Ubuntu
mountall package

Merge lp:~smoser/ubuntu/lucid/mountall/bug649591 into lp:ubuntu/lucid/mountall

  1. Lucid (10.04)
  2. bug649591
  3. Merge into lucid
Proposed by Scott Moser
Status: Merged
Merged at revision: 337
Proposed branch: lp:~smoser/ubuntu/lucid/mountall/bug649591
Merge into: lp:ubuntu/lucid/mountall
Diff against target: 104 lines (+58/-3)
3 files modified
debian/changelog (+18/-0)
debian/preinst (+37/-0)
src/mountall.c (+3/-3)
To merge this branch: bzr merge lp:~smoser/ubuntu/lucid/mountall/bug649591
Reviewer Review Type Date Requested Status
Ubuntu Development Team Pending
Review via email: mp+37105@code.launchpad.net
To post a comment you must log in.
lp:~smoser/ubuntu/lucid/mountall/bug649591 updated
337. By Scott Moser

releasing version 2.15.2

338. By Scott Moser

Fix infinite loop when one of mountall's private mount options is
followed by a comma, and guard against other reasons why cut_options
might end up comparing a zero-length option (LP: #649591).

339. By Scott Moser

releasing version 2.15.3

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2010-09-02 11:30:00 +0000
3+++ debian/changelog 2010-10-01 20:37:46 +0000
4@@ -1,3 +1,21 @@
5+mountall (2.15.3) lucid-proposed; urgency=low
6+
7+ [ Colin Watson ]
8+ * Fix infinite loop when one of mountall's private mount options is
9+ followed by a comma, and guard against other reasons why cut_options
10+ might end up comparing a zero-length option (LP: #649591).
11+
12+ -- Scott Moser <smoser@ubuntu.com> Thu, 30 Sep 2010 03:35:23 -0400
13+
14+mountall (2.15.2) lucid-security; urgency=low
15+
16+ * SECURITY UPDATE: do not leave writable udev rules file around.
17+ - src/mountall.c: set umask correctly (LP: #591807).
18+ - debian/preinst: remove boot-time udev rules file.
19+ - CVE-2010-2961
20+
21+ -- Kees Cook <kees@ubuntu.com> Wed, 01 Sep 2010 15:30:44 -0700
22+
23 mountall (2.15.1) lucid-proposed; urgency=low
24
25 * conf/mountall.conf: set $LANG so that messages appearing in plymouth are
26
27=== added file 'debian/preinst'
28--- debian/preinst 1970-01-01 00:00:00 +0000
29+++ debian/preinst 2010-10-01 20:37:46 +0000
30@@ -0,0 +1,37 @@
31+#!/bin/sh
32+# preinst script for mountall
33+#
34+# see: dh_installdeb(1)
35+
36+set -e
37+
38+# summary of how this script can be called:
39+# * <new-preinst> `install'
40+# * <new-preinst> `install' <old-version>
41+# * <new-preinst> `upgrade' <old-version>
42+# * <old-preinst> `abort-upgrade' <new-version>
43+# for details, see http://www.debian.org/doc/debian-policy/ or
44+# the debian-policy package
45+
46+case "$1" in
47+ install|upgrade)
48+ if dpkg --compare-versions "$2" lt 2.15.2; then
49+ rm -f /dev/.udev/rules.d/root.rules
50+ fi
51+ ;;
52+
53+ abort-upgrade)
54+ ;;
55+
56+ *)
57+ echo "preinst called with unknown argument \`$1'" >&2
58+ exit 1
59+ ;;
60+esac
61+
62+# dh_installdeb will replace this with shell code automatically
63+# generated by other debhelper scripts.
64+
65+#DEBHELPER#
66+
67+exit 0
68
69=== modified file 'src/mountall.c'
70--- src/mountall.c 2010-05-08 11:53:50 +0000
71+++ src/mountall.c 2010-10-01 20:37:46 +0000
72@@ -626,7 +626,7 @@
73
74 va_copy (options, args);
75 while ((option = va_arg (options, const char *)) != NULL) {
76- if (! strncmp (opts + i, option, j))
77+ if (j && ! strncmp (opts + i, option, j))
78 break;
79 }
80 va_end (options);
81@@ -634,8 +634,6 @@
82 if (option) {
83 memmove (opts + (i ? i - 1 : 0), opts + i + j + k,
84 strlen (opts) - i - j - k + 1);
85- if (i)
86- i--;
87 } else {
88 i += j + k + 1;
89 }
90@@ -1349,6 +1347,7 @@
91 if (root->mounted_dev != -1) {
92 FILE *rules;
93
94+ mask = umask (0022);
95 mkdir ("/dev/.udev", 0755);
96 mkdir ("/dev/.udev/rules.d", 0755);
97 rules = fopen ("/dev/.udev/rules.d/root.rules", "w");
98@@ -1361,6 +1360,7 @@
99 minor (root->mounted_dev));
100 fclose (rules);
101 }
102+ umask (mask);
103 }
104 }
105

Subscribers

People subscribed via source and target branches

to all changes: