Hello community, here is the log from the commit of package pam_yubico for openSUSE:Factory checked in at 2018-04-05 15:32:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/pam_yubico (Old) and /work/SRC/openSUSE:Factory/.pam_yubico.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pam_yubico" Thu Apr 5 15:32:59 2018 rev:6 rq:593464 version:2.25 Changes: -------- --- /work/SRC/openSUSE:Factory/pam_yubico/pam_yubico.changes 2018-03-28 10:33:20.640810481 +0200 +++ /work/SRC/openSUSE:Factory/.pam_yubico.new/pam_yubico.changes 2018-04-05 15:33:05.972992712 +0200 @@ -1,0 +2,6 @@ +Wed Apr 4 08:32:10 UTC 2018 - [email protected] + +- leaking-file-descriptor.patch: Close the authfile before returning + to make sure no file descriptors are leaked (bsc#1088027). + +------------------------------------------------------------------- New: ---- leaking-file-descriptor.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ pam_yubico.spec ++++++ --- /var/tmp/diff_new_pack.J2qDVH/_old 2018-04-05 15:33:06.792963076 +0200 +++ /var/tmp/diff_new_pack.J2qDVH/_new 2018-04-05 15:33:06.792963076 +0200 @@ -26,6 +26,7 @@ Source: https://developers.yubico.com/yubico-pam/Releases/pam_yubico-%{version}.tar.gz Source1: https://developers.yubico.com/yubico-pam/Releases/pam_yubico-%{version}.tar.gz.sig Source2: baselib.conf +Patch0: leaking-file-descriptor.patch BuildRequires: libykclient-devel >= 2.15 BuildRequires: libyubikey-devel BuildRequires: openldap2-devel @@ -39,6 +40,7 @@ %prep %setup -q +%patch0 -p1 %build %configure --bindir=%{_bindir} --with-pam-dir=/%{_lib}/security --disable-static --disable-silent-rules ++++++ leaking-file-descriptor.patch ++++++ References: 0f6ceabab0a8849b47f67d727aa526c2656089ba From: Karol Babioch <[email protected]> Date: Tue, 3 Apr 2018 09:19:53 +0200 Upstream: merged Subject: [PATCH] util: make sure to close the authfile before returning success fixes #136 --- util.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/util.c b/util.c index 6cb4a79..32bca06 100644 --- a/util.c +++ b/util.c @@ -167,6 +167,8 @@ check_user_token (const char *authfile, { if(verbose) D (debug_file, "Match user/token as %s/%s", username, otp_id); + + fclose(opwfile); return AUTH_FOUND; } }
