Change-Id: Ibc985f03f079618f074043bf1d70a196ccc2ef40
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/2606
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Priyesh Padmavilasom <ppadmavilasom@vmware.com>
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,99 @@ |
0 |
+diff -up cracklib-2.9.6/lib/fascist.c.overflow cracklib-2.9.6/lib/fascist.c |
|
1 |
+--- cracklib-2.9.6/lib/fascist.c.overflow 2015-10-23 16:58:38.403319225 +0200 |
|
2 |
+@@ -515,7 +515,7 @@ FascistGecosUser(char *password, const c |
|
3 |
+ char gbuffer[STRINGSIZE]; |
|
4 |
+ char tbuffer[STRINGSIZE]; |
|
5 |
+ char *uwords[STRINGSIZE]; |
|
6 |
+- char longbuffer[STRINGSIZE * 2]; |
|
7 |
++ char longbuffer[STRINGSIZE]; |
|
8 |
+ |
|
9 |
+ if (gecos == NULL) |
|
10 |
+ gecos = ""; |
|
11 |
+@@ -596,38 +596,47 @@ FascistGecosUser(char *password, const c |
|
12 |
+ { |
|
13 |
+ for (i = 0; i < j; i++) |
|
14 |
+ { |
|
15 |
+- strcpy(longbuffer, uwords[i]); |
|
16 |
+- strcat(longbuffer, uwords[j]); |
|
17 |
+- |
|
18 |
+- if (GTry(longbuffer, password)) |
|
19 |
++ if (strlen(uwords[i]) + strlen(uwords[j]) < STRINGSIZE) |
|
20 |
+ { |
|
21 |
+- return _("it is derived from your password entry"); |
|
22 |
+- } |
|
23 |
+- |
|
24 |
+- strcpy(longbuffer, uwords[j]); |
|
25 |
+- strcat(longbuffer, uwords[i]); |
|
26 |
++ strcpy(longbuffer, uwords[i]); |
|
27 |
++ strcat(longbuffer, uwords[j]); |
|
28 |
+ |
|
29 |
+- if (GTry(longbuffer, password)) |
|
30 |
+- { |
|
31 |
+- return _("it's derived from your password entry"); |
|
32 |
++ if (GTry(longbuffer, password)) |
|
33 |
++ { |
|
34 |
++ return _("it is derived from your password entry"); |
|
35 |
++ } |
|
36 |
++ |
|
37 |
++ strcpy(longbuffer, uwords[j]); |
|
38 |
++ strcat(longbuffer, uwords[i]); |
|
39 |
++ |
|
40 |
++ if (GTry(longbuffer, password)) |
|
41 |
++ { |
|
42 |
++ return _("it's derived from your password entry"); |
|
43 |
++ } |
|
44 |
+ } |
|
45 |
+ |
|
46 |
+- longbuffer[0] = uwords[i][0]; |
|
47 |
+- longbuffer[1] = '\0'; |
|
48 |
+- strcat(longbuffer, uwords[j]); |
|
49 |
+- |
|
50 |
+- if (GTry(longbuffer, password)) |
|
51 |
++ if (strlen(uwords[j]) < STRINGSIZE - 1) |
|
52 |
+ { |
|
53 |
+- return _("it is derivable from your password entry"); |
|
54 |
++ longbuffer[0] = uwords[i][0]; |
|
55 |
++ longbuffer[1] = '\0'; |
|
56 |
++ strcat(longbuffer, uwords[j]); |
|
57 |
++ |
|
58 |
++ if (GTry(longbuffer, password)) |
|
59 |
++ { |
|
60 |
++ return _("it is derivable from your password entry"); |
|
61 |
++ } |
|
62 |
+ } |
|
63 |
+ |
|
64 |
+- longbuffer[0] = uwords[j][0]; |
|
65 |
+- longbuffer[1] = '\0'; |
|
66 |
+- strcat(longbuffer, uwords[i]); |
|
67 |
+- |
|
68 |
+- if (GTry(longbuffer, password)) |
|
69 |
++ if (strlen(uwords[i]) < STRINGSIZE - 1) |
|
70 |
+ { |
|
71 |
+- return _("it's derivable from your password entry"); |
|
72 |
++ longbuffer[0] = uwords[j][0]; |
|
73 |
++ longbuffer[1] = '\0'; |
|
74 |
++ strcat(longbuffer, uwords[i]); |
|
75 |
++ |
|
76 |
++ if (GTry(longbuffer, password)) |
|
77 |
++ { |
|
78 |
++ return _("it's derivable from your password entry"); |
|
79 |
++ } |
|
80 |
+ } |
|
81 |
+ } |
|
82 |
+ } |
|
83 |
+diff -rupN 3/lib/rules.c 3-patched/lib/rules.c |
|
84 |
+--- 3/lib/rules.c 2016-08-16 14:16:24.033261876 +0200 |
|
85 |
+@@ -434,9 +434,8 @@ Mangle(input, control) /* returns a poi |
|
86 |
+ { |
|
87 |
+ int limit; |
|
88 |
+ register char *ptr; |
|
89 |
+- static char area[STRINGSIZE]; |
|
90 |
+- char area2[STRINGSIZE]; |
|
91 |
+- area[0] = '\0'; |
|
92 |
++ static char area[STRINGSIZE * 2] = {0}; |
|
93 |
++ char area2[STRINGSIZE * 2] = {0}; |
|
94 |
+ strcpy(area, input); |
|
95 |
+ |
|
96 |
+ for (ptr = control; *ptr; ptr++) |
... | ... |
@@ -3,18 +3,19 @@ |
3 | 3 |
Summary: A password strength-checking library. |
4 | 4 |
Name: cracklib |
5 | 5 |
Version: 2.9.6 |
6 |
-Release: 4%{?dist} |
|
6 |
+Release: 5%{?dist} |
|
7 | 7 |
Group: System Environment/Libraries |
8 | 8 |
Source: cracklib-%{version}.tar.gz |
9 |
-%define sha1 cracklib-2.9.6=9199e7b8830717565a844430653f5a90a04fcd65 |
|
10 |
-Source1: cracklib-words-20080507.gz |
|
11 |
-%define sha1 cracklib-words=e0cea03e505e709b15b8b950d56cb493166607da |
|
9 |
+%define sha1 cracklib-%{version}=9199e7b8830717565a844430653f5a90a04fcd65 |
|
10 |
+Source1: cracklib-words-%{version}.gz |
|
11 |
+%define sha1 cracklib-words-%{version}=b0739c990431a0971545dff347b50f922604c1cd |
|
12 |
+Patch0: CVE-2016-6318.patch |
|
12 | 13 |
URL: http://sourceforge.net/projects/cracklib/ |
13 | 14 |
License: GPL |
14 | 15 |
Vendor: VMware, Inc. |
15 | 16 |
Distribution: Photon |
16 | 17 |
|
17 |
-BuildRequires: python2 gzip |
|
18 |
+BuildRequires: python2 |
|
18 | 19 |
BuildRequires: python2-libs |
19 | 20 |
BuildRequires: python2-devel |
20 | 21 |
|
... | ... |
@@ -82,6 +83,7 @@ The CrackLib language pack. |
82 | 82 |
%prep |
83 | 83 |
|
84 | 84 |
%setup -q -n cracklib-%{version} |
85 |
+%patch0 -p1 |
|
85 | 86 |
chmod -R og+rX . |
86 | 87 |
mkdir -p dicts |
87 | 88 |
install %{SOURCE1} dicts/ |
... | ... |
@@ -104,7 +106,8 @@ rm -rf $RPM_BUILD_ROOT |
104 | 104 |
make install DESTDIR=$RPM_BUILD_ROOT/ |
105 | 105 |
chmod 755 ./util/cracklib-format |
106 | 106 |
chmod 755 ./util/cracklib-packer |
107 |
-util/cracklib-format dicts/cracklib* | util/cracklib-packer $RPM_BUILD_ROOT/%{_datadir}/cracklib/pw_dict |
|
107 |
+util/cracklib-format dicts/cracklib* | util/cracklib-packer $RPM_BUILD_ROOT/%{_datadir}/cracklib/words |
|
108 |
+echo password | util/cracklib-packer $RPM_BUILD_ROOT/%{_datadir}/cracklib/empty |
|
108 | 109 |
rm -f $RPM_BUILD_ROOT/%{_datadir}/cracklib/cracklib-small |
109 | 110 |
ln -s cracklib-format $RPM_BUILD_ROOT/%{_sbindir}/mkdict |
110 | 111 |
ln -s cracklib-packer $RPM_BUILD_ROOT/%{_sbindir}/packer |
... | ... |
@@ -117,13 +120,39 @@ make %{?_smp_mflags} test |
117 | 117 |
%clean |
118 | 118 |
rm -rf $RPM_BUILD_ROOT |
119 | 119 |
|
120 |
-%post -p /sbin/ldconfig |
|
121 |
- |
|
122 |
-%postun -p /sbin/ldconfig |
|
120 |
+%post |
|
121 |
+/sbin/ldconfig |
|
122 |
+[ $1 = 1 ] || exit 0 |
|
123 |
+echo "using empty dict to provide pw_dict" >&2 |
|
124 |
+ln -sf empty.hwm %{_datadir}/cracklib/pw_dict.hwm |
|
125 |
+ln -sf empty.pwd %{_datadir}/cracklib/pw_dict.pwd |
|
126 |
+ln -sf empty.pwi %{_datadir}/cracklib/pw_dict.pwi |
|
127 |
+ |
|
128 |
+%triggerin -- cracklib-dicts |
|
129 |
+[ $2 = 1 ] || exit 0 |
|
130 |
+echo "switching pw_dict to cracklib-dicts" >&2 |
|
131 |
+ln -sf words.hwm %{_datadir}/cracklib/pw_dict.hwm |
|
132 |
+ln -sf words.pwd %{_datadir}/cracklib/pw_dict.pwd |
|
133 |
+ln -sf words.pwi %{_datadir}/cracklib/pw_dict.pwi |
|
134 |
+ |
|
135 |
+%triggerun -- cracklib-dicts |
|
136 |
+[ $2 = 0 ] || exit 0 |
|
137 |
+echo "switching pw_dict to empty dict" >&2 |
|
138 |
+ln -sf empty.hwm %{_datadir}/cracklib/pw_dict.hwm |
|
139 |
+ln -sf empty.pwd %{_datadir}/cracklib/pw_dict.pwd |
|
140 |
+ln -sf empty.pwi %{_datadir}/cracklib/pw_dict.pwi |
|
141 |
+ |
|
142 |
+%postun |
|
143 |
+/sbin/ldconfig |
|
144 |
+[ $1 = 0 ] || exit 0 |
|
145 |
+rm -f %{_datadir}/cracklib/pw_dict.hwm |
|
146 |
+rm -f %{_datadir}/cracklib/pw_dict.pwd |
|
147 |
+rm -f %{_datadir}/cracklib/pw_dict.pwi |
|
123 | 148 |
|
124 | 149 |
%files |
125 | 150 |
%defattr(-,root,root) |
126 | 151 |
%{_datadir}/cracklib/cracklib.magic |
152 |
+%{_datadir}/cracklib/empty* |
|
127 | 153 |
%{_libdir}/libcrack.so.* |
128 | 154 |
|
129 | 155 |
%files devel |
... | ... |
@@ -140,13 +169,16 @@ rm -rf $RPM_BUILD_ROOT |
140 | 140 |
%files dicts |
141 | 141 |
%defattr(-,root,root) |
142 | 142 |
%{_sbindir}/* |
143 |
-%{_datadir}/cracklib/pw_dict* |
|
143 |
+%{_datadir}/cracklib/words* |
|
144 | 144 |
|
145 | 145 |
%files lang |
146 | 146 |
%defattr(-,root,root) |
147 | 147 |
%{_datadir}/locale/* |
148 | 148 |
|
149 | 149 |
%changelog |
150 |
+* Thu Apr 13 2017 Bo Gan <ganb@vmware.com> 2.9.6-5 |
|
151 |
+- Fix CVE-2016-6318, trigger for cracklib-dicts |
|
152 |
+- Trigger for dynamic symlink for dict |
|
150 | 153 |
* Sun Nov 20 2016 Alexey Makhalov <amakhalov@vmware.com> 2.9.6-4 |
151 | 154 |
- Revert compressing pw_dict.pwd back. Python code |
152 | 155 |
cracklib.VeryFascistCheck does not handle it. |