mirror of
git://slackware.nl/current.git
synced 2024-12-31 10:28:29 +01:00
c9881ad979
patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz: Rebuilt.
If root's mailbox did not already exist, it would be created with insecure
permissions leading to possible local information disclosure. This update
ensures that a new mailbox will be created with proper permissions and
ownership, and corrects the permissions on an existing mailbox if they are
found to be incorrect. Thanks to Martin for the bug report.
(* Security fix *)
patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz: Upgraded.
This release fixes a security issue in chsh(1) and chfn(8):
By default, these utilities had been linked with libreadline, which allows
the INPUTRC environment variable to be abused to produce an error message
containing data from an arbitrary file. So, don't link these utilities with
libreadline as it does not use secure_getenv() (or a similar concept), or
sanitize the config file path to avoid vulnerabilities that could occur in
set-user-ID or set-group-ID programs.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0563
(* Security fix *)
20 lines
568 B
Diff
20 lines
568 B
Diff
From db281fc97f1d665a61acabfd8d5933130996b29f Mon Sep 17 00:00:00 2001
|
|
From: mancha <mancha1@zoho.com>
|
|
Date: Wed, 29 Oct 2014
|
|
Subject: Heap overflow
|
|
|
|
Fix heap-buffer-overflow in strings.c as bundled by util-linux
|
|
through version 2.9 and as shipped by Slackware Linux and
|
|
Slackware derivatives.
|
|
|
|
--- a/strings.c
|
|
+++ b/strings.c
|
|
@@ -124,7 +124,7 @@ main(argc, argv)
|
|
if (minlen == -1)
|
|
minlen = DEF_LEN;
|
|
|
|
- if (!(bfr = malloc((u_int)minlen))) {
|
|
+ if (!(bfr = malloc((u_int)minlen + 1))) {
|
|
(void)fprintf(stderr, "strings: %s\n", strerror(errno));
|
|
exit(1);
|
|
}
|