mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-01-29 21:08:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

inetutils: Update to the 2.5 release

Browse Source 
The update from 2.4 to 2.5 was almost something AUH could take care of.
However, we had backported two patches to address CVE-2023-40303 and
that threw off AUH. These changes are confirmed to be in 2.5, so drop
them and update to 2.5.

(From OE-Core rev: e1bffeab27b062884f6366cde24ce1c67e7ec03e)

Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Tom Rini
2024-01-03 10:11:47 -05:00
committed by Richard Purdie
parent d68492d6c5
commit 1bbdc674ae
3 changed files with 1 additions and 535 deletions
Download Patch File Download Diff File Expand all files Collapse all files

279
meta/recipes-connectivity/inetutils/inetutils/0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch
View File

@@ -1,279 +0,0 @@
From 703418fe9d2e3b1e8d594df5788d8001a8116265 Mon Sep 17 00:00:00 2001
From: Jeffrey Bencteux <jeffbencteux@gmail.com>
Date: Fri, 30 Jun 2023 19:02:45 +0200
Subject: [PATCH] CVE-2023-40303: ftpd,rcp,rlogin,rsh,rshd,uucpd: fix: check
set*id() return values
Several setuid(), setgid(), seteuid() and setguid() return values
were not checked in ftpd/rcp/rlogin/rsh/rshd/uucpd code potentially
leading to potential security issues.
CVE: CVE-2023-40303
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=e4e65c03f4c11292a3e40ef72ca3f194c8bffdd6]
Signed-off-by: Jeffrey Bencteux <jeffbencteux@gmail.com>
Signed-off-by: Simon Josefsson <simon@josefsson.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
ftpd/ftpd.c | 10 +++++++---
src/rcp.c | 39 +++++++++++++++++++++++++++++++++------
src/rlogin.c | 11 +++++++++--
src/rsh.c | 25 +++++++++++++++++++++----
src/rshd.c | 20 +++++++++++++++++---
src/uucpd.c | 15 +++++++++++++--
6 files changed, 100 insertions(+), 20 deletions(-)
diff --git a/ftpd/ftpd.c b/ftpd/ftpd.c
index 92b2cca5..28dd523f 100644
--- a/ftpd/ftpd.c
+++ b/ftpd/ftpd.c
@@ -862,7 +862,9 @@ end_login (struct credentials *pcred)
char *remotehost = pcred->remotehost;
int atype = pcred->auth_type;
- seteuid ((uid_t) 0);
+ if (seteuid ((uid_t) 0) == -1)
+ _exit (EXIT_FAILURE);
+
if (pcred->logged_in)
{
logwtmp_keep_open (ttyline, "", "");
@@ -1151,7 +1153,8 @@ getdatasock (const char *mode)
if (data >= 0)
return fdopen (data, mode);
- seteuid ((uid_t) 0);
+ if (seteuid ((uid_t) 0) == -1)
+ _exit (EXIT_FAILURE);
s = socket (ctrl_addr.ss_family, SOCK_STREAM, 0);
if (s < 0)
goto bad;
@@ -1978,7 +1981,8 @@ passive (int epsv, int af)
else /* !AF_INET6 */
((struct sockaddr_in *) &pasv_addr)->sin_port = 0;
- seteuid ((uid_t) 0);
+ if (seteuid ((uid_t) 0) == -1)
+ _exit (EXIT_FAILURE);
if (bind (pdata, (struct sockaddr *) &pasv_addr, pasv_addrlen) < 0)
{
if (seteuid ((uid_t) cred.uid))
diff --git a/src/rcp.c b/src/rcp.c
index 75adb253..cdcf8500 100644
--- a/src/rcp.c
+++ b/src/rcp.c
@@ -345,14 +345,23 @@ main (int argc, char *argv[])
if (from_option)
{ /* Follow "protocol", send data. */
response ();
- setuid (userid);
+
+ if (setuid (userid) == -1)
+ {
+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
+ }
+
source (argc, argv);
exit (errs);
}
if (to_option)
{ /* Receive data. */
- setuid (userid);
+ if (setuid (userid) == -1)
+ {
+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
+ }
+
sink (argc, argv);
exit (errs);
}
@@ -537,7 +546,11 @@ toremote (char *targ, int argc, char *argv[])
if (response () < 0)
exit (EXIT_FAILURE);
free (bp);
- setuid (userid);
+
+ if (setuid (userid) == -1)
+ {
+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
+ }
}
source (1, argv + i);
close (rem);
@@ -630,7 +643,12 @@ tolocal (int argc, char *argv[])
++errs;
continue;
}
- seteuid (userid);
+
+ if (seteuid (userid) == -1)
+ {
+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
+ }
+
#if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
sslen = sizeof (ss);
(void) getpeername (rem, (struct sockaddr *) &ss, &sslen);
@@ -643,7 +661,12 @@ tolocal (int argc, char *argv[])
#endif
vect[0] = target;
sink (1, vect);
- seteuid (effuid);
+
+ if (seteuid (effuid) == -1)
+ {
+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
+ }
+
close (rem);
rem = -1;
#ifdef SHISHI
@@ -1441,7 +1464,11 @@ susystem (char *s, int userid)
return (127);
case 0:
- setuid (userid);
+ if (setuid (userid) == -1)
+ {
+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
+ }
+
execl (PATH_BSHELL, "sh", "-c", s, NULL);
_exit (127);
}
diff --git a/src/rlogin.c b/src/rlogin.c
index aa6426fb..c543de0c 100644
--- a/src/rlogin.c
+++ b/src/rlogin.c
@@ -647,8 +647,15 @@ try_connect:
/* Now change to the real user ID. We have to be set-user-ID root
to get the privileged port that rcmd () uses. We now want, however,
to run as the real user who invoked us. */
- seteuid (uid);
- setuid (uid);
+ if (seteuid (uid) == -1)
+ {
+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
+ }
+
+ if (setuid (uid) == -1)
+ {
+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
+ }
doit (&osmask); /* The old mask will activate SIGURG and SIGUSR1! */
diff --git a/src/rsh.c b/src/rsh.c
index 2d622ca4..6f60667d 100644
--- a/src/rsh.c
+++ b/src/rsh.c
@@ -276,8 +276,17 @@ main (int argc, char **argv)
{
if (asrsh)
*argv = (char *) "rlogin";
- seteuid (getuid ());
- setuid (getuid ());
+
+ if (seteuid (getuid ()) == -1)
+ {
+ error (EXIT_FAILURE, errno, "seteuid() failed");
+ }
+
+ if (setuid (getuid ()) == -1)
+ {
+ error (EXIT_FAILURE, errno, "setuid() failed");
+ }
+
execv (PATH_RLOGIN, argv);
error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN);
}
@@ -541,8 +550,16 @@ try_connect:
error (0, errno, "setsockopt DEBUG (ignored)");
}
- seteuid (uid);
- setuid (uid);
+ if (seteuid (uid) == -1)
+ {
+ error (EXIT_FAILURE, errno, "seteuid() failed");
+ }
+
+ if (setuid (uid) == -1)
+ {
+ error (EXIT_FAILURE, errno, "setuid() failed");
+ }
+
#ifdef HAVE_SIGACTION
sigemptyset (&sigs);
sigaddset (&sigs, SIGINT);
diff --git a/src/rshd.c b/src/rshd.c
index d1c0d0cd..707790e7 100644
--- a/src/rshd.c
+++ b/src/rshd.c
@@ -1847,8 +1847,18 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
pwd->pw_shell = PATH_BSHELL;
/* Set the gid, then uid to become the user specified by "locuser" */
- setegid ((gid_t) pwd->pw_gid);
- setgid ((gid_t) pwd->pw_gid);
+ if (setegid ((gid_t) pwd->pw_gid) == -1)
+ {
+ rshd_error ("Cannot drop privileges (setegid() failed)\n");
+ exit (EXIT_FAILURE);
+ }
+
+ if (setgid ((gid_t) pwd->pw_gid) == -1)
+ {
+ rshd_error ("Cannot drop privileges (setgid() failed)\n");
+ exit (EXIT_FAILURE);
+ }
+
#ifdef HAVE_INITGROUPS
initgroups (pwd->pw_name, pwd->pw_gid); /* BSD groups */
#endif
@@ -1870,7 +1880,11 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
}
#endif /* WITH_PAM */
- setuid ((uid_t) pwd->pw_uid);
+ if (setuid ((uid_t) pwd->pw_uid) == -1)
+ {
+ rshd_error ("Cannot drop privileges (setuid() failed)\n");
+ exit (EXIT_FAILURE);
+ }
/* We'll execute the client's command in the home directory
* of locuser. Note, that the chdir must be executed after
diff --git a/src/uucpd.c b/src/uucpd.c
index 107589e1..29cfce35 100644
--- a/src/uucpd.c
+++ b/src/uucpd.c
@@ -252,7 +252,12 @@ doit (struct sockaddr *sap, socklen_t salen)
snprintf (Username, sizeof (Username), "USER=%s", user);
snprintf (Logname, sizeof (Logname), "LOGNAME=%s", user);
dologin (pw, sap, salen);
- setgid (pw->pw_gid);
+
+ if (setgid (pw->pw_gid) == -1)
+ {
+ fprintf (stderr, "setgid() failed");
+ return;
+ }
#ifdef HAVE_INITGROUPS
initgroups (pw->pw_name, pw->pw_gid);
#endif
@@ -261,7 +266,13 @@ doit (struct sockaddr *sap, socklen_t salen)
fprintf (stderr, "Login incorrect.");
return;
}
- setuid (pw->pw_uid);
+
+ if (setuid (pw->pw_uid) == -1)
+ {
+ fprintf (stderr, "setuid() failed");
+ return;
+ }
+
execl (uucico_location, "uucico", NULL);
perror ("uucico server: execl");
}

253
meta/recipes-connectivity/inetutils/inetutils/0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch
View File

@@ -1,253 +0,0 @@
From 70fe022f9dac760eaece0228cad17e3d29a57fb8 Mon Sep 17 00:00:00 2001
From: Simon Josefsson <simon@josefsson.org>
Date: Mon, 31 Jul 2023 13:59:05 +0200
Subject: [PATCH] CVE-2023-40303: Indent changes in previous commit.
CVE: CVE-2023-40303
Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=9122999252c7e21eb7774de11d539748e7bdf46d]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
src/rcp.c | 42 ++++++++++++++++++++++++------------------
src/rlogin.c | 12 ++++++------
src/rsh.c | 24 ++++++++++++------------
src/rshd.c | 24 ++++++++++++------------
src/uucpd.c | 16 ++++++++--------
5 files changed, 62 insertions(+), 56 deletions(-)
diff --git a/src/rcp.c b/src/rcp.c
index cdcf8500..652f22e6 100644
--- a/src/rcp.c
+++ b/src/rcp.c
@@ -347,9 +347,10 @@ main (int argc, char *argv[])
response ();
if (setuid (userid) == -1)
- {
- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
- }
+ {
+ error (EXIT_FAILURE, 0,
+ "Could not drop privileges (setuid() failed)");
+ }
source (argc, argv);
exit (errs);
@@ -358,9 +359,10 @@ main (int argc, char *argv[])
if (to_option)
{ /* Receive data. */
if (setuid (userid) == -1)
- {
- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
- }
+ {
+ error (EXIT_FAILURE, 0,
+ "Could not drop privileges (setuid() failed)");
+ }
sink (argc, argv);
exit (errs);
@@ -548,9 +550,10 @@ toremote (char *targ, int argc, char *argv[])
free (bp);
if (setuid (userid) == -1)
- {
- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
- }
+ {
+ error (EXIT_FAILURE, 0,
+ "Could not drop privileges (setuid() failed)");
+ }
}
source (1, argv + i);
close (rem);
@@ -645,9 +648,10 @@ tolocal (int argc, char *argv[])
}
if (seteuid (userid) == -1)
- {
- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
- }
+ {
+ error (EXIT_FAILURE, 0,
+ "Could not drop privileges (seteuid() failed)");
+ }
#if defined IP_TOS && defined IPPROTO_IP && defined IPTOS_THROUGHPUT
sslen = sizeof (ss);
@@ -663,9 +667,10 @@ tolocal (int argc, char *argv[])
sink (1, vect);
if (seteuid (effuid) == -1)
- {
- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
- }
+ {
+ error (EXIT_FAILURE, 0,
+ "Could not drop privileges (seteuid() failed)");
+ }
close (rem);
rem = -1;
@@ -1465,9 +1470,10 @@ susystem (char *s, int userid)
case 0:
if (setuid (userid) == -1)
- {
- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
- }
+ {
+ error (EXIT_FAILURE, 0,
+ "Could not drop privileges (setuid() failed)");
+ }
execl (PATH_BSHELL, "sh", "-c", s, NULL);
_exit (127);
diff --git a/src/rlogin.c b/src/rlogin.c
index c543de0c..4360202f 100644
--- a/src/rlogin.c
+++ b/src/rlogin.c
@@ -648,14 +648,14 @@ try_connect:
to get the privileged port that rcmd () uses. We now want, however,
to run as the real user who invoked us. */
if (seteuid (uid) == -1)
- {
- error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
- }
+ {
+ error (EXIT_FAILURE, 0, "Could not drop privileges (seteuid() failed)");
+ }
if (setuid (uid) == -1)
- {
- error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
- }
+ {
+ error (EXIT_FAILURE, 0, "Could not drop privileges (setuid() failed)");
+ }
doit (&osmask); /* The old mask will activate SIGURG and SIGUSR1! */
diff --git a/src/rsh.c b/src/rsh.c
index 6f60667d..179b47cd 100644
--- a/src/rsh.c
+++ b/src/rsh.c
@@ -278,14 +278,14 @@ main (int argc, char **argv)
*argv = (char *) "rlogin";
if (seteuid (getuid ()) == -1)
- {
- error (EXIT_FAILURE, errno, "seteuid() failed");
- }
+ {
+ error (EXIT_FAILURE, errno, "seteuid() failed");
+ }
if (setuid (getuid ()) == -1)
- {
- error (EXIT_FAILURE, errno, "setuid() failed");
- }
+ {
+ error (EXIT_FAILURE, errno, "setuid() failed");
+ }
execv (PATH_RLOGIN, argv);
error (EXIT_FAILURE, errno, "cannot execute %s", PATH_RLOGIN);
@@ -551,14 +551,14 @@ try_connect:
}
if (seteuid (uid) == -1)
- {
- error (EXIT_FAILURE, errno, "seteuid() failed");
- }
+ {
+ error (EXIT_FAILURE, errno, "seteuid() failed");
+ }
if (setuid (uid) == -1)
- {
- error (EXIT_FAILURE, errno, "setuid() failed");
- }
+ {
+ error (EXIT_FAILURE, errno, "setuid() failed");
+ }
#ifdef HAVE_SIGACTION
sigemptyset (&sigs);
diff --git a/src/rshd.c b/src/rshd.c
index 707790e7..3a153a18 100644
--- a/src/rshd.c
+++ b/src/rshd.c
@@ -1848,16 +1848,16 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
/* Set the gid, then uid to become the user specified by "locuser" */
if (setegid ((gid_t) pwd->pw_gid) == -1)
- {
- rshd_error ("Cannot drop privileges (setegid() failed)\n");
- exit (EXIT_FAILURE);
- }
+ {
+ rshd_error ("Cannot drop privileges (setegid() failed)\n");
+ exit (EXIT_FAILURE);
+ }
if (setgid ((gid_t) pwd->pw_gid) == -1)
- {
- rshd_error ("Cannot drop privileges (setgid() failed)\n");
- exit (EXIT_FAILURE);
- }
+ {
+ rshd_error ("Cannot drop privileges (setgid() failed)\n");
+ exit (EXIT_FAILURE);
+ }
#ifdef HAVE_INITGROUPS
initgroups (pwd->pw_name, pwd->pw_gid); /* BSD groups */
@@ -1881,10 +1881,10 @@ doit (int sockfd, struct sockaddr *fromp, socklen_t fromlen)
#endif /* WITH_PAM */
if (setuid ((uid_t) pwd->pw_uid) == -1)
- {
- rshd_error ("Cannot drop privileges (setuid() failed)\n");
- exit (EXIT_FAILURE);
- }
+ {
+ rshd_error ("Cannot drop privileges (setuid() failed)\n");
+ exit (EXIT_FAILURE);
+ }
/* We'll execute the client's command in the home directory
* of locuser. Note, that the chdir must be executed after
diff --git a/src/uucpd.c b/src/uucpd.c
index 29cfce35..fde7b9c9 100644
--- a/src/uucpd.c
+++ b/src/uucpd.c
@@ -254,10 +254,10 @@ doit (struct sockaddr *sap, socklen_t salen)
dologin (pw, sap, salen);
if (setgid (pw->pw_gid) == -1)
- {
- fprintf (stderr, "setgid() failed");
- return;
- }
+ {
+ fprintf (stderr, "setgid() failed");
+ return;
+ }
#ifdef HAVE_INITGROUPS
initgroups (pw->pw_name, pw->pw_gid);
#endif
@@ -268,10 +268,10 @@ doit (struct sockaddr *sap, socklen_t salen)
}
if (setuid (pw->pw_uid) == -1)
- {
- fprintf (stderr, "setuid() failed");
- return;
- }
+ {
+ fprintf (stderr, "setuid() failed");
+ return;
+ }
execl (uucico_location, "uucico", NULL);
perror ("uucico server: execl");

4
meta/recipes-connectivity/inetutils/inetutils_2.4.bb → meta/recipes-connectivity/inetutils/inetutils_2.5.bb
View File

@@ -11,15 +11,13 @@ LICENSE = "GPL-3.0-only"
LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7" LIC_FILES_CHKSUM = "file://COPYING;md5=0c7051aef9219dc7237f206c5c4179a7"
SRC_URI[sha256sum] = "1789d6b1b1a57dfe2a7ab7b533ee9f5dfd9cbf5b59bb1bb3c2612ed08d0f68b2" SRC_URI[sha256sum] = "87697d60a31e10b5cb86a9f0651e1ec7bee98320d048c0739431aac3d5764fb6"
SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \ SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \
file://rexec.xinetd.inetutils \ file://rexec.xinetd.inetutils \
file://rlogin.xinetd.inetutils \ file://rlogin.xinetd.inetutils \
file://rsh.xinetd.inetutils \ file://rsh.xinetd.inetutils \
file://telnet.xinetd.inetutils \ file://telnet.xinetd.inetutils \
file://tftpd.xinetd.inetutils \ file://tftpd.xinetd.inetutils \
file://0001-CVE-2023-40303-ftpd-rcp-rlogin-rsh-rshd-uucpd-fix-ch.patch \
file://0002-CVE-2023-40303-Indent-changes-in-previous-commit.patch \
" "
inherit autotools gettext update-alternatives texinfo inherit autotools gettext update-alternatives texinfo