r4317 - in glibc-package/branches/glibc-branch-lenny/debian: . patches patches/any

Thu, 03 Jun 2010 00:54:12 -0700 

Author: aurel32
Date: 2010-06-03 07:37:00 +0000 (Thu, 03 Jun 2010)
New Revision: 4317

Added:
   glibc-package/branches/glibc-branch-lenny/debian/patches/any/cvs-mntent.diff
Modified:
   glibc-package/branches/glibc-branch-lenny/debian/changelog
   glibc-package/branches/glibc-branch-lenny/debian/patches/series
Log:
  * patches/any/cvs-mntent.diff: fix mntent newline processing error 
    (CVE-2010-0296).



Modified: glibc-package/branches/glibc-branch-lenny/debian/changelog
===================================================================
--- glibc-package/branches/glibc-branch-lenny/debian/changelog  2010-06-02 
22:00:39 UTC (rev 4316)
+++ glibc-package/branches/glibc-branch-lenny/debian/changelog  2010-06-03 
07:37:00 UTC (rev 4317)
@@ -1,3 +1,10 @@
+glibc (2.7-18lenny3) UNRELEASED; urgency=low
+
+  * patches/any/cvs-mntent.diff: fix mntent newline processing error 
+    (CVE-2010-0296).
+
+ -- Aurelien Jarno <aure...@debian.org>  Thu, 03 Jun 2010 09:32:40 +0200
+
 glibc (2.7-18lenny2) stable-security; urgency=low
 
   * Fix NIS shadow entries leakage to non-priviledge users when nscd is

Added: 
glibc-package/branches/glibc-branch-lenny/debian/patches/any/cvs-mntent.diff
===================================================================
--- 
glibc-package/branches/glibc-branch-lenny/debian/patches/any/cvs-mntent.diff    
                            (rev 0)
+++ 
glibc-package/branches/glibc-branch-lenny/debian/patches/any/cvs-mntent.diff    
    2010-06-03 07:37:00 UTC (rev 4317)
@@ -0,0 +1,19 @@
+2010-05-02  Ulrich Drepper  <drep...@redhat.com>
+
+       * misc/mntent_r.c (encode_name): The slow loop handles newlines so we
+       should recognize them as an abort condition.
+       Patch by Jan Lieskovsky <jlies...@redhat.com>.
+
+diff --git a/misc/mntent_r.c b/misc/mntent_r.c
+index 829750b..9598528 100644
+--- a/misc/mntent_r.c
++++ b/misc/mntent_r.c
+@@ -194,7 +194,7 @@ weak_alias (__getmntent_r, getmntent_r)
+     const char *rp = name;                                                  \
+                                                                             \
+     while (*rp != '\0')                                                       
      \
+-      if (*rp == ' ' || *rp == '\t' || *rp == '\\')                         \
++      if (*rp == ' ' || *rp == '\t' || *rp == '\n' || *rp == '\\')          \
+       break;                                                                \
+       else                                                                  \
+       ++rp;                                                                 \

Modified: glibc-package/branches/glibc-branch-lenny/debian/patches/series
===================================================================
--- glibc-package/branches/glibc-branch-lenny/debian/patches/series     
2010-06-02 22:00:39 UTC (rev 4316)
+++ glibc-package/branches/glibc-branch-lenny/debian/patches/series     
2010-06-03 07:37:00 UTC (rev 4317)
@@ -233,3 +233,4 @@
 any/submitted-user_h.diff -p1
 any/cvs-realloc.diff -p1
 any/submitted-nis-shadow.diff -p1
+any/cvs-mntent.diff -p1


-- 
To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/e1ok4zf-0000so...@alioth.debian.org

Reply via email to