[util-linux-ng/f14/master] 2.18-4.8: CVE-2010-3879

Thu Jan 27 19:41:25 UTC 2011

commit bac1509084d0b0911d465b84973e4b3e861b5e07
Author: Karel Zak <kzak at redhat.com>
Date:   Thu Jan 27 20:41:10 2011 +0100

    2.18-4.8: CVE-2010-3879
    
    Signed-off-by: Karel Zak <kzak at redhat.com>

 util-linux-ng-2.18-mount-noncanon.patch |   29 +++++++++++++++++++++++++++++
 util-linux-ng.spec                      |    8 +++++++-
 2 files changed, 36 insertions(+), 1 deletions(-)
---

diff --git a/util-linux-ng-2.18-mount-noncanon.patch b/util-linux-ng-2.18-mount-noncanon.patch
new file mode 100644
index 0000000..e9629e9
--- /dev/null
+++ b/util-linux-ng-2.18-mount-noncanon.patch
@@ -0,0 +1,29 @@
+From 1cf4c20b198c0c6566198fd00b983d9aaf8321bc Mon Sep 17 00:00:00 2001
+From: Miklos Szeredi <miklos at szeredi.hu>
+Date: Thu, 7 Oct 2010 16:05:12 +0200
+Subject: [PATCH] mount: don't canonicalize "spec" with --no-canonicalize option
+
+"Spec" was still canonicalized despite --no-canonicalize.  This
+resulted in a hang during login with pam_encfs (Debian Bug#593336).
+
+Signed-off-by: Miklos Szeredi <mszeredi at suse.cz>
+---
+ mount/devname.c |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/mount/devname.c b/mount/devname.c
+index 585d259..05da092 100644
+--- a/mount/devname.c
++++ b/mount/devname.c
+@@ -8,7 +8,7 @@ spec_to_devname(const char *spec)
+ {
+ 	if (!spec)
+ 		return NULL;
+-	if (is_pseudo_fs(spec))
++	if (nocanonicalize || is_pseudo_fs(spec))
+ 		return xstrdup(spec);
+ 	return fsprobe_get_devname_by_spec(spec);
+ }
+-- 
+1.7.3.4
+
diff --git a/util-linux-ng.spec b/util-linux-ng.spec
index 8da638f..e17f12b 100644
--- a/util-linux-ng.spec
+++ b/util-linux-ng.spec
@@ -2,7 +2,7 @@
 Summary: A collection of basic system utilities
 Name: util-linux-ng
 Version: 2.18
-Release: 4.7%{?dist}
+Release: 4.8%{?dist}
 License: GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+ and BSD with advertising and Public Domain
 Group: System Environment/Base
 URL: ftp://ftp.kernel.org/pub/linux/utils/util-linux-ng
@@ -134,6 +134,8 @@ Patch18: util-linux-ng-2.18-blkid-offset.patch
 Patch19: util-linux-ng-2.18-blkid-revalidate.patch
 # 543749 [+592958] - mdraid assembles incorrectly
 Patch20: util-linux-ng-2.18-blkid-raid.patch
+# 651183, CVE-2010-3879, fix --no-canonicalize, necessary for fuse
+Patch21: util-linux-ng-2.18-mount-noncanon.patch
 
 %description
 The util-linux-ng package contains a large variety of low-level system
@@ -260,6 +262,7 @@ cp %{SOURCE8} %{SOURCE9} .
 %patch18 -p1
 %patch19 -p1
 %patch20 -p1
+%patch21 -p1
 
 %build
 unset LINGUAS || :
@@ -796,6 +799,9 @@ fi
 
 
 %changelog
+* Thu Jan 27 2011 Karel Zak <kzak at redhat.com> 2.18-4.8
+- fix #651183, CVE-2010-3879, fix --no-canonicalize, necessary for fuse
+
 * Wed Jan 12 2011 Karel Zak <kzak at redhat.com> 2.18-4.7
 - improve raid member detection on patitioned raid devices (#543749)
 
