rpm/sudo
SHA256
1
0
Fork 0
forked from pool/sudo
Code Pull Requests Activity

Accepting request 156978 from Base:System

Browse Source 
- added two security fixes:
  * CVE-2013-1775 (bnc#806919)
    + sudo-1.8.6p3-CVE-2013-1775.patch
  * CVE-2013-1776 (bnc#806921)
    + sudo-1.8.6p3-CVE-2013-1776.patch (forwarded request 156969 from vitezslav_cizek)

OBS-URL: https://build.opensuse.org/request/show/156978
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/sudo?expand=0&rev=54
This commit is contained in:
Stephan Kulow 2013-03-01 19:45:08 +00:00 committed by Git OBS Bridge
commit 04df74a6bc
4 changed files with 153 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
sudo-1.8.6p3-CVE-2013-1775.patch Normal file
View File

@ -0,0 +1,68 @@
63210a2b8f2f199b521f6c8213bb29775c09375c
plugins/sudoers/check.c | 53 +++++++++++++++++++++++++----------------------
1 file changed, 28 insertions(+), 25 deletions(-)
Index: sudo-1.8.6p3/plugins/sudoers/check.c
===================================================================
--- sudo-1.8.6p3.orig/plugins/sudoers/check.c 2012-09-18 15:56:29.000000000 +0200
+++ sudo-1.8.6p3/plugins/sudoers/check.c 2013-03-01 12:10:34.285863069 +0100
@@ -627,31 +627,34 @@ timestamp_status(char *timestampdir, cha
*/
if (status == TS_OLD && !ISSET(flags, TS_REMOVE)) {
mtim_get(&sb, &mtime);
- /* Negative timeouts only expire manually (sudo -k). */
- if (def_timestamp_timeout < 0 && mtime.tv_sec != 0)
- status = TS_CURRENT;
- else {
- now = time(NULL);
- if (def_timestamp_timeout &&
- now - mtime.tv_sec < 60 * def_timestamp_timeout) {
- /*
- * Check for bogus time on the stampfile. The clock may
- * have been set back or someone could be trying to spoof us.
- */
- if (mtime.tv_sec > now + 60 * def_timestamp_timeout * 2) {
- time_t tv_sec = (time_t)mtime.tv_sec;
- log_error(0,
- _("timestamp too far in the future: %20.20s"),
- 4 + ctime(&tv_sec));
- if (timestampfile)
- (void) unlink(timestampfile);
- else
- (void) rmdir(timestampdir);
- status = TS_MISSING;
- } else if (get_boottime(&boottime) && timevalcmp(&mtime, &boottime, <)) {
- status = TS_OLD;
- } else {
- status = TS_CURRENT;
+ if (timevalisset(&mtime)) {
+ /* Negative timeouts only expire manually (sudo -k). */
+ if (def_timestamp_timeout < 0) {
+ status = TS_CURRENT;
+ } else {
+ now = time(NULL);
+ if (def_timestamp_timeout &&
+ now - mtime.tv_sec < 60 * def_timestamp_timeout) {
+ /*
+ * Check for bogus time on the stampfile. The clock may
+ * have been set back or user could be trying to spoof us.
+ */
+ if (mtime.tv_sec > now + 60 * def_timestamp_timeout * 2) {
+ time_t tv_sec = (time_t)mtime.tv_sec;
+ log_error(0,
+ _("timestamp too far in the future: %20.20s"),
+ 4 + ctime(&tv_sec));
+ if (timestampfile)
+ (void) unlink(timestampfile);
+ else
+ (void) rmdir(timestampdir);
+ status = TS_MISSING;
+ } else if (get_boottime(&boottime) &&
+ timevalcmp(&mtime, &boottime, <)) {
+ status = TS_OLD;
+ } else {
+ status = TS_CURRENT;
+ }
}
}
}

71
sudo-1.8.6p3-CVE-2013-1776.patch Normal file
View File

@ -0,0 +1,71 @@
2b18d55589975e70dd98f24bca5b0aaabc56a9b5
plugins/sudoers/check.c | 4 +++-
plugins/sudoers/sudoers.c | 4 ++++
plugins/sudoers/sudoers.h | 3 ++-
3 files changed, 9 insertions(+), 2 deletions(-)
Index: sudo-1.8.6p3/plugins/sudoers/check.c
===================================================================
--- sudo-1.8.6p3.orig/plugins/sudoers/check.c 2013-03-01 12:10:18.668403327 +0100
+++ sudo-1.8.6p3/plugins/sudoers/check.c 2013-03-01 12:10:18.684403798 +0100
@@ -82,6 +82,7 @@ static struct tty_info {
dev_t rdev; /* tty device ID */
ino_t ino; /* tty inode number */
struct timeval ctime; /* tty inode change time */
+ pid_t sid; /* ID of session with controlling tty */
} tty_info;
static int build_timestamp(char **, char **);
@@ -138,13 +139,14 @@ check_user(int validated, int mode)
if (ISSET(mode, MODE_IGNORE_TICKET))
SET(validated, FLAG_CHECK_USER);
- /* Stash the tty's ctime for tty ticket comparison. */
+ /* Stash the tty's device, session ID and ctime for ticket comparison. */
if (def_tty_tickets && user_ttypath && stat(user_ttypath, &sb) == 0) {
tty_info.dev = sb.st_dev;
tty_info.ino = sb.st_ino;
tty_info.rdev = sb.st_rdev;
if (tty_is_devpts(user_ttypath))
ctim_get(&sb, &tty_info.ctime);
+ tty_info.sid = user_sid;
}
if (build_timestamp(&timestampdir, &timestampfile) == -1) {
Index: sudo-1.8.6p3/plugins/sudoers/sudoers.c
===================================================================
--- sudo-1.8.6p3.orig/plugins/sudoers/sudoers.c 2012-09-18 15:56:30.000000000 +0200
+++ sudo-1.8.6p3/plugins/sudoers/sudoers.c 2013-03-01 12:10:18.685403827 +0100
@@ -1410,6 +1410,10 @@ deserialize_info(char * const args[], ch
sudo_user.cols = atoi(*cur + sizeof("cols=") - 1);
continue;
}
+ if (MATCHES(*cur, "sid=")) {
+ sudo_user.sid = atoi(*cur + sizeof("sid=") - 1);
+ continue;
+ }
}
if (user_cwd == NULL)
user_cwd = "unknown";
Index: sudo-1.8.6p3/plugins/sudoers/sudoers.h
===================================================================
--- sudo-1.8.6p3.orig/plugins/sudoers/sudoers.h 2012-09-18 15:57:43.000000000 +0200
+++ sudo-1.8.6p3/plugins/sudoers/sudoers.h 2013-03-01 12:10:18.685403827 +0100
@@ -95,6 +95,7 @@ struct sudo_user {
int flags;
uid_t uid;
uid_t gid;
+ pid_t sid;
};
/*
@@ -171,8 +172,8 @@ struct sudo_user {
#define user_name (sudo_user.name)
#define user_uid (sudo_user.uid)
#define user_gid (sudo_user.gid)
+#define user_sid (sudo_user.sid)
#define user_passwd (sudo_user.pw->pw_passwd)
-#define user_uuid (sudo_user.uuid)
#define user_dir (sudo_user.pw->pw_dir)
#define user_gids (sudo_user.gids)
#define user_ngids (sudo_user.ngids)

9
sudo.changes
View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Fri Mar 1 11:12:28 UTC 2013 - vcizek@suse.com
- added two security fixes:
* CVE-2013-1775 (bnc#806919)
+ sudo-1.8.6p3-CVE-2013-1775.patch
* CVE-2013-1776 (bnc#806921)
+ sudo-1.8.6p3-CVE-2013-1776.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Dec 3 10:58:10 UTC 2012 - cfarrell@suse.com Mon Dec 3 10:58:10 UTC 2012 - cfarrell@suse.com

6
sudo.spec
View File

@ -1,7 +1,7 @@
# #
# spec file for package sudo # spec file for package sudo
# #
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -28,6 +28,8 @@ Source1: sudo.pamd
Source2: README.SUSE Source2: README.SUSE
Patch0: sudoers2ldif-env.patch Patch0: sudoers2ldif-env.patch
Patch1: sudo-sudoers.patch Patch1: sudo-sudoers.patch
Patch2: sudo-1.8.6p3-CVE-2013-1775.patch
Patch3: sudo-1.8.6p3-CVE-2013-1776.patch
BuildRequires: audit-devel BuildRequires: audit-devel
BuildRequires: groff BuildRequires: groff
BuildRequires: libselinux-devel BuildRequires: libselinux-devel
@ -57,6 +59,8 @@ These header files are needed for building of sudo plugins.
%setup -q %setup -q
%patch0 -p1 %patch0 -p1
%patch1 -p1 %patch1 -p1
%patch2 -p1
%patch3 -p1
%build %build
%ifarch s390 s390x %sparc %ifarch s390 s390x %sparc