Re-inject the changes from 4.1.2.1.

This commit is contained in:
nekral-guest 2008-07-11 22:20:43 +00:00
parent 5b194e290c
commit 21c692d23f
3 changed files with 54 additions and 36 deletions

View File

@ -1,3 +1,7 @@
2008-07-12 Nicolas François <nicolas.francois@centraliens.net>
* ChangeLog, NEWS, src/login.c: Re-inject the changes from 4.1.2.1.
2008-07-11 Nicolas François <nicolas.francois@centraliens.net>
* src/usermod.c: Do not call usr_update() if it will have no
@ -1236,6 +1240,22 @@
* configure.in: Allow --disable-man and --enable-man=no.
2008-06-26 Nicolas François <nicolas.francois@centraliens.net>
Prepare the 4.1.2.1 release
* NEWS: set the release date.
* man/po/*.po, po/*.po: Updated PO files.
* configure.in: Set the version to 4.1.2.1.
2008-06-26 Nicolas François <nicolas.francois@centraliens.net>
* NEWS, src/login.c: Fix an "audit log injection" vulnerability in
login. This is similar to CVE-2008-1926 (util-linux-ng's login).
This vulnerability makes it easier for attackers to hide
activities by modifying portions of log events, e.g. by appending
an addr= statement to the login name.
* lib/prototypes.h: Added definition of AUDIT_NO_ID.
2008-05-25 Nicolas François <nicolas.francois@centraliens.net>
Prepare the 4.1.2 release

10
NEWS
View File

@ -1,6 +1,6 @@
$Id$
shadow-4.1.2 -> shadow-4.1.3 UNRELEASED
shadow-4.1.2.1 -> shadow-4.1.3 UNRELEASED
*** general:
- newusers
@ -9,6 +9,14 @@ shadow-4.1.2 -> shadow-4.1.3 UNRELEASED
* Allow adding LDAP users (or any user not present in the local passwd
file) to local groups
shadow-4.1.2 -> shadow-4.1.2.1 26-06-2008
*** security
- Fix an "audit log injection" vulnerability in login.
This vulnerability makes it easier for attackers to hide activities by
modifying portions of log events, e.g. by appending an addr= statement
to the login name.
shadow-4.1.1 -> shadow-4.1.2 25-05-2008
*** security:

View File

@ -745,31 +745,19 @@ int main (int argc, char **argv)
}
#ifdef WITH_AUDIT
{
struct passwd *pw;
char buf[64];
audit_fd = audit_open ();
/* local, no need for xgetpwnam */
pw = getpwnam (username);
if (NULL != pw) {
snprintf (buf, sizeof (buf),
"uid=%lu",
(unsigned long) pw->pw_uid);
audit_log_user_message
(audit_fd, AUDIT_USER_LOGIN,
buf, hostname, NULL,
tty, 0);
} else {
snprintf (buf, sizeof (buf),
"acct=%s", username);
audit_log_user_message
(audit_fd, AUDIT_USER_LOGIN,
buf, hostname, NULL,
tty, 0);
}
close (audit_fd);
}
audit_fd = audit_open ();
audit_log_acct_message (audit_fd,
AUDIT_USER_LOGIN,
NULL, /* Prog. name */
"login",
(NULL!=username)?username
:"(unknown)",
AUDIT_NO_ID,
hostname,
NULL, /* addr */
tty,
0); /* result */
close (audit_fd);
#endif /* WITH_AUDIT */
fprintf (stderr, "\nLogin incorrect\n");
@ -1050,16 +1038,18 @@ int main (int argc, char **argv)
}
#ifdef WITH_AUDIT
{
char buf[32];
audit_fd = audit_open ();
snprintf (buf, sizeof (buf), "uid=%lu",
(unsigned long) pwd->pw_uid);
audit_log_user_message (audit_fd, AUDIT_USER_LOGIN,
buf, hostname, NULL, tty, 1);
close (audit_fd);
}
audit_fd = audit_open ();
audit_log_acct_message (audit_fd,
AUDIT_USER_LOGIN,
NULL, /* Prog. name */
"login",
NULL, /* user's name => use uid */
(unsigned int) pwd->pw_uid,
hostname,
NULL, /* addr */
tty,
1); /* result */
close (audit_fd);
#endif /* WITH_AUDIT */
#ifndef USE_PAM /* pam_lastlog handles this */