r4317 - in glibc-package/branches/glibc-branch-lenny/debian: . patches patches/any

To: debian-glibc@lists.debian.org
Subject: r4317 - in glibc-package/branches/glibc-branch-lenny/debian: . patches patches/any
From: Aurelien Jarno <aurel32@alioth.debian.org>
Date: Thu, 3 Jun 2010 07:37:09 +0000
Message-id: <[🔎] E1OK4zF-0000So-MH@alioth.debian.org>

Author: aurel32
Date: 2010-06-03 07:37:00 +0000 (Thu, 03 Jun 2010)
New Revision: 4317

Added:
   glibc-package/branches/glibc-branch-lenny/debian/patches/any/cvs-mntent.diff
Modified:
   glibc-package/branches/glibc-branch-lenny/debian/changelog
   glibc-package/branches/glibc-branch-lenny/debian/patches/series
Log:
  * patches/any/cvs-mntent.diff: fix mntent newline processing error 
    (CVE-2010-0296).



Modified: glibc-package/branches/glibc-branch-lenny/debian/changelog
===================================================================
--- glibc-package/branches/glibc-branch-lenny/debian/changelog	2010-06-02 22:00:39 UTC (rev 4316)
+++ glibc-package/branches/glibc-branch-lenny/debian/changelog	2010-06-03 07:37:00 UTC (rev 4317)
@@ -1,3 +1,10 @@
+glibc (2.7-18lenny3) UNRELEASED; urgency=low
+
+  * patches/any/cvs-mntent.diff: fix mntent newline processing error 
+    (CVE-2010-0296).
+
+ -- Aurelien Jarno <aurel32@debian.org>  Thu, 03 Jun 2010 09:32:40 +0200
+
 glibc (2.7-18lenny2) stable-security; urgency=low
 
   * Fix NIS shadow entries leakage to non-priviledge users when nscd is

Added: glibc-package/branches/glibc-branch-lenny/debian/patches/any/cvs-mntent.diff
===================================================================
--- glibc-package/branches/glibc-branch-lenny/debian/patches/any/cvs-mntent.diff	                        (rev 0)
+++ glibc-package/branches/glibc-branch-lenny/debian/patches/any/cvs-mntent.diff	2010-06-03 07:37:00 UTC (rev 4317)
@@ -0,0 +1,19 @@
+2010-05-02  Ulrich Drepper  <drepper@redhat.com>
+
+	* misc/mntent_r.c (encode_name): The slow loop handles newlines so we
+	should recognize them as an abort condition.
+	Patch by Jan Lieskovsky <jlieskov@redhat.com>.
+
+diff --git a/misc/mntent_r.c b/misc/mntent_r.c
+index 829750b..9598528 100644
+--- a/misc/mntent_r.c
++++ b/misc/mntent_r.c
+@@ -194,7 +194,7 @@ weak_alias (__getmntent_r, getmntent_r)
+     const char *rp = name;						      \
+ 									      \
+     while (*rp != '\0')							      \
+-      if (*rp == ' ' || *rp == '\t' || *rp == '\\')			      \
++      if (*rp == ' ' || *rp == '\t' || *rp == '\n' || *rp == '\\')	      \
+ 	break;								      \
+       else								      \
+ 	++rp;								      \

Modified: glibc-package/branches/glibc-branch-lenny/debian/patches/series
===================================================================
--- glibc-package/branches/glibc-branch-lenny/debian/patches/series	2010-06-02 22:00:39 UTC (rev 4316)
+++ glibc-package/branches/glibc-branch-lenny/debian/patches/series	2010-06-03 07:37:00 UTC (rev 4317)
@@ -233,3 +233,4 @@
 any/submitted-user_h.diff -p1
 any/cvs-realloc.diff -p1
 any/submitted-nis-shadow.diff -p1
+any/cvs-mntent.diff -p1

Reply to:

Prev by Date: Bug#551903: libc6-i686 pthread_cond_wait fails to reacquire mutex upon cancellation
Next by Date: r4318 - in glibc-package/branches/glibc-branch-lenny/debian: . patches patches/any
Previous by thread: Bug#551903: libc6-i686 pthread_cond_wait fails to reacquire mutex upon cancellation
Next by thread: r4318 - in glibc-package/branches/glibc-branch-lenny/debian: . patches patches/any
Index(es):
- Date
- Thread