Commit 1b7798f0 authored by Chris Coulson's avatar Chris Coulson Committed by Dimitri John Ledkov

Import Debian changes 237-3ubuntu10.19

systemd (237-3ubuntu10.19) bionic-security; urgency=medium

  * SECURITY UDPATE: Unsafe environment usage in pam_systemd.so leads to
    incorrect Policykit authorization
    - debian/patches/CVE-2019-3842.patch: Use secure_getenv() rather than
      getenv() in pam_systemd.c
    - CVE-2019-3842
parent 77727b7f
systemd (237-3ubuntu10.19) bionic-security; urgency=medium
* SECURITY UDPATE: Unsafe environment usage in pam_systemd.so leads to
incorrect Policykit authorization
- debian/patches/CVE-2019-3842.patch: Use secure_getenv() rather than
getenv() in pam_systemd.c
- CVE-2019-3842
-- Chris Coulson <chris.coulson@canonical.com> Fri, 29 Mar 2019 16:40:26 +0000
systemd (237-3ubuntu10.17) bionic; urgency=medium
[ Michael Vogt ]
......
......@@ -9,10 +9,8 @@ Uploaders: Michael Biebl <biebl@debian.org>,
Martin Pitt <mpitt@debian.org>
Standards-Version: 4.1.3
Rules-Requires-Root: no
Vcs-Git: https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd -b ubuntu-bionic
Vcs-Browser: https://git.launchpad.net/~ubuntu-core-dev/ubuntu/+source/systemd
XS-Vcs-Debian-Git: https://salsa.debian.org/systemd-team/systemd.git
XS-Vcs-Debian-Browser: https://salsa.debian.org/systemd-team/systemd
Vcs-Git: https://salsa.debian.org/systemd-team/systemd.git
Vcs-Browser: https://salsa.debian.org/systemd-team/systemd
Homepage: https://www.freedesktop.org/wiki/Software/systemd
Build-Depends: debhelper (>= 10.4~),
pkg-config,
......
--- a/src/login/pam_systemd.c
+++ b/src/login/pam_systemd.c
@@ -354,27 +354,27 @@
seat = pam_getenv(handle, "XDG_SEAT");
if (isempty(seat))
- seat = getenv("XDG_SEAT");
+ seat = secure_getenv("XDG_SEAT");
cvtnr = pam_getenv(handle, "XDG_VTNR");
if (isempty(cvtnr))
- cvtnr = getenv("XDG_VTNR");
+ cvtnr = secure_getenv("XDG_VTNR");
type = pam_getenv(handle, "XDG_SESSION_TYPE");
if (isempty(type))
- type = getenv("XDG_SESSION_TYPE");
+ type = secure_getenv("XDG_SESSION_TYPE");
if (isempty(type))
type = type_pam;
class = pam_getenv(handle, "XDG_SESSION_CLASS");
if (isempty(class))
- class = getenv("XDG_SESSION_CLASS");
+ class = secure_getenv("XDG_SESSION_CLASS");
if (isempty(class))
class = class_pam;
desktop = pam_getenv(handle, "XDG_SESSION_DESKTOP");
if (isempty(desktop))
- desktop = getenv("XDG_SESSION_DESKTOP");
+ desktop = secure_getenv("XDG_SESSION_DESKTOP");
tty = strempty(tty);
......@@ -100,3 +100,4 @@ stop-mount-error-propagation.patch
Support-system-image-read-only-etc.patch
fix-race-daemon-reload-11121.patch
virt-detect-WSL-environment-as-a-container-id-wsl.patch
CVE-2019-3842.patch
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment