diff --git a/shadow-CVE-2023-29383.patch b/shadow-CVE-2023-29383.patch new file mode 100644 index 0000000..c4b06c5 --- /dev/null +++ b/shadow-CVE-2023-29383.patch @@ -0,0 +1,51 @@ +Index: shadow-4.13/lib/fields.c +=================================================================== +--- shadow-4.13.orig/lib/fields.c ++++ shadow-4.13/lib/fields.c +@@ -21,9 +21,9 @@ + * + * The supplied field is scanned for non-printable and other illegal + * characters. +- * + -1 is returned if an illegal character is present. +- * + 1 is returned if no illegal characters are present, but the field +- * contains a non-printable character. ++ * + -1 is returned if an illegal or control character is present. ++ * + 1 is returned if no illegal or control characters are present, ++ * but the field contains a non-printable character. + * + 0 is returned otherwise. + */ + int valid_field (const char *field, const char *illegal) +@@ -37,23 +37,22 @@ int valid_field (const char *field, cons + + /* For each character of field, search if it appears in the list + * of illegal characters. */ ++ if (illegal && NULL != strpbrk (field, illegal)) { ++ return -1; ++ } ++ ++ /* Search if there are non-printable or control characters */ + for (cp = field; '\0' != *cp; cp++) { +- if (strchr (illegal, *cp) != NULL) { ++ unsigned char c = *cp; ++ if (!isprint (c)) { ++ err = 1; ++ } ++ if (iscntrl (c)) { + err = -1; + break; + } + } + +- if (0 == err) { +- /* Search if there are some non-printable characters */ +- for (cp = field; '\0' != *cp; cp++) { +- if (!isprint (*cp)) { +- err = 1; +- break; +- } +- } +- } +- + return err; + } + diff --git a/shadow.changes b/shadow.changes index bb2c812..67d8d7c 100644 --- a/shadow.changes +++ b/shadow.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Tue Apr 18 15:39:47 UTC 2023 - Michael Vetter + +- bsc#1210507 (CVE-2023-29383): + Check for control characters +- Add shadow-CVE-2023-29383.patch + ------------------------------------------------------------------- Wed Apr 12 12:08:43 UTC 2023 - Thorsten Kukuk diff --git a/shadow.spec b/shadow.spec index 2b9fa29..90580cb 100644 --- a/shadow.spec +++ b/shadow.spec @@ -54,6 +54,8 @@ Patch6: disable_new_audit_function.patch Patch7: shadow-audit-no-id.patch # PATCH-FIX-UPSTREAM shadow-fix-print-login-timeout.patch mvetter@suse.com -- Fix print full login timeout message (gh/shadow-maint/shadow#621) Patch8: shadow-fix-print-login-timeout.patch +# PATCH-FIX-UPSTREAM shadow-CVE-2023-29383.patch mvetter@suse.com -- Check control chracters in chfn (bsc#1210507) +Patch9: shadow-CVE-2023-29383.patch BuildRequires: audit-devel > 2.3 BuildRequires: autoconf BuildRequires: automake @@ -123,6 +125,7 @@ Development files for libsubid4. %endif %patch7 -p1 %patch8 -p1 +%patch9 -p1 iconv -f ISO88591 -t utf-8 doc/HOWTO > doc/HOWTO.utf8 mv -v doc/HOWTO.utf8 doc/HOWTO