aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2015-05-22 00:09:26 -0400
committerMark H Weaver <mhw@netris.org>2015-05-22 00:10:43 -0400
commit4de02f36ac00af722c8f693ab5823fc1a870d58f (patch)
tree4270b0cde6edfb91f194d4e5ac6d2ae320f904c5
parentc2ee19e6850960ee613c43af3937b1ce11d663f3 (diff)
downloadguix-4de02f36ac00af722c8f693ab5823fc1a870d58f.tar.gz
guix-4de02f36ac00af722c8f693ab5823fc1a870d58f.zip
gnu: fuse: Add fix for CVE-2015-3202.
* gnu/packages/patches/fuse-CVE-2015-3202.patch: New file. * gnu-system.am (dist_patch_DATA): Add it. * gnu/packages/linux.scm (fuse): Add patch.
-rw-r--r--gnu-system.am1
-rw-r--r--gnu/packages/linux.scm3
-rw-r--r--gnu/packages/patches/fuse-CVE-2015-3202.patch65
3 files changed, 68 insertions, 1 deletions
diff --git a/gnu-system.am b/gnu-system.am
index 297c8bcf6a..23113bb16c 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -421,6 +421,7 @@ dist_patch_DATA = \
gnu/packages/patches/flashrom-use-libftdi1.patch \
gnu/packages/patches/flex-bison-tests.patch \
gnu/packages/patches/fltk-shared-lib-defines.patch \
+ gnu/packages/patches/fuse-CVE-2015-3202.patch \
gnu/packages/patches/gawk-shell.patch \
gnu/packages/patches/gcc-arm-link-spec-fix.patch \
gnu/packages/patches/gcc-cross-environment-variables.patch \
diff --git a/gnu/packages/linux.scm b/gnu/packages/linux.scm
index b5f4b55c6b..26e9aa9000 100644
--- a/gnu/packages/linux.scm
+++ b/gnu/packages/linux.scm
@@ -1212,7 +1212,8 @@ processes currently causing I/O.")
version ".tar.gz"))
(sha256
(base32
- "071r6xjgssy8vwdn6m28qq1bqxsd2bphcd2mzhq0grf5ybm87sqb"))))
+ "071r6xjgssy8vwdn6m28qq1bqxsd2bphcd2mzhq0grf5ybm87sqb"))
+ (patches (list (search-patch "fuse-CVE-2015-3202.patch")))))
(build-system gnu-build-system)
(inputs `(("util-linux" ,util-linux)))
(arguments
diff --git a/gnu/packages/patches/fuse-CVE-2015-3202.patch b/gnu/packages/patches/fuse-CVE-2015-3202.patch
new file mode 100644
index 0000000000..7c64de7683
--- /dev/null
+++ b/gnu/packages/patches/fuse-CVE-2015-3202.patch
@@ -0,0 +1,65 @@
+The following patch was copied from Debian.
+
+Description: Fix CVE-2015-3202
+ Missing scrubbing of the environment before executing a mount or umount
+ of a filesystem.
+Origin: upstream
+Author: Miklos Szeredi <miklos@szeredi.hu>
+Last-Update: 2015-05-19
+
+---
+ lib/mount_util.c | 23 +++++++++++++++++------
+ 1 file changed, 17 insertions(+), 6 deletions(-)
+
+--- a/lib/mount_util.c
++++ b/lib/mount_util.c
+@@ -95,10 +95,12 @@ static int add_mount(const char *prognam
+ goto out_restore;
+ }
+ if (res == 0) {
++ char *env = NULL;
++
+ sigprocmask(SIG_SETMASK, &oldmask, NULL);
+ setuid(geteuid());
+- execl("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
+- "-f", "-t", type, "-o", opts, fsname, mnt, NULL);
++ execle("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
++ "-f", "-t", type, "-o", opts, fsname, mnt, NULL, &env);
+ fprintf(stderr, "%s: failed to execute /bin/mount: %s\n",
+ progname, strerror(errno));
+ exit(1);
+@@ -146,10 +148,17 @@ static int exec_umount(const char *progn
+ goto out_restore;
+ }
+ if (res == 0) {
++ char *env = NULL;
++
+ sigprocmask(SIG_SETMASK, &oldmask, NULL);
+ setuid(geteuid());
+- execl("/bin/umount", "/bin/umount", "-i", rel_mnt,
+- lazy ? "-l" : NULL, NULL);
++ if (lazy) {
++ execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
++ "-l", NULL, &env);
++ } else {
++ execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
++ NULL, &env);
++ }
+ fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
+ progname, strerror(errno));
+ exit(1);
+@@ -205,10 +214,12 @@ static int remove_mount(const char *prog
+ goto out_restore;
+ }
+ if (res == 0) {
++ char *env = NULL;
++
+ sigprocmask(SIG_SETMASK, &oldmask, NULL);
+ setuid(geteuid());
+- execl("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
+- "--fake", mnt, NULL);
++ execle("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
++ "--fake", mnt, NULL, &env);
+ fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
+ progname, strerror(errno));
+ exit(1);