diff --git a/0001-nss-mymachines-do-not-allow-overlong-machine-names.patch b/0001-nss-mymachines-do-not-allow-overlong-machine-names.patch new file mode 100644 index 00000000..f6af8080 --- /dev/null +++ b/0001-nss-mymachines-do-not-allow-overlong-machine-names.patch @@ -0,0 +1,37 @@ +From cb31827d62066a04b02111df3052949fda4b6888 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= +Date: Mon, 23 Nov 2015 13:59:43 -0500 +Subject: [PATCH] nss-mymachines: do not allow overlong machine names + +https://github.com/systemd/systemd/issues/2002 +--- + src/nss-mymachines/nss-mymachines.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/nss-mymachines/nss-mymachines.c b/src/nss-mymachines/nss-mymachines.c +index 969fa96..c98a959 100644 +--- a/src/nss-mymachines/nss-mymachines.c ++++ b/src/nss-mymachines/nss-mymachines.c +@@ -416,6 +416,9 @@ enum nss_status _nss_mymachines_getpwnam_r( + if (!e || e == p) + goto not_found; + ++ if (e - p > HOST_NAME_MAX - 1) /* -1 for the last dash */ ++ goto not_found; ++ + r = parse_uid(e + 1, &uid); + if (r < 0) + goto not_found; +@@ -573,6 +576,9 @@ enum nss_status _nss_mymachines_getgrnam_r( + if (!e || e == p) + goto not_found; + ++ if (e - p > HOST_NAME_MAX - 1) /* -1 for the last dash */ ++ goto not_found; ++ + r = parse_gid(e + 1, &gid); + if (r < 0) + goto not_found; +-- +2.1.4 + diff --git a/systemd-mini.changes b/systemd-mini.changes index 86af604d..36949b52 100644 --- a/systemd-mini.changes +++ b/systemd-mini.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Mon Nov 30 13:59:52 UTC 2015 - thomas.blume@suse.com + +- fix CVE-2015-7510: Stack overflow in nss-mymachines (boo#956712) + Add 0001-nss-mymachines-do-not-allow-overlong-machine-names.patch + ------------------------------------------------------------------- Wed Nov 18 14:17:05 UTC 2015 - jengelh@inai.de diff --git a/systemd-mini.spec b/systemd-mini.spec index d8c7fae1..581173e5 100644 --- a/systemd-mini.spec +++ b/systemd-mini.spec @@ -245,6 +245,8 @@ Patch521: kbd-model-map.patch Patch522: Correct_assert_on_unexpected_error_code.patch # PATCH-FIX-SUSE Do not stress the kernel's vc ioctls (boo#904214) Patch523: let-vconsole-setup-get-properties-only-once-to-copy-them.patch +# PATCH-FIX-UPSTREAM (bsc#956712) +Patch524: 0001-nss-mymachines-do-not-allow-overlong-machine-names.patch # UDEV PATCHES # ============ @@ -582,6 +584,7 @@ cp %{SOURCE7} m4/ %patch521 -p1 %patch522 -p1 %patch523 -p0 +%patch524 -p1 # udev patches %patch1002 -p1 diff --git a/systemd.changes b/systemd.changes index 86af604d..36949b52 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Mon Nov 30 13:59:52 UTC 2015 - thomas.blume@suse.com + +- fix CVE-2015-7510: Stack overflow in nss-mymachines (boo#956712) + Add 0001-nss-mymachines-do-not-allow-overlong-machine-names.patch + ------------------------------------------------------------------- Wed Nov 18 14:17:05 UTC 2015 - jengelh@inai.de diff --git a/systemd.spec b/systemd.spec index 5f3d6e87..97f7e0e9 100644 --- a/systemd.spec +++ b/systemd.spec @@ -240,6 +240,8 @@ Patch521: kbd-model-map.patch Patch522: Correct_assert_on_unexpected_error_code.patch # PATCH-FIX-SUSE Do not stress the kernel's vc ioctls (boo#904214) Patch523: let-vconsole-setup-get-properties-only-once-to-copy-them.patch +# PATCH-FIX-UPSTREAM (bsc#956712) +Patch524: 0001-nss-mymachines-do-not-allow-overlong-machine-names.patch # UDEV PATCHES # ============ @@ -577,6 +579,7 @@ cp %{SOURCE7} m4/ %patch521 -p1 %patch522 -p1 %patch523 -p0 +%patch524 -p1 # udev patches %patch1002 -p1