1 |
vostorga 11/10/04 16:07:57 |
2 |
|
3 |
Modified: metadata.xml ChangeLog cifs-utils-5.1.ebuild |
4 |
Log: |
5 |
Dropping setuid flag, bug 385315 |
6 |
|
7 |
(Portage version: 2.1.10.11/cvs/Linux i686) |
8 |
|
9 |
Revision Changes Path |
10 |
1.3 net-fs/cifs-utils/metadata.xml |
11 |
|
12 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/metadata.xml?rev=1.3&view=markup |
13 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/metadata.xml?rev=1.3&content-type=text/plain |
14 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/metadata.xml?r1=1.2&r2=1.3 |
15 |
|
16 |
Index: metadata.xml |
17 |
=================================================================== |
18 |
RCS file: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/metadata.xml,v |
19 |
retrieving revision 1.2 |
20 |
retrieving revision 1.3 |
21 |
diff -u -r1.2 -r1.3 |
22 |
--- metadata.xml 26 Sep 2011 17:32:43 -0000 1.2 |
23 |
+++ metadata.xml 4 Oct 2011 16:07:57 -0000 1.3 |
24 |
@@ -12,7 +12,6 @@ |
25 |
<flag name="caps">libcap support</flag> |
26 |
<flag name="caps-ng">libcap-ng support</flag> |
27 |
<flag name="creds">cifs credentials support</flag> |
28 |
- <flag name="setuid">Seting SETUID bit for mount.cifs</flag> |
29 |
<flag name="upcall">Create cifs.idmap binary; idmap support</flag> |
30 |
</use> |
31 |
</pkgmetadata> |
32 |
|
33 |
|
34 |
|
35 |
1.17 net-fs/cifs-utils/ChangeLog |
36 |
|
37 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/ChangeLog?rev=1.17&view=markup |
38 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/ChangeLog?rev=1.17&content-type=text/plain |
39 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/ChangeLog?r1=1.16&r2=1.17 |
40 |
|
41 |
Index: ChangeLog |
42 |
=================================================================== |
43 |
RCS file: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/ChangeLog,v |
44 |
retrieving revision 1.16 |
45 |
retrieving revision 1.17 |
46 |
diff -u -r1.16 -r1.17 |
47 |
--- ChangeLog 3 Oct 2011 15:02:17 -0000 1.16 |
48 |
+++ ChangeLog 4 Oct 2011 16:07:57 -0000 1.17 |
49 |
@@ -1,6 +1,9 @@ |
50 |
# ChangeLog for net-fs/cifs-utils |
51 |
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
52 |
-# $Header: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/ChangeLog,v 1.16 2011/10/03 15:02:17 vostorga Exp $ |
53 |
+# $Header: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/ChangeLog,v 1.17 2011/10/04 16:07:57 vostorga Exp $ |
54 |
+ |
55 |
+ 04 Oct 2011; Víctor Ostorga <vostorga@g.o> cifs-utils-5.1.ebuild: |
56 |
+ Dropping setuid flag, CVE-2011-3585 bug 385315 |
57 |
|
58 |
03 Oct 2011; Víctor Ostorga <vostorga@g.o> -cifs-utils-5.0.ebuild: |
59 |
Cleaning up vulnerable versions, CVE-2011-2724, bug 382263 |
60 |
|
61 |
|
62 |
|
63 |
1.2 net-fs/cifs-utils/cifs-utils-5.1.ebuild |
64 |
|
65 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/cifs-utils-5.1.ebuild?rev=1.2&view=markup |
66 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/cifs-utils-5.1.ebuild?rev=1.2&content-type=text/plain |
67 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/cifs-utils-5.1.ebuild?r1=1.1&r2=1.2 |
68 |
|
69 |
Index: cifs-utils-5.1.ebuild |
70 |
=================================================================== |
71 |
RCS file: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/cifs-utils-5.1.ebuild,v |
72 |
retrieving revision 1.1 |
73 |
retrieving revision 1.2 |
74 |
diff -u -r1.1 -r1.2 |
75 |
--- cifs-utils-5.1.ebuild 26 Sep 2011 17:32:43 -0000 1.1 |
76 |
+++ cifs-utils-5.1.ebuild 4 Oct 2011 16:07:57 -0000 1.2 |
77 |
@@ -1,6 +1,6 @@ |
78 |
# Copyright 1999-2011 Gentoo Foundation |
79 |
# Distributed under the terms of the GNU General Public License v2 |
80 |
-# $Header: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/cifs-utils-5.1.ebuild,v 1.1 2011/09/26 17:32:43 vostorga Exp $ |
81 |
+# $Header: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/cifs-utils-5.1.ebuild,v 1.2 2011/10/04 16:07:57 vostorga Exp $ |
82 |
|
83 |
EAPI=4 |
84 |
|
85 |
@@ -13,7 +13,7 @@ |
86 |
LICENSE="GPL-3" |
87 |
SLOT="0" |
88 |
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" |
89 |
-IUSE="ads +caps caps-ng creds setuid upcall" |
90 |
+IUSE="ads +caps caps-ng creds upcall" |
91 |
|
92 |
DEPEND="!net-fs/mount-cifs |
93 |
!<net-fs/samba-3.6_rc1 |
94 |
@@ -51,20 +51,14 @@ |
95 |
|
96 |
src_install() { |
97 |
emake install DESTDIR="${D}" || die "emake install failed" |
98 |
- # Set set-user-ID bit of mount.cifs |
99 |
- if use setuid ; then |
100 |
- chmod u+s "${D}"/sbin/mount.cifs |
101 |
- fi |
102 |
dodoc doc/linux-cifs-client-guide.odt |
103 |
} |
104 |
|
105 |
pkg_postinst() { |
106 |
# Inform about set-user-ID bit of mount.cifs |
107 |
- if use setuid ; then |
108 |
- ewarn "Setting SETUID bit for mount.cifs." |
109 |
- ewarn "However, there may be severe security implications. Also see:" |
110 |
- ewarn "http://samba.org/samba/security/CVE-2009-2948.html" |
111 |
- fi |
112 |
+ ewarn "setuid use flag was dropped due to multiple security implications" |
113 |
+ ewarn "such as CVE-2009-2948 and CVE-2011-3585." |
114 |
+ ewarn "You are free to set setuid flags by yourself" |
115 |
|
116 |
# Inform about upcall usage |
117 |
if use ads ; then |