++----- pam-1.1.8-cve-2013-7041.patch | 52 ------------------------------------- pam-1.1.8-cve-2014-2583.patch | 56 ---------------------------------------- pam_unix2-glibc216.patch | 20 -------------- 4 files changed, 8 insertions(+), 135 deletions(-) Modified: PKGBUILD =================================================================== --- PKGBUILD 2018-07-16 07:22:20 UTC (rev 359631) +++ PKGBUILD 2018-07-16 07:39:58 UTC (rev 359632) @@ -7,25 +7,26 @@ # Contributor: judd <[email protected]> pkgname=lib32-pam -pkgver=1.3.0 -pkgrel=2 +pkgver=1.3.1 +pkgrel=1 pkgdesc='Pluggable Authentication Modules' arch=('x86_64') url='http://linux-pam.org' license=('GPL2') depends=('lib32-cracklib' 'lib32-libnsl' 'lib32-libtirpc' 'pam') -makedepends=('gcc-multilib' 'lib32-flex') -source=("http://linux-pam.org/library/Linux-PAM-${pkgver}.tar.bz2";) -sha256sums=('241aed1ef522f66ed672719ecf2205ec513fd0075ed80cda8e086a5b1a01d1bb') +makedepends=('docbook-xml' 'docbook-xsl' 'git' 'lib32-flex' 'w3m') +source=("git+https://github.com/linux-pam/linux-pam.git#tag=v${pkgver}";) +sha256sums=('SKIP') options=('!emptydirs') build() { - cd Linux-PAM-${pkgver} + cd linux-pam export CC='gcc -m32' export CXX='g++ -m32' export PKG_CONFIG_PATH='/usr/lib32/pkgconfig' + ./autogen.sh ./configure \ --prefix='/usr' \ --libdir='/usr/lib32' \ @@ -35,7 +36,7 @@ } package() { - cd Linux-PAM-${pkgver} + cd linux-pam make DESTDIR="${pkgdir}" SCONFIGDIR='/etc/security' install rm -rf "${pkgdir}"/{etc,usr/{include,share,bin}} Deleted: pam-1.1.8-cve-2013-7041.patch =================================================================== --- pam-1.1.8-cve-2013-7041.patch 2018-07-16 07:22:20 UTC (rev 359631) +++ pam-1.1.8-cve-2013-7041.patch 2018-07-16 07:39:58 UTC (rev 359632) @@ -1,52 +0,0 @@ -From 57a1e2b274d0a6376d92ada9926e5c5741e7da20 Mon Sep 17 00:00:00 2001 -From: "Dmitry V. Levin" <[email protected]> -Date: Fri, 24 Jan 2014 22:18:32 +0000 -Subject: [PATCH] pam_userdb: fix password hash comparison - -Starting with commit Linux-PAM-0-77-28-g0b3e583 that introduced hashed -passwords support in pam_userdb, hashes are compared case-insensitively. -This bug leads to accepting hashes for completely different passwords in -addition to those that should be accepted. - -Additionally, commit Linux-PAM-1_1_6-13-ge2a8187 that added support for -modern password hashes with different lengths and settings, did not -update the hash comparison accordingly, which leads to accepting -computed hashes longer than stored hashes when the latter is a prefix -of the former. - -* modules/pam_userdb/pam_userdb.c (user_lookup): Reject the computed -hash whose length differs from the stored hash length. -Compare computed and stored hashes case-sensitively. -Fixes CVE-2013-7041. - -Bug-Debian: http://bugs.debian.org/731368 ---- - modules/pam_userdb/pam_userdb.c | 9 ++++++--- - 1 file changed, 6 insertions(+), 3 deletions(-) - -diff --git a/modules/pam_userdb/pam_userdb.c b/modules/pam_userdb/pam_userdb.c -index de8b5b1..ff040e6 100644 ---- a/modules/pam_userdb/pam_userdb.c -+++ b/modules/pam_userdb/pam_userdb.c -@@ -222,12 +222,15 @@ user_lookup (pam_handle_t *pamh, const char *database, const char *cryptmode, - } else { - cryptpw = crypt (pass, data.dptr); - -- if (cryptpw) { -- compare = strncasecmp (data.dptr, cryptpw, data.dsize); -+ if (cryptpw && strlen(cryptpw) == (size_t)data.dsize) { -+ compare = memcmp(data.dptr, cryptpw, data.dsize); - } else { - compare = -2; - if (ctrl & PAM_DEBUG_ARG) { -- pam_syslog(pamh, LOG_INFO, "crypt() returned NULL"); -+ if (cryptpw) -+ pam_syslog(pamh, LOG_INFO, "lengths of computed and stored hashes differ"); -+ else -+ pam_syslog(pamh, LOG_INFO, "crypt() returned NULL"); - } - }; - --- -1.8.3.1 - Deleted: pam-1.1.8-cve-2014-2583.patch =================================================================== --- pam-1.1.8-cve-2014-2583.patch 2018-07-16 07:22:20 UTC (rev 359631) +++ pam-1.1.8-cve-2014-2583.patch 2018-07-16 07:39:58 UTC (rev 359632) @@ -1,56 +0,0 @@ -From 9dcead87e6d7f66d34e7a56d11a30daca367dffb Mon Sep 17 00:00:00 2001 -From: "Dmitry V. Levin" <[email protected]> -Date: Wed, 26 Mar 2014 22:17:23 +0000 -Subject: [PATCH] pam_timestamp: fix potential directory traversal issue - (ticket #27) - -pam_timestamp uses values of PAM_RUSER and PAM_TTY as components of -the timestamp pathname it creates, so extra care should be taken to -avoid potential directory traversal issues. - -* modules/pam_timestamp/pam_timestamp.c (check_tty): Treat -"." and ".." tty values as invalid. -(get_ruser): Treat "." and ".." ruser values, as well as any ruser -value containing '/', as invalid. - -Fixes CVE-2014-2583. - -Reported-by: Sebastian Krahmer <[email protected]> ---- - modules/pam_timestamp/pam_timestamp.c | 13 ++++++++++++- - 1 file changed, 12 insertions(+), 1 deletion(-) - -diff --git a/modules/pam_timestamp/pam_timestamp.c b/modules/pam_timestamp/pam_timestamp.c -index 5193733..b3f08b1 100644 ---- a/modules/pam_timestamp/pam_timestamp.c -+++ b/modules/pam_timestamp/pam_timestamp.c -@@ -158,7 +158,7 @@ check_tty(const char *tty) - tty = strrchr(tty, '/') + 1; - } - /* Make sure the tty wasn't actually a directory (no basename). */ -- if (strlen(tty) == 0) { -+ if (!strlen(tty) || !strcmp(tty, ".") || !strcmp(tty, "..")) { - return NULL; - } - return tty; -@@ -243,6 +243,17 @@ get_ruser(pam_handle_t *pamh, char *ruserbuf, size_t ruserbuflen) - if (pwd != NULL) { - ruser = pwd->pw_name; - } -+ } else { -+ /* -+ * This ruser is used by format_timestamp_name as a component -+ * of constructed timestamp pathname, so ".", "..", and '/' -+ * are disallowed to avoid potential path traversal issues. -+ */ -+ if (!strcmp(ruser, ".") || -+ !strcmp(ruser, "..") || -+ strchr(ruser, '/')) { -+ ruser = NULL; -+ } - } - if (ruser == NULL || strlen(ruser) >= ruserbuflen) { - *ruserbuf = '\0'; --- -1.8.3.1 - Deleted: pam_unix2-glibc216.patch =================================================================== --- pam_unix2-glibc216.patch 2018-07-16 07:22:20 UTC (rev 359631) +++ pam_unix2-glibc216.patch 2018-07-16 07:39:58 UTC (rev 359632) @@ -1,20 +0,0 @@ -Index: pam_unix2-2.9.1/src/read-files.c -=================================================================== ---- pam_unix2-2.9.1.orig/src/read-files.c -+++ pam_unix2-2.9.1/src/read-files.c -@@ -30,8 +30,14 @@ - #include <errno.h> - #include <fcntl.h> - #include <nss.h> --#include <bits/libc-lock.h> -+#include <pthread.h> - #define __libc_lock_t pthread_mutex_t -+#define __libc_lock_define_initialized(CLASS,NAME) \ -+ CLASS __libc_lock_t NAME = PTHREAD_MUTEX_INITIALIZER; -+#define __libc_lock_lock(NAME) \ -+ pthread_mutex_lock, (&(NAME)) -+#define __libc_lock_unlock(NAME) \ -+ pthread_mutex_unlock, (&(NAME)) - - #include "read-files.h" -
