trousers: 0.3.14 -> 0.3.15
Fix CVE-2020-24332, CVE-2020-24330 and CVE-2020-24331.
This commit is contained in:
parent
5f472181f2
commit
82a6b7b258
@ -7,10 +7,10 @@ diff -ur trousers-0.3.11.2.orig/src/tcsd/tcsd_conf.c trousers-0.3.11.2/src/tcsd/
|
||||
|
||||
+#ifndef ALLOW_NON_TSS_CONFIG_FILE
|
||||
/* make sure user/group TSS owns the conf file */
|
||||
if (pw->pw_uid != stat_buf.st_uid || grp->gr_gid != stat_buf.st_gid) {
|
||||
if (stat_buf.st_uid != 0 || grp->gr_gid != stat_buf.st_gid) {
|
||||
LogError("TCSD config file (%s) must be user/group %s/%s", tcsd_config_file,
|
||||
@@ -775,6 +776,7 @@
|
||||
LogError("TCSD config file (%s) must be mode 0600", tcsd_config_file);
|
||||
LogError("TCSD config file (%s) must be mode 0640", tcsd_config_file);
|
||||
return TCSERR(TSS_E_INTERNAL_ERROR);
|
||||
}
|
||||
+#endif
|
||||
|
@ -1,17 +1,15 @@
|
||||
{ lib, stdenv, fetchurl, openssl, pkg-config }:
|
||||
{ lib, stdenv, fetchurl, openssl, pkg-config, autoreconfHook }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "trousers";
|
||||
version = "0.3.14";
|
||||
version = "0.3.15";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/trousers/trousers/${version}/${pname}-${version}.tar.gz";
|
||||
sha256 = "0iwgsbrbb7nfqgl61x8aailwxm8akxh9gkcwxhsvf50x4qx72l6f";
|
||||
sha256 = "0zy7r9cnr2gvwr2fb1q4fc5xnvx405ymcbrdv7qsqwl3a4zfjnqy";
|
||||
};
|
||||
|
||||
sourceRoot = ".";
|
||||
|
||||
nativeBuildInputs = [ pkg-config ];
|
||||
nativeBuildInputs = [ pkg-config autoreconfHook ];
|
||||
buildInputs = [ openssl ];
|
||||
|
||||
patches = [ ./allow-non-tss-config-file-owner.patch ];
|
||||
|
Loading…
Reference in New Issue
Block a user