diff options
Diffstat (limited to 'gnu/packages/patches/util-linux-CVE-2017-2616.patch')
| -rw-r--r-- | gnu/packages/patches/util-linux-CVE-2017-2616.patch | 65 |
1 files changed, 0 insertions, 65 deletions
diff --git a/gnu/packages/patches/util-linux-CVE-2017-2616.patch b/gnu/packages/patches/util-linux-CVE-2017-2616.patch deleted file mode 100644 index 2c82fb06d2..0000000000 --- a/gnu/packages/patches/util-linux-CVE-2017-2616.patch +++ /dev/null @@ -1,65 +0,0 @@ -Fix CVE-2017-2616: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2616 -http://seclists.org/oss-sec/2017/q1/474 - -Patch copied from upstream source repository: - -https://git.kernel.org/cgit/utils/util-linux/util-linux.git/commit/?id=dffab154d29a288aa171ff50263ecc8f2e14a891 - -From b018571132cb8c9fece3d75ed240cc74cdb5f0f7 Mon Sep 17 00:00:00 2001 -From: Karel Zak <kzak@redhat.com> -Date: Wed, 1 Feb 2017 11:58:09 +0100 -Subject: [PATCH] su: properly clear child PID -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Reported-by: Tobias Stöckmann <tobias@stoeckmann.org> -Signed-off-by: Karel Zak <kzak@redhat.com> ---- - login-utils/su-common.c | 14 ++++++++++---- - 1 file changed, 10 insertions(+), 4 deletions(-) - -diff --git a/login-utils/su-common.c b/login-utils/su-common.c -index 0ea4e40bd..b1720f037 100644 ---- a/login-utils/su-common.c -+++ b/login-utils/su-common.c -@@ -376,6 +376,9 @@ create_watching_parent (void) - } - else - status = WEXITSTATUS (status); -+ -+ /* child is gone, don't use the PID anymore */ -+ child = (pid_t) -1; - } - else if (caught_signal) - status = caught_signal + 128; -@@ -385,7 +388,7 @@ create_watching_parent (void) - else - status = 1; - -- if (caught_signal) -+ if (caught_signal && child != (pid_t)-1) - { - fprintf (stderr, _("\nSession terminated, killing shell...")); - kill (child, SIGTERM); -@@ -395,9 +398,12 @@ create_watching_parent (void) - - if (caught_signal) - { -- sleep (2); -- kill (child, SIGKILL); -- fprintf (stderr, _(" ...killed.\n")); -+ if (child != (pid_t)-1) -+ { -+ sleep (2); -+ kill (child, SIGKILL); -+ fprintf (stderr, _(" ...killed.\n")); -+ } - - /* Let's terminate itself with the received signal. - * --- -2.11.1 - |