diff options
Diffstat (limited to 'debian/patches-applied/pam_env-fix-dos.patch')
-rw-r--r-- | debian/patches-applied/pam_env-fix-dos.patch | 33 |
1 files changed, 0 insertions, 33 deletions
diff --git a/debian/patches-applied/pam_env-fix-dos.patch b/debian/patches-applied/pam_env-fix-dos.patch deleted file mode 100644 index 523e1390..00000000 --- a/debian/patches-applied/pam_env-fix-dos.patch +++ /dev/null @@ -1,33 +0,0 @@ -Description: abort when encountering an overflowed environment variable - expansion (CVE-2011-3149). -Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565 -Author: Kees Cook <kees@debian.org> - -Index: pam-debian/modules/pam_env/pam_env.c -=================================================================== ---- pam-debian.orig/modules/pam_env/pam_env.c 2011-10-14 12:47:23.433861595 -0700 -+++ pam-debian/modules/pam_env/pam_env.c 2011-10-14 12:47:23.461861963 -0700 -@@ -567,6 +567,7 @@ - D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); - pam_syslog (pamh, LOG_ERR, "Variable buffer overflow: <%s> + <%s>", - tmp, tmpptr); -+ return PAM_ABORT; - } - continue; - } -@@ -628,6 +629,7 @@ - D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); - pam_syslog (pamh, LOG_ERR, - "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr); -+ return PAM_ABORT; - } - } - } /* if ('{' != *orig++) */ -@@ -639,6 +641,7 @@ - D(("Variable buffer overflow: <%s> + <%s>", tmp, tmpptr)); - pam_syslog(pamh, LOG_ERR, - "Variable buffer overflow: <%s> + <%s>", tmp, tmpptr); -+ return PAM_ABORT; - } - } - } /* for (;*orig;) */ |