Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.1
pam
bug-724480_pam_env-fix-dos.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File bug-724480_pam_env-fix-dos.patch of Package pam
Description: abort when encountering an overflowed environment variable expansion (CVE-2011-3149). Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565 Author: Kees Cook <kees@debian.org> Index: pam-debian/modules/pam_env/pam_env.c =================================================================== --- pam-debian.orig/modules/pam_env/pam_env.c 2011-10-14 12:47:23.433861595 -0700 +++ pam-debian/modules/pam_env/pam_env.c 2011-10-14 12:47:23.461861963 -0700 @@ -567,6 +567,7 @@ D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); pam_syslog (pamh, LOG_ERR, "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr); + return PAM_ABORT; } continue; } @@ -628,6 +629,7 @@ D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); pam_syslog (pamh, LOG_ERR, "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr); + return PAM_ABORT; } } } /* if ('{' != *orig++) */ @@ -639,6 +641,7 @@ D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); pam_syslog(pamh, LOG_ERR, "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr); + return PAM_ABORT; } } } /* for (;*orig;) */
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor