pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2016Q3] pkgsrc/security/libcrack



Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Thu Nov  3 19:50:12 UTC 2016

Modified Files:
        pkgsrc/security/libcrack [pkgsrc-2016Q3]: Makefile distinfo
Added Files:
        pkgsrc/security/libcrack/patches [pkgsrc-2016Q3]: patch-CVE-2016-6318

Log Message:
Pullup ticket #5147 - requested by spz
security/libcrack: security fix

Revisions pulled up:
- security/libcrack/Makefile                                    1.19
- security/libcrack/distinfo                                    1.8
- security/libcrack/patches/patch-CVE-2016-6318                 1.1

---
   Module Name: pkgsrc
   Committed By:        spz
   Date:                Sun Oct 30 20:49:58 UTC 2016

   Modified Files:
        pkgsrc/security/libcrack: Makefile distinfo
   Added Files:
        pkgsrc/security/libcrack/patches: patch-CVE-2016-6318

   Log Message:
   add a patch for CVE-2016-6318 from
   https://bugzilla.redhat.com/attachment.cgi?id=1188599


To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.18.16.1 pkgsrc/security/libcrack/Makefile
cvs rdiff -u -r1.7 -r1.7.8.1 pkgsrc/security/libcrack/distinfo
cvs rdiff -u -r0 -r1.1.2.2 \
    pkgsrc/security/libcrack/patches/patch-CVE-2016-6318

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/libcrack/Makefile
diff -u pkgsrc/security/libcrack/Makefile:1.18 pkgsrc/security/libcrack/Makefile:1.18.16.1
--- pkgsrc/security/libcrack/Makefile:1.18      Thu Oct  9 14:06:52 2014
+++ pkgsrc/security/libcrack/Makefile   Thu Nov  3 19:50:12 2016
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.18 2014/10/09 14:06:52 wiz Exp $
+# $NetBSD: Makefile,v 1.18.16.1 2016/11/03 19:50:12 bsiegert Exp $
 #
 
 DISTNAME=      cracklib,2.7
 PKGNAME=       libcrack-2.7
-PKGREVISION=   1
+PKGREVISION=   2
 CATEGORIES=    security
 MASTER_SITES=  http://www.crypticide.com/alecm/security/cracklib/
 

Index: pkgsrc/security/libcrack/distinfo
diff -u pkgsrc/security/libcrack/distinfo:1.7 pkgsrc/security/libcrack/distinfo:1.7.8.1
--- pkgsrc/security/libcrack/distinfo:1.7       Wed Nov  4 01:17:48 2015
+++ pkgsrc/security/libcrack/distinfo   Thu Nov  3 19:50:12 2016
@@ -1,9 +1,10 @@
-$NetBSD: distinfo,v 1.7 2015/11/04 01:17:48 agc Exp $
+$NetBSD: distinfo,v 1.7.8.1 2016/11/03 19:50:12 bsiegert Exp $
 
 SHA1 (cracklib,2.7.tar.gz) = 903bb7e2400c7e486f432aab026dd6584815d2c1
 RMD160 (cracklib,2.7.tar.gz) = 8c1710580ed5778f54d30b709cac0b4b07543aed
 SHA512 (cracklib,2.7.tar.gz) = 2d63ed30d78a8fb07caeb21b2eeeb88941b224fe9c94da6c5eaecc4d23510117c836a373e77dffc1ff827dbd8bc02a07d07434caa4fc39b48d515bef425819e9
 Size (cracklib,2.7.tar.gz) = 21059 bytes
+SHA1 (patch-CVE-2016-6318) = 8cfb44a70c1b9e23a9739edc393fc017a7327902
 SHA1 (patch-aa) = 8119a733f4bdb0a5a41e41ab53e9923564a70855
 SHA1 (patch-ab) = b9a0b5929936a1335f08cab93710bbe66c74183d
 SHA1 (patch-ac) = 43031370c2bb08c7b43c6afad0fabe8060ac66b3

Added files:

Index: pkgsrc/security/libcrack/patches/patch-CVE-2016-6318
diff -u /dev/null pkgsrc/security/libcrack/patches/patch-CVE-2016-6318:1.1.2.2
--- /dev/null   Thu Nov  3 19:50:12 2016
+++ pkgsrc/security/libcrack/patches/patch-CVE-2016-6318        Thu Nov  3 19:50:12 2016
@@ -0,0 +1,89 @@
+patch to cracklib 2.7 based on a patch for cracklib 2.9 from
+https://bugzilla.redhat.com/attachment.cgi?id=1188599 :
+
+It is not safe to pass words longer than STRINGSIZE further to cracklib
+so the longbuffer cannot be longer than STRINGSIZE.
+
+--- ./cracklib/fascist.c.orig  1997-12-31 10:26:46.000000000 +0000
++++ ./cracklib/fascist.c       2016-10-27 19:00:46.000000000 +0000
+@@ -490,7 +490,7 @@ FascistGecos(password, uid)
+     char gbuffer[STRINGSIZE];
+     char tbuffer[STRINGSIZE];
+     char *uwords[STRINGSIZE];
+-    char longbuffer[STRINGSIZE * 2];
++    char longbuffer[STRINGSIZE];
+ 
+     if (!(pwp = getpwuid(uid)))
+     {
+@@ -573,38 +573,47 @@ FascistGecos(password, uid)
+     {
+       for (i = 0; i < j; i++)
+       {
+-          strcpy(longbuffer, uwords[i]);
+-          strcat(longbuffer, uwords[j]);
+-
+-          if (GTry(longbuffer, password))
++          if (strlen(uwords[i]) + strlen(uwords[j]) < STRINGSIZE)
+           {
+-              return ("it is derived from your password entry");
+-          }
+-
+-          strcpy(longbuffer, uwords[j]);
+-          strcat(longbuffer, uwords[i]);
++              strcpy(longbuffer, uwords[i]);
++              strcat(longbuffer, uwords[j]);
+ 
+-          if (GTry(longbuffer, password))
+-          {
+-              return ("it's derived from your password entry");
++              if (GTry(longbuffer, password))
++              {
++                  return ("it is derived from your password entry");
++              }
++
++              strcpy(longbuffer, uwords[j]);
++              strcat(longbuffer, uwords[i]);
++
++              if (GTry(longbuffer, password))
++              {
++                  return ("it's derived from your password entry");
++              }
+           }
+ 
+-          longbuffer[0] = uwords[i][0];
+-          longbuffer[1] = '\0';
+-          strcat(longbuffer, uwords[j]);
+-
+-          if (GTry(longbuffer, password))
++          if (strlen(uwords[j]) < STRINGSIZE - 1)
+           {
+-              return ("it is derivable from your password entry");
++              longbuffer[0] = uwords[i][0];
++              longbuffer[1] = '\0';
++              strcat(longbuffer, uwords[j]);
++
++              if (GTry(longbuffer, password))
++              {
++                  return ("it is derivable from your password entry");
++              }
+           }
+ 
+-          longbuffer[0] = uwords[j][0];
+-          longbuffer[1] = '\0';
+-          strcat(longbuffer, uwords[i]);
+-
+-          if (GTry(longbuffer, password))
++          if (strlen(uwords[i]) < STRINGSIZE - 1)
+           {
+-              return ("it's derivable from your password entry");
++              longbuffer[0] = uwords[j][0];
++              longbuffer[1] = '\0';
++              strcat(longbuffer, uwords[i]);
++
++              if (GTry(longbuffer, password))
++              {
++                  return ("it's derivable from your password entry");
++              }
+           }
+       }
+     }



Home | Main Index | Thread Index | Old Index