diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2024-04-18 19:17:30 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2024-04-19 13:30:41 +0200 |
| commit | d3c452d720018233486e993d409d08d30948111a (patch) | |
| tree | 5d7237f45c053f5269ea21132445e78b6d06bbc0 /patches/source/glibc/patches/0001-nsswitch-return-result-when-nss-database-is-locked.patch | |
| parent | 2a933a7e4fa4c4b799f410f676b997047b4c68a5 (diff) | |
| download | current-d3c452d720018233486e993d409d08d30948111a.tar.gz current-d3c452d720018233486e993d409d08d30948111a.tar.xz | |
Thu Apr 18 19:17:30 UTC 202420240418191730_15.0
patches/packages/bind-9.16.50-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
patches/packages/aaa_glibc-solibs-2.33-x86_64-6_slack15.0.txz: Rebuilt.
patches/packages/glibc-2.33-x86_64-6_slack15.0.txz: Rebuilt.
This update fixes a security issue:
The iconv() function in the GNU C Library versions 2.39 and older may
overflow the output buffer passed to it by up to 4 bytes when converting
strings to the ISO-2022-CN-EXT character set, which may be used to crash
an application or overwrite a neighbouring variable.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2024-2961
(* Security fix *)
patches/packages/glibc-i18n-2.33-x86_64-6_slack15.0.txz: Rebuilt.
patches/packages/glibc-profile-2.33-x86_64-6_slack15.0.txz: Rebuilt.
testing/packages/bind-9.18.26-x86_64-1_slack15.0.txz: Upgraded.
This is a bugfix release.
Diffstat (limited to 'patches/source/glibc/patches/0001-nsswitch-return-result-when-nss-database-is-locked.patch')
| -rw-r--r-- | patches/source/glibc/patches/0001-nsswitch-return-result-when-nss-database-is-locked.patch | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/patches/source/glibc/patches/0001-nsswitch-return-result-when-nss-database-is-locked.patch b/patches/source/glibc/patches/0001-nsswitch-return-result-when-nss-database-is-locked.patch new file mode 100644 index 000000000..458369251 --- /dev/null +++ b/patches/source/glibc/patches/0001-nsswitch-return-result-when-nss-database-is-locked.patch @@ -0,0 +1,47 @@ +From c3479fb7939898ec22c655c383454d6e8b982a67 Mon Sep 17 00:00:00 2001 +From: Sergei Trofimovich <slyfox@gentoo.org> +Date: Fri, 5 Feb 2021 07:32:18 +0000 +Subject: [PATCH] nsswitch: return result when nss database is locked [BZ + #27343] + +Before the change nss_database_check_reload_and_get() did not populate +the '*result' value when it returned success in a case of chroot +detection. This caused initgroups() to use garage pointer in the +following test (extracted from unbound): + +``` + +int main() { + // load some NSS modules + struct passwd * pw = getpwnam("root"); + + chdir("/tmp"); + chroot("/tmp"); + chdir("/"); + // access nsswitch.conf in a chroot + initgroups("root", 0); +} +``` + +Reviewed-by: DJ Delorie <dj@redhat.com> +--- + nss/nss_database.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/nss/nss_database.c b/nss/nss_database.c +index cf0306adc4..e1bef6bd75 100644 +--- a/nss/nss_database.c ++++ b/nss/nss_database.c +@@ -398,8 +398,9 @@ nss_database_check_reload_and_get (struct nss_database_state *local, + && (str.st_ino != local->root_ino + || str.st_dev != local->root_dev))) + { +- /* Change detected; disable reloading. */ ++ /* Change detected; disable reloading and return current state. */ + atomic_store_release (&local->data.reload_disabled, 1); ++ *result = local->data.services[database_index]; + __libc_lock_unlock (local->lock); + __nss_module_disable_loading (); + return true; +-- +2.27.0 |