diff --git a/.gitignore b/.gitignore index 80d4cf2..9108ffb 100644 --- a/.gitignore +++ b/.gitignore @@ -10,3 +10,4 @@ libuser-0.56.16.tar.xz /libuser-0.57.6.tar.xz /libuser-0.57.7.tar.xz /libuser-0.58.tar.xz +/libuser-0.59.tar.xz diff --git a/libuser-force-secure-getenv.patch b/libuser-force-secure-getenv.patch deleted file mode 100644 index 9ffd936..0000000 --- a/libuser-force-secure-getenv.patch +++ /dev/null @@ -1,49 +0,0 @@ -diff --git a/configure.in b/configure.in -index b9692c8..28364c3 100644 ---- a/configure.in -+++ b/configure.in -@@ -13,6 +13,7 @@ AC_CHECK_PROG([YACC], [bison -y], [bison -y], [:]) - AC_PATH_PROG([NSCD], [nscd], [/usr/sbin/nscd], - [$PATH$PATH_SEPARATOR/usr/sbin$PATH_SEPARATOR/sbin]) - AC_ARG_VAR([NSCD], [Path to nscd]) -+AC_USE_SYSTEM_EXTENSIONS - - LT_INIT([disable-static]) - -@@ -115,7 +116,7 @@ AC_TYPE_MODE_T - AC_TYPE_OFF_T - AC_TYPE_SIZE_T - --AC_CHECK_FUNCS_ONCE([__secure_getenv]) -+AC_CHECK_FUNCS([__secure_getenv secure_getenv]) - - # Modify CFLAGS after all tests are run (some of them could fail because - # of the -Werror). -diff --git a/lib/config.c b/lib/config.c -index 1b30f97..29e7120 100644 ---- a/lib/config.c -+++ b/lib/config.c -@@ -40,8 +40,12 @@ - * from the libuser configuration. - */ - --#ifdef HAVE___SECURE_GETENV --#define getenv(string) __secure_getenv(string) -+#if defined(HAVE_SECURE_GETENV) -+# define safe_getenv(string) secure_getenv(string) -+#elif defined(HAVE___SECURE_GETENV) -+# define safe_getenv(string) __secure_getenv(string) -+#else -+# error Neither secure_getenv not __secure_getenv are available - #endif - - struct config_config { -@@ -266,7 +270,7 @@ lu_cfg_init(struct lu_context *context, struct lu_error **error) - if ((getuid() == geteuid()) && (getgid() == getegid())) { - const char *t; - -- t = getenv("LIBUSER_CONF"); -+ t = safe_getenv("LIBUSER_CONF"); - if (t != NULL) - filename = t; - } diff --git a/libuser.spec b/libuser.spec index 6772e78..37465de 100644 --- a/libuser.spec +++ b/libuser.spec @@ -1,22 +1,18 @@ %{!?python_sitearch: %global python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")} Name: libuser -Version: 0.58 -Release: 2%{?dist} +Version: 0.59 +Release: 1%{?dist} Group: System Environment/Base License: LGPLv2+ URL: https://fedorahosted.org/libuser/ -# Upstream commit 51e9d56ed656c3aeceb39b7de5a1db7d976d4e51 -Patch0: libuser-force-secure-getenv.patch Source: https://fedorahosted.org/releases/l/i/libuser/libuser-%{version}.tar.xz BuildRequires: glib2-devel, linuxdoc-tools, pam-devel, popt-devel, python2-devel BuildRequires: cyrus-sasl-devel, libselinux-devel, openldap-devel # To make sure the configure script can find it BuildRequires: nscd # For %%check -BuildRequires: openldap-clients, openldap-servers, openssl -# For regenerating autoconf/automake files -BuildRequires: gtk-doc, libtool, gettext-devel, automake, autoconf +BuildRequires: fakeroot, openldap-clients, openldap-servers, openssl Summary: A user and group account administration library %description @@ -49,17 +45,8 @@ administering user and group accounts. %prep %setup -q -%patch0 -p1 -b .force_secure_getenv %build -# Copied from upstream autogen.sh -gtkdocize --docdir docs/reference -libtoolize --force -autopoint -aclocal -I m4 -autoconf -Wall -autoheader -Wall -automake -Wall --add-missing %configure --with-selinux --with-ldap --with-html-dir=%{_datadir}/gtk-doc/html make @@ -109,6 +96,10 @@ python -c "import libuser" %{_datadir}/gtk-doc/html/* %changelog +* Thu Mar 28 2013 Miloslav Trmač - 0.59-1 +- Update to libuser-0.59 (CVE-2012-5630, CVE-2012-5644) + Resolves: #928846 + * Mon Feb 4 2013 Miloslav Trmač - 0.58-2 - Always use secure_getenv() or __secure_getenv(), fail build if neither is available. Patch by Viktor Hercinger . diff --git a/sources b/sources index de418c5..b118806 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -1fc3ef3f3a3955b2d78562ff4daed793 libuser-0.58.tar.xz +22835cbfec894b1e9491845ed5023244 libuser-0.59.tar.xz