rpms/udev/devel udev-CVE-2009-1186.patch, NONE, 1.1 udev.spec, 1.271, 1.272
Harald Hoyer
harald at fedoraproject.org
Wed Apr 15 17:42:27 UTC 2009
Author: harald
Update of /cvs/pkgs/rpms/udev/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv21684
Modified Files:
udev.spec
Added Files:
udev-CVE-2009-1186.patch
Log Message:
* Wed Apr 15 2009 Harald Hoyer <harald at redhat.com> 141-2
- fix for CVE-2009-1186 (bug #495052)
- Resolves: rhbz#495052
udev-CVE-2009-1186.patch:
--- NEW FILE udev-CVE-2009-1186.patch ---
--- udev-141/udev/lib/libudev-util.c.CVE-2009-1186 2009-04-08 09:04:26.000000000 -0400
+++ udev-141/udev/lib/libudev-util.c 2009-04-15 13:25:10.000000000 -0400
@@ -9,6 +9,7 @@
* version 2.1 of the License, or (at your option) any later version.
*/
+#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <stddef.h>
@@ -103,6 +104,9 @@ int util_log_priority(const char *priori
size_t util_path_encode(char *s, size_t len)
{
+ if (len == 0 || len > (SIZE_MAX - 1) / 4)
+ return 0;
+
char t[(len * 4)+1];
size_t i, j;
Index: udev.spec
===================================================================
RCS file: /cvs/pkgs/rpms/udev/devel/udev.spec,v
retrieving revision 1.271
retrieving revision 1.272
diff -u -r1.271 -r1.272
--- udev.spec 14 Apr 2009 13:47:31 -0000 1.271
+++ udev.spec 15 Apr 2009 17:42:26 -0000 1.272
@@ -6,7 +6,7 @@
Summary: A userspace implementation of devfs
Name: udev
Version: 141
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv2
Group: System Environment/Base
Provides: udev-persistent = %{version}-%{release}
@@ -19,11 +19,13 @@
Source5: udev.sysconfig
Patch102: udev-118-sysconf.patch
+Patch103: udev-CVE-2009-1186.patch
ExclusiveOS: Linux
URL: http://www.kernel.org/pub/linux/utils/kernel/hotplug/udev.html
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires(pre): /bin/sh fileutils /sbin/chkconfig /sbin/service
+Requires(pre): /usr/bin/stat /sbin/pidof
Requires(pre): MAKEDEV >= 0:3.11 /usr/bin/getent /usr/sbin/groupadd
BuildRequires: sed libselinux-devel >= 0:1.17.9-2 flex libsepol-devel
BuildRequires: glib2-devel bison findutils MAKEDEV
@@ -92,6 +94,7 @@
%setup -q
%patch102 -p1 -b .sysconf
+%patch103 -p1 -b .CVE-2009-1186
%build
%if %{with_static}
@@ -226,16 +229,29 @@
getent group tape >/dev/null || /usr/sbin/groupadd -g 33 tape || :
getent group dialout >/dev/null || /usr/sbin/groupadd -g 18 dialout || :
+# kill daemon if we are not in a chroot
+if test -f /proc/1/exe -a -d /proc/1/root; then
+ if test -x /usr/bin/stat -a "$(/usr/bin/stat -Lc '%%D-%%i' /)" = "$(/usr/bin/stat -Lc '%%D-%%i' /proc/1/root)"; then
+ if test -x /sbin/udevd -a -x /sbin/pidof ; then
+ pid=$(/sbin/pidof -c udevd)
+ if [ -n "$pid" ]; then
+ kill $pid
+ fi
+ fi
+ fi
+fi
+exit 0
+
%post
-if [ "$1" -gt 1 -a -x /sbin/pidof ]; then
- pid=$(/sbin/pidof -c udevd)
- if [ -n "$pid" ]; then
- kill $pid
+# start daemon if we are not in a chroot
+if test -f /proc/1/exe -a -d /proc/1/root; then
+ if test "$(/usr/bin/stat -Lc '%%D-%%i' /)" = "$(/usr/bin/stat -Lc '%%D-%%i' /proc/1/root)"; then
+ if test -x /sbin/udevd; then
/sbin/udevd -d
+ fi
fi
fi
-/sbin/chkconfig --add udev-post
exit 0
%triggerpostun -- dev <= 0:3.12-1
@@ -379,6 +395,10 @@
%changelog
+* Wed Apr 15 2009 Harald Hoyer <harald at redhat.com> 141-2
+- fix for CVE-2009-1186 (bug #495052)
+- Resolves: rhbz#495052
+
* Tue Apr 14 2009 Harald Hoyer <harald at redhat.com> 141-1
- version 141
More information about the scm-commits
mailing list