Package: shadow / 1:4.2-3+deb8u4

Metadata

Package Version Patches format
shadow 1:4.2-3+deb8u4 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
503_shadowconfig.8 | (download)

man/fr/shadowconfig.8 | 26 26 + 0 - 0 !
man/ja/shadowconfig.8 | 25 25 + 0 - 0 !
man/pl/shadowconfig.8 | 27 27 + 0 - 0 !
man/shadowconfig.8 | 41 41 + 0 - 0 !
man/shadowconfig.8.xml | 52 52 + 0 - 0 !
5 files changed, 171 insertions(+)

---
008_login_log_failure_in_FTMP | (download)

lib/getdef.c | 2 1 + 1 - 0 !
src/login.c | 18 18 + 0 - 0 !
2 files changed, 19 insertions(+), 1 deletion(-)

---
301 CVE 2017 2616 su properly clear child PID.patch | (download)

src/su.c | 19 17 + 2 - 0 !
1 file changed, 17 insertions(+), 2 deletions(-)

 [patch] su: properly clear child pid

If su is compiled with PAM support, it is possible for any local user
to send SIGKILL to other processes with root privileges. There are
only two conditions. First, the user must be able to perform su with
a successful login. This does NOT have to be the root user, even using
su with the same id is enough, e.g. "su $(whoami)". Second, SIGKILL
can only be sent to processes which were executed after the su process.
It is not possible to send SIGKILL to processes which were already
running. I consider this as a security vulnerability, because I was
able to write a proof of concept which unlocked a screen saver of
another user this way.

302 CVE 2016 6252 fix integer overflow.patch | (download)

lib/getulong.c | 9 3 + 6 - 0 !
1 file changed, 3 insertions(+), 6 deletions(-)

 [patch] simplify getulong

Use strtoul to read an unsigned long, rather than reading
a signed long long and casting it.

https://bugzilla.suse.com/show_bug.cgi?id=979282

303 Reset pid_child only if waitpid was successful.patch | (download)

src/su.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 [patch] reset pid_child only if waitpid was successful.

Do not reset the pid_child to 0 if the child process is still
running. This else-condition can be reached with pid being -1,
therefore explicitly test this condition.

This is a regression fix for CVE-2017-2616. If su receives a
signal like SIGTERM, it is not propagated to the child.

Reported-by: Radu Duta <raduduta@gmail.com>
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

429_login_FAILLOG_ENAB | (download)

lib/getdef.c | 2 1 + 1 - 0 !
src/login.c | 19 18 + 1 - 0 !
2 files changed, 19 insertions(+), 2 deletions(-)

---
401_cppw_src.dpatch | (download)

po/POTFILES.in | 1 1 + 0 - 0 !
src/Makefile.am | 2 2 + 0 - 0 !
src/cppw.c | 238 238 + 0 - 0 !
3 files changed, 241 insertions(+)

---
402_cppw_selinux | (download)

src/cppw.c | 28 28 + 0 - 0 !
1 file changed, 28 insertions(+)

---
506_relaxed_usernames | (download)

libmisc/chkname.c | 21 21 + 0 - 0 !
man/groupadd.8.xml | 8 7 + 1 - 0 !
man/useradd.8.xml | 10 9 + 1 - 0 !
3 files changed, 37 insertions(+), 2 deletions(-)

---
542_useradd O_option | (download)

man/useradd.8.xml | 5 5 + 0 - 0 !
src/useradd.c | 5 3 + 2 - 0 !
2 files changed, 8 insertions(+), 2 deletions(-)

---
501_commonio_group_shadow | (download)

lib/commonio.c | 12 10 + 2 - 0 !
1 file changed, 10 insertions(+), 2 deletions(-)

---
463_login_delay_obeys_to_PAM | (download)

lib/getdef.c | 2 1 + 1 - 0 !
src/login.c | 19 5 + 14 - 0 !
2 files changed, 6 insertions(+), 15 deletions(-)

---
523_su_arguments_are_concatenated | (download)

src/su.c | 29 29 + 0 - 0 !
1 file changed, 29 insertions(+)

---
523_su_arguments_are_no_more_concatenated_by_default | (download)

src/su.c | 17 16 + 1 - 0 !
1 file changed, 16 insertions(+), 1 deletion(-)

---
508_nologin_in_usr_sbin | (download)

src/Makefile.am | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
505_useradd_recommend_adduser | (download)

man/useradd.8.xml | 6 6 + 0 - 0 !
man/userdel.8.xml | 6 6 + 0 - 0 !
2 files changed, 12 insertions(+)

---
1000_configure_userns | (download)

etc/login.defs | 4 2 + 2 - 0 !
libmisc/find_new_sub_gids.c | 2 1 + 1 - 0 !
libmisc/find_new_sub_uids.c | 2 1 + 1 - 0 !
src/newusers.c | 4 2 + 2 - 0 !
src/useradd.c | 10 8 + 2 - 0 !
5 files changed, 14 insertions(+), 8 deletions(-)

---
1010_vietnamese_translation | (download)

po/vi.po | 1182 439 + 743 - 0 !
1 file changed, 439 insertions(+), 743 deletions(-)

---
1020_fix_user_busy_errors | (download)

libmisc/user_busy.c | 9 9 + 0 - 0 !
1 file changed, 9 insertions(+)

 fix user_busy to not leave subuid open in case of error.