rpms/util-linux/FC-6 util-linux-2.13-mount-setuid.patch, NONE, 1.1 util-linux.spec, 1.155, 1.156
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Mon Oct 8 19:19:12 UTC 2007
Author: kzak
Update of /cvs/dist/rpms/util-linux/FC-6
In directory cvs.devel.redhat.com:/tmp/cvs-serv13263
Modified Files:
util-linux.spec
Added Files:
util-linux-2.13-mount-setuid.patch
Log Message:
* Mon Oct 8 2007 Karel Zak <kzak at redhat.com> 2.13-0.49
- fix #320141 - CVE-2007-5191 util-linux (u)mount doesn't drop privileges properly when calling helpers [FC6]
util-linux-2.13-mount-setuid.patch:
mount.c | 8 ++++++--
umount.c | 8 ++++++--
2 files changed, 12 insertions(+), 4 deletions(-)
--- NEW FILE util-linux-2.13-mount-setuid.patch ---
diff -up util-linux-2.13-pre7/mount/umount.c.kzak util-linux-2.13-pre7/mount/umount.c
--- util-linux-2.13-pre7/mount/umount.c.kzak 2007-10-08 15:22:38.000000000 +0200
+++ util-linux-2.13-pre7/mount/umount.c 2007-10-08 15:24:01.000000000 +0200
@@ -102,8 +102,12 @@ check_special_umountprog(const char *spe
char *umountargs[8];
int i = 0;
- setuid(getuid());
- setgid(getgid());
+ if(setgid(getgid()) < 0)
+ die(EX_FAIL, _("umount: cannot set group id: %s"), strerror(errno));
+
+ if(setuid(getuid()) < 0)
+ die(EX_FAIL, _("umount: cannot set user id: %s"), strerror(errno));
+
umountargs[i++] = umountprog;
umountargs[i++] = xstrdup(node);
if (nomtab)
diff -up util-linux-2.13-pre7/mount/mount.c.kzak util-linux-2.13-pre7/mount/mount.c
--- util-linux-2.13-pre7/mount/mount.c.kzak 2007-10-08 15:22:38.000000000 +0200
+++ util-linux-2.13-pre7/mount/mount.c 2007-10-08 15:24:01.000000000 +0200
@@ -600,8 +600,12 @@ check_special_mountprog(const char *spec
char *oo, *mountargs[11];
int i = 0;
- setuid(getuid());
- setgid(getgid());
+ if(setgid(getgid()) < 0)
+ die(EX_FAIL, _("mount: cannot set group id: %s"), strerror(errno));
+
+ if(setuid(getuid()) < 0)
+ die(EX_FAIL, _("mount: cannot set user id: %s"), strerror(errno));
+
oo = fix_opts_string (flags, extra_opts, NULL);
mountargs[i++] = mountprog;
mountargs[i++] = spec;
Index: util-linux.spec
===================================================================
RCS file: /cvs/dist/rpms/util-linux/FC-6/util-linux.spec,v
retrieving revision 1.155
retrieving revision 1.156
diff -u -r1.155 -r1.156
--- util-linux.spec 2 Aug 2007 11:53:10 -0000 1.155
+++ util-linux.spec 8 Oct 2007 19:19:09 -0000 1.156
@@ -9,7 +9,7 @@
Summary: A collection of basic system utilities.
Name: util-linux
Version: 2.13
-Release: 0.48%{?dist}
+Release: 0.49%{?dist}
License: distributable
Group: System Environment/Base
@@ -237,6 +237,8 @@
# 238918 - blockdev --getsize does not work properly on devices with more than 2^31 sectors
Patch268: util-linux-2.13-blockdev-errno.patch
Patch269: util-linux-2.13-blockdev-unsigned.patch
+# 320141: CVE-2007-5191 util-linux (u)mount doesn't drop privileges properly when calling helpers [FC6]
+Patch270: util-linux-2.13-mount-setuid.patch
%description
The util-linux package contains a large variety of low-level system
@@ -335,6 +337,7 @@
%patch267 -p1
%patch268 -p1
%patch269 -p1
+%patch270 -p1
%build
unset LINGUAS || :
@@ -726,6 +729,9 @@
/sbin/losetup
%changelog
+* Mon Oct 8 2007 Karel Zak <kzak at redhat.com> 2.13-0.49
+- fix #320141 - CVE-2007-5191 util-linux (u)mount doesn't drop privileges properly when calling helpers [FC6]
+
* Thu Aug 2 2007 Karel Zak <kzak at redhat.com> 2.13-0.48
- fix #238918 - blockdev --getsize does not work properly on devices with more than 2^31 sectors
More information about the fedora-cvs-commits
mailing list