- Update to cifs-utils 5.4.
+ the "rootsbindir" can now be specified at configure time + mount.cifs now supports the -s option by passing "sloppy" to the kernel in the options string + cifs.upcall now properly respects the domain_realm section in krb5.conf + unprivileged users can no longer mount onto dirs into which they can't chdir (fixes CVE-2012-1586) OBS-URL: https://build.opensuse.org/package/show/network:samba:STABLE/cifs-utils?expand=0&rev=47
This commit is contained in:
parent
4150dbfbcc
commit
022564b90a
70
8c6268cbbd4202631e5c4b30297adc0088a1d568.diff
Normal file
70
8c6268cbbd4202631e5c4b30297adc0088a1d568.diff
Normal file
@ -0,0 +1,70 @@
|
|||||||
|
commit 8c6268cbbd4202631e5c4b30297adc0088a1d568
|
||||||
|
Author: Jeff Layton <jlayton@samba.org>
|
||||||
|
Date: Thu Apr 19 07:29:46 2012 -0400
|
||||||
|
|
||||||
|
mount.cifs: fix up some -D_FORTIFY_SOURCE=2 warnings
|
||||||
|
|
||||||
|
...and add -D_FORTIFY_SOURCE=2 to the default $CFLAGS.
|
||||||
|
|
||||||
|
Acked-by: Acked-by: Suresh Jayaraman <sjayaraman@suse.com>
|
||||||
|
Signed-off-by: Jeff Layton <jlayton@samba.org>
|
||||||
|
|
||||||
|
diff --git a/Makefile.am b/Makefile.am
|
||||||
|
index d95142a..05729ca 100644
|
||||||
|
--- a/Makefile.am
|
||||||
|
+++ b/Makefile.am
|
||||||
|
@@ -1,4 +1,4 @@
|
||||||
|
-AM_CFLAGS = -Wall -Wextra -Werror
|
||||||
|
+AM_CFLAGS = -Wall -Wextra -Werror -D_FORTIFY_SOURCE=2
|
||||||
|
ACLOCAL_AMFLAGS = -I aclocal
|
||||||
|
|
||||||
|
root_sbindir = $(ROOTSBINDIR)
|
||||||
|
diff --git a/mount.cifs.c b/mount.cifs.c
|
||||||
|
index f0b073e..2c481d8 100644
|
||||||
|
--- a/mount.cifs.c
|
||||||
|
+++ b/mount.cifs.c
|
||||||
|
@@ -927,11 +927,11 @@ parse_options(const char *data, struct parsed_mount_info *parsed_info)
|
||||||
|
return EX_USAGE;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
- /* domain/username%password */
|
||||||
|
- const int max = MAX_DOMAIN_SIZE +
|
||||||
|
- MAX_USERNAME_SIZE +
|
||||||
|
- MOUNT_PASSWD_SIZE + 2;
|
||||||
|
- if (strnlen(value, max + 1) >= max + 1) {
|
||||||
|
+ /* domain/username%password + NULL term. */
|
||||||
|
+ const size_t max = MAX_DOMAIN_SIZE +
|
||||||
|
+ MAX_USERNAME_SIZE +
|
||||||
|
+ MOUNT_PASSWD_SIZE + 2 + 1;
|
||||||
|
+ if (strnlen(value, max) >= max) {
|
||||||
|
fprintf(stderr, "username too long\n");
|
||||||
|
return EX_USAGE;
|
||||||
|
}
|
||||||
|
@@ -1603,8 +1603,10 @@ add_mtab(char *devname, char *mountpoint, unsigned long flags, const char *fstyp
|
||||||
|
mountent.mnt_passno = 0;
|
||||||
|
rc = addmntent(pmntfile, &mountent);
|
||||||
|
if (rc) {
|
||||||
|
+ int ignore __attribute__((unused));
|
||||||
|
+
|
||||||
|
fprintf(stderr, "unable to add mount entry to mtab\n");
|
||||||
|
- ftruncate(fd, statbuf.st_size);
|
||||||
|
+ ignore = ftruncate(fd, statbuf.st_size);
|
||||||
|
rc = EX_FILEIO;
|
||||||
|
}
|
||||||
|
tmprc = my_endmntent(pmntfile, statbuf.st_size);
|
||||||
|
diff --git a/mtab.c b/mtab.c
|
||||||
|
index de545b7..3d42ac0 100644
|
||||||
|
--- a/mtab.c
|
||||||
|
+++ b/mtab.c
|
||||||
|
@@ -271,8 +271,10 @@ my_endmntent(FILE *stream, off_t size)
|
||||||
|
|
||||||
|
/* truncate file back to "size" -- best effort here */
|
||||||
|
if (rc) {
|
||||||
|
+ int ignore __attribute__((unused));
|
||||||
|
+
|
||||||
|
rc = errno;
|
||||||
|
- ftruncate(fd, size);
|
||||||
|
+ ignore = ftruncate(fd, size);
|
||||||
|
}
|
||||||
|
|
||||||
|
endmntent(stream);
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:68e969c4107a872e2848992732dc11eafc7bdf084bec894c0ba677572de49b32
|
|
||||||
size 374762
|
|
3
cifs-utils-5.4.tar.bz2
Normal file
3
cifs-utils-5.4.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:f6c267e4cfb111ab47a6e85a802373475edaab31d76eab4e7927ea6fe82e7f7b
|
||||||
|
size 381416
|
@ -1,3 +1,14 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Thu Apr 19 10:30:44 UTC 2012 - lmuelle@suse.com
|
||||||
|
|
||||||
|
- Update to cifs-utils 5.4.
|
||||||
|
+ the "rootsbindir" can now be specified at configure time
|
||||||
|
+ mount.cifs now supports the -s option by passing "sloppy" to the
|
||||||
|
kernel in the options string
|
||||||
|
+ cifs.upcall now properly respects the domain_realm section in krb5.conf
|
||||||
|
+ unprivileged users can no longer mount onto dirs into which they
|
||||||
|
can't chdir (fixes CVE-2012-1586)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Feb 6 09:17:17 UTC 2012 - dlovasko@suse.com
|
Mon Feb 6 09:17:17 UTC 2012 - dlovasko@suse.com
|
||||||
|
|
||||||
|
@ -15,8 +15,9 @@
|
|||||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||||
#
|
#
|
||||||
|
|
||||||
|
|
||||||
Name: cifs-utils
|
Name: cifs-utils
|
||||||
Version: 5.3
|
Version: 5.4
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Utilities for doing and managing mounts of the Linux CIFS filesyste
|
Summary: Utilities for doing and managing mounts of the Linux CIFS filesyste
|
||||||
License: GPL-3.0+
|
License: GPL-3.0+
|
||||||
@ -26,6 +27,7 @@ Source: %{name}-%{version}.tar.bz2
|
|||||||
Source1: cifs.init
|
Source1: cifs.init
|
||||||
Source2: mkinitrd_scripts_boot-cifs.sh
|
Source2: mkinitrd_scripts_boot-cifs.sh
|
||||||
Source3: mkinitrd_scripts_setup-cifs.sh
|
Source3: mkinitrd_scripts_setup-cifs.sh
|
||||||
|
Patch: 8c6268cbbd4202631e5c4b30297adc0088a1d568.diff
|
||||||
%if 0%{?suse_version}
|
%if 0%{?suse_version}
|
||||||
PreReq: insserv %{?fillup_prereq} mkinitrd
|
PreReq: insserv %{?fillup_prereq} mkinitrd
|
||||||
%else
|
%else
|
||||||
@ -69,6 +71,7 @@ the Linux CIFS filesystem.
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
|
%patch -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
autoreconf --force --install
|
autoreconf --force --install
|
||||||
|
Loading…
Reference in New Issue
Block a user