diff options
| author | bsiegert <bsiegert> | 2016-11-03 19:50:12 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert> | 2016-11-03 19:50:12 +0000 |
| commit | 494726c77cacbdbbf428641dabad0a469509250b (patch) | |
| tree | e2e921aef474ea86af20ce4b2e54dbbdd19145e8 | |
| parent | 2d63de1e10383e92ee0c80655a756493506b0f9e (diff) | |
| download | pkgsrc-494726c77cacbdbbf428641dabad0a469509250b.tar.gz | |
Pullup ticket #5147 - requested by spz
security/libcrack: security fix
Revisions pulled up:
- security/libcrack/Makefile 1.19
- security/libcrack/distinfo 1.8
- security/libcrack/patches/patch-CVE-2016-6318 1.1
---
Module Name: pkgsrc
Committed By: spz
Date: Sun Oct 30 20:49:58 UTC 2016
Modified Files:
pkgsrc/security/libcrack: Makefile distinfo
Added Files:
pkgsrc/security/libcrack/patches: patch-CVE-2016-6318
Log Message:
add a patch for CVE-2016-6318 from
https://bugzilla.redhat.com/attachment.cgi?id=1188599
| -rw-r--r-- | security/libcrack/Makefile | 4 | ||||
| -rw-r--r-- | security/libcrack/distinfo | 3 | ||||
| -rw-r--r-- | security/libcrack/patches/patch-CVE-2016-6318 | 89 |
3 files changed, 93 insertions, 3 deletions
diff --git a/security/libcrack/Makefile b/security/libcrack/Makefile index 09d35c49fb6..7fe3097dfe9 100644 --- a/security/libcrack/Makefile +++ b/security/libcrack/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.18 2014/10/09 14:06:52 wiz Exp $ +# $NetBSD: Makefile,v 1.18.16.1 2016/11/03 19:50:12 bsiegert Exp $ # DISTNAME= cracklib,2.7 PKGNAME= libcrack-2.7 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= security MASTER_SITES= http://www.crypticide.com/alecm/security/cracklib/ diff --git a/security/libcrack/distinfo b/security/libcrack/distinfo index dc46215202a..74d6d6ae76a 100644 --- a/security/libcrack/distinfo +++ b/security/libcrack/distinfo @@ -1,9 +1,10 @@ -$NetBSD: distinfo,v 1.7 2015/11/04 01:17:48 agc Exp $ +$NetBSD: distinfo,v 1.7.8.1 2016/11/03 19:50:12 bsiegert Exp $ SHA1 (cracklib,2.7.tar.gz) = 903bb7e2400c7e486f432aab026dd6584815d2c1 RMD160 (cracklib,2.7.tar.gz) = 8c1710580ed5778f54d30b709cac0b4b07543aed SHA512 (cracklib,2.7.tar.gz) = 2d63ed30d78a8fb07caeb21b2eeeb88941b224fe9c94da6c5eaecc4d23510117c836a373e77dffc1ff827dbd8bc02a07d07434caa4fc39b48d515bef425819e9 Size (cracklib,2.7.tar.gz) = 21059 bytes +SHA1 (patch-CVE-2016-6318) = 8cfb44a70c1b9e23a9739edc393fc017a7327902 SHA1 (patch-aa) = 8119a733f4bdb0a5a41e41ab53e9923564a70855 SHA1 (patch-ab) = b9a0b5929936a1335f08cab93710bbe66c74183d SHA1 (patch-ac) = 43031370c2bb08c7b43c6afad0fabe8060ac66b3 diff --git a/security/libcrack/patches/patch-CVE-2016-6318 b/security/libcrack/patches/patch-CVE-2016-6318 new file mode 100644 index 00000000000..4a15bfbe4fa --- /dev/null +++ b/security/libcrack/patches/patch-CVE-2016-6318 @@ -0,0 +1,89 @@ +patch to cracklib 2.7 based on a patch for cracklib 2.9 from +https://bugzilla.redhat.com/attachment.cgi?id=1188599 : + +It is not safe to pass words longer than STRINGSIZE further to cracklib +so the longbuffer cannot be longer than STRINGSIZE. + +--- ./cracklib/fascist.c.orig 1997-12-31 10:26:46.000000000 +0000 ++++ ./cracklib/fascist.c 2016-10-27 19:00:46.000000000 +0000 +@@ -490,7 +490,7 @@ FascistGecos(password, uid) + char gbuffer[STRINGSIZE]; + char tbuffer[STRINGSIZE]; + char *uwords[STRINGSIZE]; +- char longbuffer[STRINGSIZE * 2]; ++ char longbuffer[STRINGSIZE]; + + if (!(pwp = getpwuid(uid))) + { +@@ -573,38 +573,47 @@ FascistGecos(password, uid) + { + for (i = 0; i < j; i++) + { +- strcpy(longbuffer, uwords[i]); +- strcat(longbuffer, uwords[j]); +- +- if (GTry(longbuffer, password)) ++ if (strlen(uwords[i]) + strlen(uwords[j]) < STRINGSIZE) + { +- return ("it is derived from your password entry"); +- } +- +- strcpy(longbuffer, uwords[j]); +- strcat(longbuffer, uwords[i]); ++ strcpy(longbuffer, uwords[i]); ++ strcat(longbuffer, uwords[j]); + +- if (GTry(longbuffer, password)) +- { +- return ("it's derived from your password entry"); ++ if (GTry(longbuffer, password)) ++ { ++ return ("it is derived from your password entry"); ++ } ++ ++ strcpy(longbuffer, uwords[j]); ++ strcat(longbuffer, uwords[i]); ++ ++ if (GTry(longbuffer, password)) ++ { ++ return ("it's derived from your password entry"); ++ } + } + +- longbuffer[0] = uwords[i][0]; +- longbuffer[1] = '\0'; +- strcat(longbuffer, uwords[j]); +- +- if (GTry(longbuffer, password)) ++ if (strlen(uwords[j]) < STRINGSIZE - 1) + { +- return ("it is derivable from your password entry"); ++ longbuffer[0] = uwords[i][0]; ++ longbuffer[1] = '\0'; ++ strcat(longbuffer, uwords[j]); ++ ++ if (GTry(longbuffer, password)) ++ { ++ return ("it is derivable from your password entry"); ++ } + } + +- longbuffer[0] = uwords[j][0]; +- longbuffer[1] = '\0'; +- strcat(longbuffer, uwords[i]); +- +- if (GTry(longbuffer, password)) ++ if (strlen(uwords[i]) < STRINGSIZE - 1) + { +- return ("it's derivable from your password entry"); ++ longbuffer[0] = uwords[j][0]; ++ longbuffer[1] = '\0'; ++ strcat(longbuffer, uwords[i]); ++ ++ if (GTry(longbuffer, password)) ++ { ++ return ("it's derivable from your password entry"); ++ } + } + } + } |