Compare commits

..

17 Commits

Author SHA1 Message Date
Toni Mueller 9698b06fef elaborate on the editor selection of the programs 2024-02-29 16:38:55 +00:00
Toni Mueller 406dd68863 elaborate on the editor selection of the programs 2024-02-28 22:58:41 +00:00
Jonathan Carter 2ff04fd9b5 Merge branch '2024-02-12/1' into 'master'
(Helmut Grohne) move login and shadowconfig to /usr

See merge request debian/shadow!19
2024-02-18 12:43:59 +00:00
Serge Hallyn 97a3bc0c43 (Helmut Grohne) move login and shadowconfig to /usr
Signed-off-by: Serge Hallyn <serge@hallyn.com>
2024-02-12 19:23:31 -06:00
Balint Reczey 485b374d09 Update changelog 2023-10-15 19:11:29 +02:00
Balint Reczey 25f0b936c0 Remove myself from uploaders 2023-09-27 10:22:26 +02:00
Balint Reczey 776d4d23ac Update changelog 2023-09-26 22:02:45 +02:00
Balint Reczey 9f285306f3 Fix valid_field() that regressed in upstream's first CVE fix
cherry-picking upstream's regression fix.

Follow-up for commit 50defcfa5d .

Gbp-Dch: Ignore
2023-09-26 12:19:29 +02:00
Balint Reczey f569ea06ff Update changelog 2023-09-25 18:18:48 +02:00
Balint Reczey 50defcfa5d Cherry-pick upstream patch to fix chfn vulnerability
(CVE-2023-29383)

Closes: #1034482
2023-09-25 18:13:40 +02:00
Balint Reczey 56c7502686 Cherry-pick upstream patch to fix gpasswd passwd leak
(CVE-2023-4641)

Closes: #1051062
2023-09-25 17:55:00 +02:00
Balint Reczey 7c66acdd2e Update changelog 2023-09-25 17:41:27 +02:00
Balint Reczey 4806645316 debian/NEWS: Fix false claim about PREVENT_NO_AUTH affecting authentication
Also drop setting PREVENT_NO_AUTH in shipped login.defs.

Closes: #1041547
2023-09-25 17:15:46 +02:00
Balint Reczey 05a41bc4d5 Merge branch 'bprofile-nodoc' into 'master'
Support <nodoc> build profile (Closes: #1051827)

See merge request debian/shadow!18
2023-09-13 07:55:26 +00:00
Gioele Barabucci 75eb241552 Support <nodoc> build profile
`xsltproc`, `docbook` and all other XML-related packages are not needed
when the `<nodoc>` build profile is active, as long as `./configure` is
called with `--disable-man`.

Closes: #1051827
2023-09-13 08:52:53 +02:00
Balint Reczey d7ce68863e debian/login.pam: Drop reference to Debian Etch
Closes: #1040064
2023-07-02 20:59:28 +02:00
Balint Reczey 095f9d48ef debian/gitlab-ci.yml: Use sudo to fix reprotest test 2022-11-11 21:18:06 +01:00
12 changed files with 73 additions and 91 deletions
Vendored
+8
View File
@@ -1,3 +1,11 @@
shadow (1:4.13+dfsg1-2) unstable; urgency=medium
The previous entry falsely states that PREVENT_NO_AUTH in /etc/login.defs
affects authentication. The historical default of letting all users with
empty password field in without authentication is still in effect.
-- Balint Reczey <balint@balintreczey.hu> Mon, 25 Sep 2023 17:04:09 +0200
shadow (1:4.11.1+dfsg1-0exp1) experimental; urgency=medium shadow (1:4.11.1+dfsg1-0exp1) experimental; urgency=medium
Login now prevents an empty password field to be interpreted as Login now prevents an empty password field to be interpreted as
+34 -12
View File
@@ -1,22 +1,44 @@
shadow (1:4.13+dfsg1-1+deb12u2) bookworm; urgency=medium shadow (1:4.13+dfsg1-4.1) unstable; urgency=medium
* Apply upstream patch to fix groupmod -U "" segfault (Closes: #1122913) * Enhance the manpage for vipw (closes #1064940).
-- Chris Hofstaedtler <zeha@debian.org> Sun, 14 Dec 2025 15:00:01 +0100 -- Toni Mueller <toni@debian.org> Thu, 29 Feb 2024 16:37:32 +0000
shadow (1:4.13+dfsg1-1+deb12u1) bookworm; urgency=medium shadow (1:4.13+dfsg1-4) unstable; urgency=medium
[ Helmut Grohne ]
* DEP17: Move login and shadowconfig to /usr. (Closes: #1059915)
-- Serge Hallyn <serge@hallyn.com> Sun, 04 Feb 2024 20:28:27 +0000
shadow (1:4.13+dfsg1-3) unstable; urgency=medium
* Team upload
* Remove myself from uploaders
-- Balint Reczey <balint@balintreczey.hu> Sun, 15 Oct 2023 19:10:52 +0200
shadow (1:4.13+dfsg1-2) unstable; urgency=medium
[ Balint Reczey ] [ Balint Reczey ]
* Cherry-pick upstream patch to fix gpasswd passwd leak (Closes: #1051062) * debian/gitlab-ci.yml: Use sudo to fix reprotest test
CVE-2023-4641 * debian/login.pam: Drop reference to Debian Etch (Closes: #1040064)
* Cherry-pick upstream patch to fix chfn vulnerability (Closes: #1034482) * debian/NEWS: Fix false claim about PREVENT_NO_AUTH affecting authentication.
CVE-2023-29383 Also drop setting PREVENT_NO_AUTH in shipped login.defs. (Closes: #1041547)
* Fix valid_field() that regressed in upstream's chfn fix * Cherry-pick upstream patch to fix gpasswd passwd leak
(CVE-2023-4641) (Closes: #1051062)
* Cherry-pick upstream patch to fix chfn vulnerability allowing injection of
control characters into some /etc/passwd fields.
(CVE-2023-29383) (Closes: #1034482)
[ Chris Hofstaedtler ] [ Gioele Barabucci ]
* Update Uploaders: field from unstable * Support <nodoc> build profile
`xsltproc`, `docbook` and all other XML-related packages are not needed
when the `<nodoc>` build profile is active, as long as `./configure` is
called with `--disable-man`. (Closes: #1051827)
-- Chris Hofstaedtler <zeha@debian.org> Mon, 07 Apr 2025 12:38:46 +0200
-- Balint Reczey <balint@balintreczey.hu> Tue, 26 Sep 2023 22:01:52 +0200
shadow (1:4.13+dfsg1-1) unstable; urgency=medium shadow (1:4.13+dfsg1-1) unstable; urgency=medium
+6 -8
View File
@@ -1,8 +1,6 @@
Source: shadow Source: shadow
Maintainer: Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org> Maintainer: Shadow package maintainers <pkg-shadow-devel@lists.alioth.debian.org>
Uploaders: Uploaders: Serge Hallyn <serge@hallyn.com>
Serge Hallyn <serge@hallyn.com>,
Chris Hofstaedtler <zeha@debian.org>
Section: admin Section: admin
Priority: required Priority: required
Build-Depends: debhelper-compat (= 13), Build-Depends: debhelper-compat (= 13),
@@ -10,13 +8,13 @@ Build-Depends: debhelper-compat (= 13),
libcrypt-dev, libcrypt-dev,
libpam0g-dev, libpam0g-dev,
quilt, quilt,
xsltproc, xsltproc <!nodoc>,
docbook-xsl, docbook-xsl <!nodoc>,
docbook-xml, docbook-xml <!nodoc>,
libxml2-utils, libxml2-utils <!nodoc>,
libselinux1-dev [linux-any], libselinux1-dev [linux-any],
libsemanage-dev [linux-any], libsemanage-dev [linux-any],
itstool, itstool <!nodoc>,
bison, bison,
libaudit-dev [linux-any] libaudit-dev [linux-any]
Standards-Version: 4.6.1 Standards-Version: 4.6.1
+3 -1
View File
@@ -1,5 +1,7 @@
variables: variables:
RELEASE: 'unstable' RELEASE: 'unstable'
# workaround for https://salsa.debian.org/salsa-ci-team/pipeline/-/issues/259
SALSA_CI_REPROTEST_ARGS: --vary=domain_host.use_sudo=1
include: include:
- https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/salsa-ci.yml
- https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/pipeline-jobs.yml
-8
View File
@@ -337,14 +337,6 @@ NONEXISTENT /nonexistent
# #
#GRANT_AUX_GROUP_SUBIDS yes #GRANT_AUX_GROUP_SUBIDS yes
#
# Prevents an empty password field to be interpreted as "no authentication
# required".
# Set to "yes" to prevent for all accounts
# Set to "superuser" to prevent for UID 0 / root (default)
# Set to "no" to not prevent for any account (dangerous, historical default)
PREVENT_NO_AUTH superuser
# #
# Select the HMAC cryptography algorithm. # Select the HMAC cryptography algorithm.
# Used in pam_timestamp module to calculate the keyed-hash message # Used in pam_timestamp module to calculate the keyed-hash message
+1 -1
View File
@@ -4,4 +4,4 @@ sbin/nologin usr/sbin
usr/bin/faillog usr/bin/faillog
usr/bin/lastlog usr/bin/lastlog
usr/bin/newgrp usr/bin/newgrp
bin/login bin/login usr/bin
+1 -1
View File
@@ -49,7 +49,7 @@ session [success=ok ignore=ignore module_unknown=ignore default=bad] pam_selinux
# #
# parsing /etc/environment needs "readenv=1" # parsing /etc/environment needs "readenv=1"
session required pam_env.so readenv=1 session required pam_env.so readenv=1
# locale variables are also kept into /etc/default/locale in etch # locale variables can also be set in /etc/default/locale
# reading this file *in addition to /etc/environment* does not hurt # reading this file *in addition to /etc/environment* does not hurt
session required pam_env.so readenv=1 envfile=/etc/default/locale session required pam_env.so readenv=1 envfile=/etc/default/locale
+1 -1
View File
@@ -1,5 +1,5 @@
debian/default/useradd etc/default debian/default/useradd etc/default
debian/shadowconfig sbin debian/shadowconfig usr/sbin
usr/bin/chage usr/bin/chage
usr/bin/chfn usr/bin/chfn
usr/bin/chsh usr/bin/chsh
-3
View File
@@ -1,6 +1,3 @@
# Debian #1122913
upstream/10429edc14673fbb8c78b25f1872c34e88e5f07f.patch
# CVE-2023-4641 # CVE-2023-4641
0001-gpasswd-1-Fix-password-leak.patch 0001-gpasswd-1-Fix-password-leak.patch
@@ -1,54 +0,0 @@
From 10429edc14673fbb8c78b25f1872c34e88e5f07f Mon Sep 17 00:00:00 2001
From: lixinyun <li.xinyun@h3c.com>
Date: Wed, 29 May 2024 06:53:02 +0800
Subject: [PATCH] src/groupmod.c: delete gr_free_members(&grp) to avoid double
free
Groupmod -U may cause crashes because of double free. If without -a, the first free of (*ogrp).gr_mem is in gr_free_members(&grp), and then in gr_update without -n or gr_remove with -n.
Considering the minimal impact of modifications on existing code, delete gr_free_members(&grp) to avoid double free.Although this may seem reckless, the second free in two different positions will definitely be triggered, and the following two test cases can be used to illustrate the situation :
[root@localhost src]# ./useradd u1
[root@localhost src]# ./useradd u2
[root@localhost src]# ./useradd u3
[root@localhost src]# ./groupadd -U u1,u2,u3 g1
[root@localhost src]# ./groupmod -n g2 -U u1,u2 g1
Segmentation fault
This case would free (*ogrp).gr_mem in gr_free_members(&grp) due to assignment statements grp = *ogrp, then in if (nflg && (gr_remove (group_name) == 0)), which finally calls gr_free_members(grent) to free (*ogrp).gr_mem again.
[root@localhost src]# ./useradd u1
[root@localhost src]# ./useradd u2
[root@localhost src]# ./useradd u3
[root@localhost src]# ./groupadd -U u1,u2,u3 g1
[root@localhost src]# ./groupmod -U u1,u2 g1
Segmentation fault
The other case would free (*ogrp).gr_mem in gr_free_members(&grp) too, then in if (gr_update (&grp) == 0), which finally calls gr_free_members(grent) too to free (*ogrp).gr_mem again.
So the first free is unnecessary, maybe we can drop it.
Fixes: 342c934a3590 ("add -U option to groupadd and groupmod")
Closes: <https://github.com/shadow-maint/shadow/issues/1013>
Link: <https://github.com/shadow-maint/shadow/pull/1007>
Link: <https://github.com/shadow-maint/shadow/pull/271>
Link: <https://github.com/shadow-maint/shadow/issues/265>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Reviewed-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: lixinyun <li.xinyun@h3c.com>
---
src/groupmod.c | 2 --
1 file changed, 2 deletions(-)
diff --git i/src/groupmod.c w/src/groupmod.c
index 006eca1c..7eae4c6f 100644
--- i/src/groupmod.c
+++ w/src/groupmod.c
@@ -244,8 +244,6 @@ static void grp_update (void)
if (!aflg) {
// requested to replace the existing groups
- if (NULL != grp.gr_mem[0])
- gr_free_members(&grp);
grp.gr_mem = (char **)xmalloc(sizeof(char *));
grp.gr_mem[0] = (char *)0;
} else {
+5 -1
View File
@@ -21,6 +21,10 @@ DEB_CONFIGURE_EXTRA_FLAGS := --without-libcrack \
--without-tcb \ --without-tcb \
SHELL=/bin/sh SHELL=/bin/sh
ifneq ($(filter nodoc,$(DEB_BUILD_PROFILES)),)
DEB_CONFIGURE_EXTRA_FLAGS += --disable-man
endif
# Set the default editor for vipw/vigr # Set the default editor for vipw/vigr
CFLAGS += -DDEFAULT_EDITOR="\"sensible-editor\"" CFLAGS += -DDEFAULT_EDITOR="\"sensible-editor\""
@@ -38,7 +42,7 @@ endif
dh_install -a dh_install -a
ifeq ($(DEB_HOST_ARCH_OS),hurd) ifeq ($(DEB_HOST_ARCH_OS),hurd)
# /bin/login is provided by the hurd package. # /bin/login is provided by the hurd package.
rm -f debian/login/bin/login rm -f debian/login/usr/bin/login
endif endif
override_dh_installpam: override_dh_installpam:
+14 -1
View File
@@ -73,10 +73,20 @@
the appropriate locks to prevent file corruption. When looking for an the appropriate locks to prevent file corruption. When looking for an
editor, the programs will first try the environment variable editor, the programs will first try the environment variable
<envar>$VISUAL</envar>, then the environment variable <envar>$VISUAL</envar>, then the environment variable
<envar>$EDITOR</envar>, and finally the default editor, <envar>$EDITOR</envar>, then the editor from
<filename>~/.selected_editor</filename>, and finally
<command>nano</command>.
<citerefentry><refentrytitle>vi</refentrytitle> <citerefentry><refentrytitle>vi</refentrytitle>
<manvolnum>1</manvolnum></citerefentry>. <manvolnum>1</manvolnum></citerefentry>.
</para> </para>
<para>
On the first run, if the environment variables <envar>$VISUAL</envar>
and <envar>$EDITOR</envar> are both unset, this program asks you for
an editor and stores your selection in
<filename>~/.selected_editor</filename>. If the editor mentioned
therein does not exist on your system, the program will fall back
to using <command>nano</command>.
</para>
</refsect1> </refsect1>
<refsect1 id='options'> <refsect1 id='options'>
@@ -210,6 +220,9 @@
<citerefentry> <citerefentry>
<refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum> <refentrytitle>gshadow</refentrytitle><manvolnum>5</manvolnum>
</citerefentry> </citerefentry>
<citerefentry>
<refentrytitle>~/.selected_editor</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>
<citerefentry condition="tcb"> <citerefentry condition="tcb">
<refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum> <refentrytitle>login.defs</refentrytitle><manvolnum>5</manvolnum>
</citerefentry>, </citerefentry>,