Projects
openEuler:22.03:LTS:Next
libcap
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 14
View file
_service:tar_scm_kernel_repo:libcap.spec
Changed
@@ -1,6 +1,6 @@ Name: libcap Version: 2.61 -Release: 6 +Release: 7 Summary: A library for getting and setting POSIX.1e draft 15 capabilities License: GPLv2 URL: https://sites.google.com/site/fullycapable @@ -15,6 +15,8 @@ Patch6: backport-Large-strings-can-confuse-libcap-s-internal-strdup-c.patch Patch7: backport-There-was-a-small-memory-leak-in-pam_cap.so-when-lib.patch Patch8: backport-libcap-Ensure-the-XATTR_NAME_CAPS-is-define.patch +Patch9: backport-getpcaps-fix-program-name-in-help-message.patch +Patch10: backport-Stop-using-_pam_overwrite-in-pam_cap.c.patch BuildRequires: libattr-devel pam-devel perl-interpreter gcc @@ -78,6 +80,11 @@ %{_mandir}/man8/*.gz %changelog +* Mon Mar 25 2024 yanglongkang <yanglongkang@h-partners.com> - 2.61-7 +- backport upstream patches: + getcpcaps: fix program name in help message + Stop using _pam_overwrite() in pam_cap.c + * Mon Jul 3 2023 wangyunjia <yunjia.wang@huawei.com> - 2.61-6 - VFS_CAP_U32 can not ensure that XATTR_NAME_CAPS is defined, and failed to build
View file
_service:tar_scm_kernel_repo:backport-Stop-using-_pam_overwrite-in-pam_cap.c.patch
Added
@@ -0,0 +1,45 @@ +From ee20d385ef319f8523f1debc49f375c8eff257a6 Mon Sep 17 00:00:00 2001 +From: "Andrew G. Morgan" <morgan@kernel.org> +Date: Fri, 22 Dec 2023 06:37:02 -0800 +Subject: Stop using _pam_overwrite() in pam_cap.c. + +It looks like the Linux-PAM folk have deprecated this macro. Compiler optimization +is hard to account for: apparently this explicit deletion is no longer +guaranteed to work. This function was marked deprecated in v1.5.3 of Linux-PAM. + +I've replaced its use with memset(). I'm not convinced that that will be honored +either, but remain hopeful and prefer to leave the code explicit in its intent +without a deprecation warning messing up the build log. Should some compiler +optimize it away and it leads to an exploit of some sort, it can be revealed as +a compilation bug. + +Signed-off-by: Andrew G. Morgan <morgan@kernel.org> +--- + pam_cap/pam_cap.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/pam_cap/pam_cap.c b/pam_cap/pam_cap.c +index b9419cb..3fe3b8c 100644 +--- a/pam_cap/pam_cap.c ++++ b/pam_cap/pam_cap.c +@@ -199,7 +199,7 @@ defer: + int i; + for (i = 0; i < groups_n; i++) { + char *g = groups[i]; +- _pam_overwrite(g); ++ memset(g, 0, strlen(g)); + _pam_drop(g); + } + if (groups != NULL) { +@@ -440,7 +440,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, + small race associated with a redundant read of the + config. */ + +- _pam_overwrite(conf_caps); ++ memset(conf_caps, 0, strlen(conf_caps)); + _pam_drop(conf_caps); + + return PAM_SUCCESS; +-- +cgit 1.2.3-korg +
View file
_service:tar_scm_kernel_repo:backport-getpcaps-fix-program-name-in-help-message.patch
Added
@@ -0,0 +1,27 @@ +From 17c5e89521fd0455a8f18563eb37e5ddbc7d34cb Mon Sep 17 00:00:00 2001 +From: Jakub Wilk <jwilk@jwilk.net> +Date: Mon, 29 Jan 2024 11:33:40 +0100 +Subject: getpcaps: fix program name in help message + +Signed-off-by: Jakub Wilk <jwilk@jwilk.net> +Signed-off-by: Andrew G. Morgan <morgan@kernel.org> +--- + progs/getpcaps.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/progs/getpcaps.c b/progs/getpcaps.c +index 7e14c36..b4cbda8 100644 +--- a/progs/getpcaps.c ++++ b/progs/getpcaps.c +@@ -14,7 +14,7 @@ + static void usage(int code) + { + fprintf(stderr, +-"usage: getcaps <pid> [<pid> ...]\n\n" ++"usage: getpcaps <pid> [<pid> ...]\n\n" + " This program displays the capabilities on the queried process(es).\n" + " The capabilities are displayed in the cap_from_text(3) format.\n" + "\n" +-- +cgit 1.2.3-korg +
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.