guix-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: gnu: fuse: Add fix for CVE-2015-3202.


From: Mark H. Weaver
Subject: 01/01: gnu: fuse: Add fix for CVE-2015-3202.
Date: Fri, 22 May 2015 04:11:27 +0000

mhw pushed a commit to branch master
in repository guix.

commit 4de02f36ac00af722c8f693ab5823fc1a870d58f
Author: Mark H Weaver <address@hidden>
Date:   Fri May 22 00:09:26 2015 -0400

    gnu: fuse: Add fix for CVE-2015-3202.
    
    * gnu/packages/patches/fuse-CVE-2015-3202.patch: New file.
    * gnu-system.am (dist_patch_DATA): Add it.
    * gnu/packages/linux.scm (fuse): Add patch.
---
 gnu-system.am                                 |    1 +
 gnu/packages/linux.scm                        |    3 +-
 gnu/packages/patches/fuse-CVE-2015-3202.patch |   65 +++++++++++++++++++++++++
 3 files changed, 68 insertions(+), 1 deletions(-)

diff --git a/gnu-system.am b/gnu-system.am
index 297c8bc..23113bb 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -421,6 +421,7 @@ dist_patch_DATA =                                           
\
   gnu/packages/patches/flashrom-use-libftdi1.patch             \
   gnu/packages/patches/flex-bison-tests.patch                  \
   gnu/packages/patches/fltk-shared-lib-defines.patch           \
+  gnu/packages/patches/fuse-CVE-2015-3202.patch                        \
   gnu/packages/patches/gawk-shell.patch                                \
   gnu/packages/patches/gcc-arm-link-spec-fix.patch             \
   gnu/packages/patches/gcc-cross-environment-variables.patch   \
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index b5f4b55..26e9aa9 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -1212,7 +1212,8 @@ processes currently causing I/O.")
                                   version ".tar.gz"))
               (sha256
                (base32
-                "071r6xjgssy8vwdn6m28qq1bqxsd2bphcd2mzhq0grf5ybm87sqb"))))
+                "071r6xjgssy8vwdn6m28qq1bqxsd2bphcd2mzhq0grf5ybm87sqb"))
+              (patches (list (search-patch "fuse-CVE-2015-3202.patch")))))
     (build-system gnu-build-system)
     (inputs `(("util-linux" ,util-linux)))
     (arguments
diff --git a/gnu/packages/patches/fuse-CVE-2015-3202.patch 
b/gnu/packages/patches/fuse-CVE-2015-3202.patch
new file mode 100644
index 0000000..7c64de7
--- /dev/null
+++ b/gnu/packages/patches/fuse-CVE-2015-3202.patch
@@ -0,0 +1,65 @@
+The following patch was copied from Debian.
+
+Description: Fix CVE-2015-3202
+ Missing scrubbing of the environment before executing a mount or umount
+ of a filesystem.
+Origin: upstream
+Author: Miklos Szeredi <address@hidden>
+Last-Update: 2015-05-19
+
+---
+ lib/mount_util.c |   23 +++++++++++++++++------
+ 1 file changed, 17 insertions(+), 6 deletions(-)
+
+--- a/lib/mount_util.c
++++ b/lib/mount_util.c
+@@ -95,10 +95,12 @@ static int add_mount(const char *prognam
+               goto out_restore;
+       }
+       if (res == 0) {
++              char *env = NULL;
++
+               sigprocmask(SIG_SETMASK, &oldmask, NULL);
+               setuid(geteuid());
+-              execl("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
+-                    "-f", "-t", type, "-o", opts, fsname, mnt, NULL);
++              execle("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
++                     "-f", "-t", type, "-o", opts, fsname, mnt, NULL, &env);
+               fprintf(stderr, "%s: failed to execute /bin/mount: %s\n",
+                       progname, strerror(errno));
+               exit(1);
+@@ -146,10 +148,17 @@ static int exec_umount(const char *progn
+               goto out_restore;
+       }
+       if (res == 0) {
++              char *env = NULL;
++
+               sigprocmask(SIG_SETMASK, &oldmask, NULL);
+               setuid(geteuid());
+-              execl("/bin/umount", "/bin/umount", "-i", rel_mnt,
+-                    lazy ? "-l" : NULL, NULL);
++              if (lazy) {
++                      execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
++                             "-l", NULL, &env);
++              } else {
++                      execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
++                             NULL, &env);
++              }
+               fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
+                       progname, strerror(errno));
+               exit(1);
+@@ -205,10 +214,12 @@ static int remove_mount(const char *prog
+               goto out_restore;
+       }
+       if (res == 0) {
++              char *env = NULL;
++
+               sigprocmask(SIG_SETMASK, &oldmask, NULL);
+               setuid(geteuid());
+-              execl("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
+-                    "--fake", mnt, NULL);
++              execle("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
++                     "--fake", mnt, NULL, &env);
+               fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
+                       progname, strerror(errno));
+               exit(1);



reply via email to

[Prev in Thread] Current Thread [Next in Thread]