gnu: fuse: Add fix for CVE-2015-3202.

* gnu/packages/patches/fuse-CVE-2015-3202.patch: New file.
* gnu-system.am (dist_patch_DATA): Add it.
* gnu/packages/linux.scm (fuse): Add patch.
This commit is contained in:
Mark H Weaver 2015-05-22 00:09:26 -04:00
parent c2ee19e685
commit 4de02f36ac
3 changed files with 68 additions and 1 deletions

View File

@ -421,6 +421,7 @@ dist_patch_DATA = \
gnu/packages/patches/flashrom-use-libftdi1.patch \
gnu/packages/patches/flex-bison-tests.patch \
gnu/packages/patches/fltk-shared-lib-defines.patch \
gnu/packages/patches/fuse-CVE-2015-3202.patch \
gnu/packages/patches/gawk-shell.patch \
gnu/packages/patches/gcc-arm-link-spec-fix.patch \
gnu/packages/patches/gcc-cross-environment-variables.patch \

View File

@ -1212,7 +1212,8 @@ processes currently causing I/O.")
version ".tar.gz"))
(sha256
(base32
"071r6xjgssy8vwdn6m28qq1bqxsd2bphcd2mzhq0grf5ybm87sqb"))))
"071r6xjgssy8vwdn6m28qq1bqxsd2bphcd2mzhq0grf5ybm87sqb"))
(patches (list (search-patch "fuse-CVE-2015-3202.patch")))))
(build-system gnu-build-system)
(inputs `(("util-linux" ,util-linux)))
(arguments

View File

@ -0,0 +1,65 @@
The following patch was copied from Debian.
Description: Fix CVE-2015-3202
Missing scrubbing of the environment before executing a mount or umount
of a filesystem.
Origin: upstream
Author: Miklos Szeredi <miklos@szeredi.hu>
Last-Update: 2015-05-19
---
lib/mount_util.c | 23 +++++++++++++++++------
1 file changed, 17 insertions(+), 6 deletions(-)
--- a/lib/mount_util.c
+++ b/lib/mount_util.c
@@ -95,10 +95,12 @@ static int add_mount(const char *prognam
goto out_restore;
}
if (res == 0) {
+ char *env = NULL;
+
sigprocmask(SIG_SETMASK, &oldmask, NULL);
setuid(geteuid());
- execl("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
- "-f", "-t", type, "-o", opts, fsname, mnt, NULL);
+ execle("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
+ "-f", "-t", type, "-o", opts, fsname, mnt, NULL, &env);
fprintf(stderr, "%s: failed to execute /bin/mount: %s\n",
progname, strerror(errno));
exit(1);
@@ -146,10 +148,17 @@ static int exec_umount(const char *progn
goto out_restore;
}
if (res == 0) {
+ char *env = NULL;
+
sigprocmask(SIG_SETMASK, &oldmask, NULL);
setuid(geteuid());
- execl("/bin/umount", "/bin/umount", "-i", rel_mnt,
- lazy ? "-l" : NULL, NULL);
+ if (lazy) {
+ execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
+ "-l", NULL, &env);
+ } else {
+ execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
+ NULL, &env);
+ }
fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
progname, strerror(errno));
exit(1);
@@ -205,10 +214,12 @@ static int remove_mount(const char *prog
goto out_restore;
}
if (res == 0) {
+ char *env = NULL;
+
sigprocmask(SIG_SETMASK, &oldmask, NULL);
setuid(geteuid());
- execl("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
- "--fake", mnt, NULL);
+ execle("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
+ "--fake", mnt, NULL, &env);
fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
progname, strerror(errno));
exit(1);