| 1 |
vostorga 11/10/04 16:07:57 |
| 2 |
|
| 3 |
Modified: metadata.xml ChangeLog cifs-utils-5.1.ebuild |
| 4 |
Log: |
| 5 |
Dropping setuid flag, bug 385315 |
| 6 |
|
| 7 |
(Portage version: 2.1.10.11/cvs/Linux i686) |
| 8 |
|
| 9 |
Revision Changes Path |
| 10 |
1.3 net-fs/cifs-utils/metadata.xml |
| 11 |
|
| 12 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/metadata.xml?rev=1.3&view=markup |
| 13 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/metadata.xml?rev=1.3&content-type=text/plain |
| 14 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/metadata.xml?r1=1.2&r2=1.3 |
| 15 |
|
| 16 |
Index: metadata.xml |
| 17 |
=================================================================== |
| 18 |
RCS file: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/metadata.xml,v |
| 19 |
retrieving revision 1.2 |
| 20 |
retrieving revision 1.3 |
| 21 |
diff -u -r1.2 -r1.3 |
| 22 |
--- metadata.xml 26 Sep 2011 17:32:43 -0000 1.2 |
| 23 |
+++ metadata.xml 4 Oct 2011 16:07:57 -0000 1.3 |
| 24 |
@@ -12,7 +12,6 @@ |
| 25 |
<flag name="caps">libcap support</flag> |
| 26 |
<flag name="caps-ng">libcap-ng support</flag> |
| 27 |
<flag name="creds">cifs credentials support</flag> |
| 28 |
- <flag name="setuid">Seting SETUID bit for mount.cifs</flag> |
| 29 |
<flag name="upcall">Create cifs.idmap binary; idmap support</flag> |
| 30 |
</use> |
| 31 |
</pkgmetadata> |
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
1.17 net-fs/cifs-utils/ChangeLog |
| 36 |
|
| 37 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/ChangeLog?rev=1.17&view=markup |
| 38 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/ChangeLog?rev=1.17&content-type=text/plain |
| 39 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/ChangeLog?r1=1.16&r2=1.17 |
| 40 |
|
| 41 |
Index: ChangeLog |
| 42 |
=================================================================== |
| 43 |
RCS file: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/ChangeLog,v |
| 44 |
retrieving revision 1.16 |
| 45 |
retrieving revision 1.17 |
| 46 |
diff -u -r1.16 -r1.17 |
| 47 |
--- ChangeLog 3 Oct 2011 15:02:17 -0000 1.16 |
| 48 |
+++ ChangeLog 4 Oct 2011 16:07:57 -0000 1.17 |
| 49 |
@@ -1,6 +1,9 @@ |
| 50 |
# ChangeLog for net-fs/cifs-utils |
| 51 |
# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2 |
| 52 |
-# $Header: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/ChangeLog,v 1.16 2011/10/03 15:02:17 vostorga Exp $ |
| 53 |
+# $Header: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/ChangeLog,v 1.17 2011/10/04 16:07:57 vostorga Exp $ |
| 54 |
+ |
| 55 |
+ 04 Oct 2011; Víctor Ostorga <vostorga@g.o> cifs-utils-5.1.ebuild: |
| 56 |
+ Dropping setuid flag, CVE-2011-3585 bug 385315 |
| 57 |
|
| 58 |
03 Oct 2011; Víctor Ostorga <vostorga@g.o> -cifs-utils-5.0.ebuild: |
| 59 |
Cleaning up vulnerable versions, CVE-2011-2724, bug 382263 |
| 60 |
|
| 61 |
|
| 62 |
|
| 63 |
1.2 net-fs/cifs-utils/cifs-utils-5.1.ebuild |
| 64 |
|
| 65 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/cifs-utils-5.1.ebuild?rev=1.2&view=markup |
| 66 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/cifs-utils-5.1.ebuild?rev=1.2&content-type=text/plain |
| 67 |
diff : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-fs/cifs-utils/cifs-utils-5.1.ebuild?r1=1.1&r2=1.2 |
| 68 |
|
| 69 |
Index: cifs-utils-5.1.ebuild |
| 70 |
=================================================================== |
| 71 |
RCS file: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/cifs-utils-5.1.ebuild,v |
| 72 |
retrieving revision 1.1 |
| 73 |
retrieving revision 1.2 |
| 74 |
diff -u -r1.1 -r1.2 |
| 75 |
--- cifs-utils-5.1.ebuild 26 Sep 2011 17:32:43 -0000 1.1 |
| 76 |
+++ cifs-utils-5.1.ebuild 4 Oct 2011 16:07:57 -0000 1.2 |
| 77 |
@@ -1,6 +1,6 @@ |
| 78 |
# Copyright 1999-2011 Gentoo Foundation |
| 79 |
# Distributed under the terms of the GNU General Public License v2 |
| 80 |
-# $Header: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/cifs-utils-5.1.ebuild,v 1.1 2011/09/26 17:32:43 vostorga Exp $ |
| 81 |
+# $Header: /var/cvsroot/gentoo-x86/net-fs/cifs-utils/cifs-utils-5.1.ebuild,v 1.2 2011/10/04 16:07:57 vostorga Exp $ |
| 82 |
|
| 83 |
EAPI=4 |
| 84 |
|
| 85 |
@@ -13,7 +13,7 @@ |
| 86 |
LICENSE="GPL-3" |
| 87 |
SLOT="0" |
| 88 |
KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" |
| 89 |
-IUSE="ads +caps caps-ng creds setuid upcall" |
| 90 |
+IUSE="ads +caps caps-ng creds upcall" |
| 91 |
|
| 92 |
DEPEND="!net-fs/mount-cifs |
| 93 |
!<net-fs/samba-3.6_rc1 |
| 94 |
@@ -51,20 +51,14 @@ |
| 95 |
|
| 96 |
src_install() { |
| 97 |
emake install DESTDIR="${D}" || die "emake install failed" |
| 98 |
- # Set set-user-ID bit of mount.cifs |
| 99 |
- if use setuid ; then |
| 100 |
- chmod u+s "${D}"/sbin/mount.cifs |
| 101 |
- fi |
| 102 |
dodoc doc/linux-cifs-client-guide.odt |
| 103 |
} |
| 104 |
|
| 105 |
pkg_postinst() { |
| 106 |
# Inform about set-user-ID bit of mount.cifs |
| 107 |
- if use setuid ; then |
| 108 |
- ewarn "Setting SETUID bit for mount.cifs." |
| 109 |
- ewarn "However, there may be severe security implications. Also see:" |
| 110 |
- ewarn "http://samba.org/samba/security/CVE-2009-2948.html" |
| 111 |
- fi |
| 112 |
+ ewarn "setuid use flag was dropped due to multiple security implications" |
| 113 |
+ ewarn "such as CVE-2009-2948 and CVE-2011-3585." |
| 114 |
+ ewarn "You are free to set setuid flags by yourself" |
| 115 |
|
| 116 |
# Inform about upcall usage |
| 117 |
if use ads ; then |
Archives