Accepting request 577189 from home:kbabioch:branches:Base:System

- Added CVE-2018-7169.patch: Fixed an privilege escalation in newgidmap, which allowed an unprivileged user to be placed in a user namespace where setgroups(2) is allowed. (CVE-2018-7169 bsc#1081294) OBS-URL: https://build.opensuse.org/request/show/577189 OBS-URL: https://build.opensuse.org/package/show/Base:System/shadow?expand=0&rev=48
2018-02-16 10:33:22 +00:00
parent 3fa4eb033a
commit 225b0ce1da
3 changed files with 190 additions and 1 deletions
--- a/shadow.spec
+++ b/shadow.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package shadow
 #
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -45,6 +45,7 @@ Patch10:        encryption_method_nis.patch
 Patch11:        useradd-mkdirs.patch
 Patch18:        shadow-4.1.5.1-pam_group.patch
 Patch20:        disable_new_audit_function.patch
+Patch21:        CVE-2018-7169.patch
 BuildRequires:  audit-devel > 2.3
 BuildRequires:  libacl-devel
 BuildRequires:  libattr-devel
@@ -79,6 +80,7 @@ group accounts.
 %patch18 -p1
 %if 0%{?suse_version} < 1330
 %patch20 -p1
+%patch21 -p1
 %endif

 iconv -f ISO88591 -t utf-8  doc/HOWTO > doc/HOWTO.utf8