Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-admin
diff options
context:
space:
mode:
authorMichael Mair-Keimberger <mmk@levelnine.at>2022-11-08 07:18:21 +0100
committerConrad Kostecki <conikost@gentoo.org>2022-11-13 19:33:52 +0100
commit3d6045b2d2442cb94c431da46286a9a7cd12714d (patch)
tree125feb0aaed7d802cff6dcc268e5391a303f92f3 /app-admin
parentdev-lang/mujs: remove unused patch (diff)
downloadgentoo-3d6045b2d2442cb94c431da46286a9a7cd12714d.tar.gz
gentoo-3d6045b2d2442cb94c431da46286a9a7cd12714d.tar.bz2
gentoo-3d6045b2d2442cb94c431da46286a9a7cd12714d.zip
app-admin/sudo: remove unused patch(es)
Signed-off-by: Michael Mair-Keimberger <mmk@levelnine.at> Closes: https://github.com/gentoo/gentoo/pull/28186 Signed-off-by: Conrad Kostecki <conikost@gentoo.org>
Diffstat (limited to 'app-admin')
-rw-r--r--app-admin/sudo/files/sudo-1.9.12-CVE-2022-43995.patch53
-rw-r--r--app-admin/sudo/files/sudo-1.9.12-mips-build.patch33
2 files changed, 0 insertions, 86 deletions
diff --git a/app-admin/sudo/files/sudo-1.9.12-CVE-2022-43995.patch b/app-admin/sudo/files/sudo-1.9.12-CVE-2022-43995.patch
deleted file mode 100644
index 2601669eecfd..000000000000
--- a/app-admin/sudo/files/sudo-1.9.12-CVE-2022-43995.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-Bug: https://bugs.gentoo.org/879209
-Upstream: https://github.com/sudo-project/sudo/commit/bd209b9f16fcd1270c13db27ae3329c677d48050
-
-From bd209b9f16fcd1270c13db27ae3329c677d48050 Mon Sep 17 00:00:00 2001
-From: "Todd C. Miller" <Todd.Miller@sudo.ws>
-Date: Fri, 28 Oct 2022 07:29:55 -0600
-Subject: [PATCH] Fix CVE-2022-43995, potential heap overflow for passwords < 8
- characters. Starting with sudo 1.8.0 the plaintext password buffer is
- dynamically sized so it is not safe to assume that it is at least 9 bytes in
- size. Found by Hugo Lefeuvre (University of Manchester) with ConfFuzz.
-
----
- plugins/sudoers/auth/passwd.c | 11 +++++------
- 1 file changed, 5 insertions(+), 6 deletions(-)
-
-diff --git a/plugins/sudoers/auth/passwd.c b/plugins/sudoers/auth/passwd.c
-index b2046eca2..0416861e9 100644
---- a/plugins/sudoers/auth/passwd.c
-+++ b/plugins/sudoers/auth/passwd.c
-@@ -63,7 +63,7 @@ sudo_passwd_init(struct passwd *pw, sudo_auth *auth)
- int
- sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_conv_callback *callback)
- {
-- char sav, *epass;
-+ char des_pass[9], *epass;
- char *pw_epasswd = auth->data;
- size_t pw_len;
- int matched = 0;
-@@ -75,12 +75,12 @@ sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_c
-
- /*
- * Truncate to 8 chars if standard DES since not all crypt()'s do this.
-- * If this turns out not to be safe we will have to use OS #ifdef's (sigh).
- */
-- sav = pass[8];
- pw_len = strlen(pw_epasswd);
-- if (pw_len == DESLEN || HAS_AGEINFO(pw_epasswd, pw_len))
-- pass[8] = '\0';
-+ if (pw_len == DESLEN || HAS_AGEINFO(pw_epasswd, pw_len)) {
-+ strlcpy(des_pass, pass, sizeof(des_pass));
-+ pass = des_pass;
-+ }
-
- /*
- * Normal UN*X password check.
-@@ -88,7 +88,6 @@ sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth, struct sudo_c
- * only compare the first DESLEN characters in that case.
- */
- epass = (char *) crypt(pass, pw_epasswd);
-- pass[8] = sav;
- if (epass != NULL) {
- if (HAS_AGEINFO(pw_epasswd, pw_len) && strlen(epass) == DESLEN)
- matched = !strncmp(pw_epasswd, epass, DESLEN);
diff --git a/app-admin/sudo/files/sudo-1.9.12-mips-build.patch b/app-admin/sudo/files/sudo-1.9.12-mips-build.patch
deleted file mode 100644
index d45393dba443..000000000000
--- a/app-admin/sudo/files/sudo-1.9.12-mips-build.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-https://github.com/sudo-project/sudo/commit/7944494196d4a9b33e0ae64a7e20f86e19c336d3
-https://bugs.gentoo.org/878401
-
-From 7944494196d4a9b33e0ae64a7e20f86e19c336d3 Mon Sep 17 00:00:00 2001
-From: "Todd C. Miller" <Todd.Miller@sudo.ws>
-Date: Wed, 26 Oct 2022 16:35:30 -0600
-Subject: [PATCH] Fix compilation error on Linux/mips.
-
---- a/src/exec_ptrace.c
-+++ b/src/exec_ptrace.c
-@@ -282,16 +282,17 @@ set_sc_arg4(struct sudo_ptrace_regs *regs, unsigned long addr)
- static bool
- ptrace_getregs(int pid, struct sudo_ptrace_regs *regs, int compat)
- {
-+ struct iovec iov;
- debug_decl(ptrace_getregs, SUDO_DEBUG_EXEC);
-
-+ iov.iov_base = &regs->u;
-+ iov.iov_len = sizeof(regs->u);
-+
- # ifdef __mips__
- /* PTRACE_GETREGSET has bugs with the MIPS o32 ABI at least. */
-- if (ptrace(PTRACE_GETREGS, pid, NULL, &regs->u) == -1)
-+ if (ptrace(PTRACE_GETREGS, pid, NULL, iov.iov_base) == -1)
- debug_return_bool(false);
- # else
-- struct iovec iov;
-- iov.iov_base = &regs->u;
-- iov.iov_len = sizeof(regs->u);
- if (ptrace(PTRACE_GETREGSET, pid, (void *)NT_PRSTATUS, &iov) == -1)
- debug_return_bool(false);
- # endif /* __mips__ */
-