diff options
-rw-r--r-- | security/openpam/Makefile | 4 | ||||
-rw-r--r-- | security/openpam/distinfo | 4 | ||||
-rw-r--r-- | security/openpam/patches/patch-ab | 20 |
3 files changed, 23 insertions, 5 deletions
diff --git a/security/openpam/Makefile b/security/openpam/Makefile index a365713f7a3..75d94390863 100644 --- a/security/openpam/Makefile +++ b/security/openpam/Makefile @@ -1,12 +1,14 @@ -# $NetBSD: Makefile,v 1.15 2008/02/18 16:48:12 jlam Exp $ +# $NetBSD: Makefile,v 1.15.34.1 2011/12/14 02:42:40 sbd Exp $ DISTNAME= openpam-20071221 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=openpam/} +PKGREVISION= 1 MAINTAINER= joerg@NetBSD.org HOMEPAGE= http://www.openpam.org/ COMMENT= Open-source PAM library +LICENSE= modified-bsd PKG_DESTDIR_SUPPORT= user-destdir diff --git a/security/openpam/distinfo b/security/openpam/distinfo index 8c3475797ca..baa9c75c684 100644 --- a/security/openpam/distinfo +++ b/security/openpam/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.7 2008/02/18 18:22:18 jlam Exp $ +$NetBSD: distinfo,v 1.7.34.1 2011/12/14 02:42:40 sbd Exp $ SHA1 (openpam-20071221.tar.gz) = 43d41fa4a86199077c4fe193c52c59365f4c317e RMD160 (openpam-20071221.tar.gz) = cd8f7e94984693b0f892f226bfed6a3f9b24ec72 Size (openpam-20071221.tar.gz) = 396932 bytes -SHA1 (patch-ab) = 8ade188799693e6d7c28f27faf060c645c5d97c5 +SHA1 (patch-ab) = 2405cccb175e58914e36a26ac8aa896a1334b145 SHA1 (patch-ac) = 72fb5ffb67edf9892e6c2db5485fdf51ea4b50ce SHA1 (patch-ad) = 08b0dbd2d84c4239ea898f137d2f0ed7f7476d74 SHA1 (patch-ae) = 4f31bdde2cca94377c4e3ac8e4d42512764b3fac diff --git a/security/openpam/patches/patch-ab b/security/openpam/patches/patch-ab index 08b053bf302..06510c8f4df 100644 --- a/security/openpam/patches/patch-ab +++ b/security/openpam/patches/patch-ab @@ -1,6 +1,9 @@ -$NetBSD: patch-ab,v 1.3 2008/02/18 18:22:18 jlam Exp $ +$NetBSD: patch-ab,v 1.3.34.1 2011/12/14 02:42:40 sbd Exp $ ---- lib/openpam_configure.c.orig 2007-12-21 06:36:24.000000000 -0500 +- pkgsrcification +- prevention of CVE-2011-4122 taken from NetBSD src + +--- lib/openpam_configure.c.orig 2007-12-21 11:36:24.000000000 +0000 +++ lib/openpam_configure.c @@ -70,7 +70,7 @@ static int match_word(const char *str, const char *word) @@ -47,3 +50,16 @@ $NetBSD: patch-ab,v 1.3 2008/02/18 18:22:18 jlam Exp $ NULL }; +@@ -285,6 +287,12 @@ openpam_load_chain(pam_handle_t *pamh, + size_t len; + int r; + ++ /* Don't allow an escape from policy_path. */ ++ if (strchr(service, '/') != NULL) { ++ openpam_log(PAM_LOG_ERROR, "illegal service \"%s\"", service); ++ return (-PAM_SYSTEM_ERR); ++ } ++ + for (path = openpam_policy_path; *path != NULL; ++path) { + len = strlen(*path); + if ((*path)[len - 1] == '/') { |