diff --git a/backport-Added-documentation-around-CREATE_MAIL_SPOOL.patch b/backport-Added-documentation-around-CREATE_MAIL_SPOOL.patch new file mode 100644 index 0000000000000000000000000000000000000000..356fe49d7b501f8a85dd135e6f101d0ebe3fae81 --- /dev/null +++ b/backport-Added-documentation-around-CREATE_MAIL_SPOOL.patch @@ -0,0 +1,26 @@ +From aff4989d1acf3afc718813144658c295d8d10f20 Mon Sep 17 00:00:00 2001 +From: Andy Zaugg +Date: Mon, 20 Sep 2021 20:41:50 -0700 +Subject: [PATCH] Added documentation around CREATE_MAIL_SPOOL + +Adding documentation aroud the parameter CREATE_MAIL_SPOOL in the +/etc/default/useradd file +--- + man/login.defs.d/MAIL_DIR.xml | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/man/login.defs.d/MAIL_DIR.xml b/man/login.defs.d/MAIL_DIR.xml +index 60b82d6b..b5adb888 100644 +--- a/man/login.defs.d/MAIL_DIR.xml ++++ b/man/login.defs.d/MAIL_DIR.xml +@@ -35,6 +35,8 @@ + The mail spool directory. This is needed to manipulate the mailbox + when its corresponding user account is modified or deleted. If not + specified, a compile-time default is used. ++ The parameter CREATE_MAIL_SPOOL in /etc/default/useradd ++ determines whether the mail spool should be created. + + + +-- + diff --git a/backport-Fix-parentheses-in-configure.ac.patch b/backport-Fix-parentheses-in-configure.ac.patch new file mode 100644 index 0000000000000000000000000000000000000000..4abbb1d50f177378f8724d9ffc11f7440492a7f3 --- /dev/null +++ b/backport-Fix-parentheses-in-configure.ac.patch @@ -0,0 +1,25 @@ +From 049f9a7f6b320c728a6274299041e360381d7cd5 Mon Sep 17 00:00:00 2001 +From: Andy Zaugg +Date: Tue, 21 Sep 2021 21:51:10 -0700 +Subject: [PATCH] Fix parentheses in configure.ac + +Resolving issue https://github.com/shadow-maint/shadow/issues/419 +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 994836bd..6cbb6bd2 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -345,7 +345,7 @@ if test "$with_sssd" = "yes"; then + [AC_MSG_ERROR([posix_spawn is needed for sssd support])]) + fi + +-AS_IF([test "$with_su" != "no"], AC_DEFINE(WITH_SU, 1, [Build with su])]) ++AS_IF([test "$with_su" != "no"], AC_DEFINE(WITH_SU, 1, [Build with su])) + AM_CONDITIONAL([WITH_SU], [test "x$with_su" != "xno"]) + + dnl Check for some functions in libc first, only if not found check for +-- + diff --git a/backport-Handle-malformed-lines-in-hushlogins-file.patch b/backport-Handle-malformed-lines-in-hushlogins-file.patch new file mode 100644 index 0000000000000000000000000000000000000000..afbf7b226b51400001ce8770910b0314f7cca597 --- /dev/null +++ b/backport-Handle-malformed-lines-in-hushlogins-file.patch @@ -0,0 +1,32 @@ +From 63a96706b1205f91c4a57de21ac56e996d270ff1 Mon Sep 17 00:00:00 2001 +From: Tobias Stoeckmann +Date: Fri, 29 Oct 2021 19:44:46 +0200 +Subject: [PATCH] Handle malformed lines in hushlogins file. + +If a line in hushlogins file, e.g. /etc/hushlogins, starts with +'\0', then current code performs an out of boundary write. +If the line lacks a newline at the end, then another character is +overridden. + +With strcspn both cases are solved. + +Signed-off-by: Tobias Stoeckmann +--- + libmisc/hushed.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libmisc/hushed.c b/libmisc/hushed.c +index b71b99ce..3c3adafc 100644 +--- a/libmisc/hushed.c ++++ b/libmisc/hushed.c +@@ -90,7 +90,7 @@ bool hushed (const char *username) + return false; + } + for (found = false; !found && (fgets (buf, (int) sizeof buf, fp) == buf);) { +- buf[strlen (buf) - 1] = '\0'; ++ buf[strcspn (buf, "\n")] = '\0'; + found = (strcmp (buf, pw->pw_shell) == 0) || + (strcmp (buf, pw->pw_name) == 0); + } +-- + diff --git a/shadow.spec b/shadow.spec index 5b55aa55f2379d99ba9f15cb2395b9409e334758..cdff92ff2cbcbd2fbd4b61506022ae2b85f0b87c 100644 --- a/shadow.spec +++ b/shadow.spec @@ -1,6 +1,6 @@ Name: shadow Version: 4.8.1 -Release: 7 +Release: 8 Epoch: 2 License: BSD and GPLv2+ Summary: Tools for managing accounts and shadow password files @@ -27,6 +27,9 @@ Patch10: man-zh_CN-fix-typo.patch Patch11: useradd-free-grp-to-avoid-leak.patch Patch12: useradd.c-fix-memleaks-of-grp.patch Patch13: useradd.c-fix-memleak-in-get_groups.patch +Patch14: backport-Added-documentation-around-CREATE_MAIL_SPOOL.patch +Patch15: backport-Fix-parentheses-in-configure.ac.patch +Patch16: backport-Handle-malformed-lines-in-hushlogins-file.patch BuildRequires: gcc, libselinux-devel, audit-libs-devel, libsemanage-devel BuildRequires: libacl-devel, libattr-devel @@ -173,6 +176,9 @@ done %{_mandir}/*/* %changelog +* Mon Nov 29 2021 steven Y.Gui - 2:4.8.1-8 +- backport some patches from upstream + * Thu Sep 30 2021 steven Y.Gui - 2:4.8.1-7 - backport some patches to fix memory leak