FIX-CVE-2022-1049

2022-06-17 15:25:59 +08:00 · 2022-06-17 15:25:59 +08:00 · 9571666eba
commit 9571666eba
parent 7854b2d9de
2 changed files with 63 additions and 1 deletions
--- a/0001-FIX-CVE-2022-1049.patch
+++ b/0001-FIX-CVE-2022-1049.patch
@ -0,0 +1,57 @@
+From 55b673d8e21acfc6b77fc285c9ef7b5bbd38b6fd Mon Sep 17 00:00:00 2001
+From: duyiwei <duyiwei@kylinos.cn>
+Date: Fri, 17 Jun 2022 15:21:50 +0800
+Subject: [PATCH] FIX-CVE-2022-1049
+
+Signed-off-by: duyiwei <duyiwei@kylinos.cn>
+---
+ CHANGELOG.md       | 4 +++-
+ pcs/daemon/auth.py | 3 +++
+ 2 files changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/CHANGELOG.md b/CHANGELOG.md
+index c9484a7..39a5865 100644
+--- a/CHANGELOG.md
+++ b/CHANGELOG.md
+@@ -18,6 +18,8 @@
+ - Improved ACL documentation ([rhbz#1722970])
+ - Added missing Strict-Transport-Security headers to redirects ([rhbz#1810017])
+ - Improved pcsd daemon performance ([rhbz#1783106])
+- Pcs daemon was allowing expired accounts, and accounts with expired
+  passwords to login when using PAM auth. ([huntr#220307])
+ 
+ [ghissue#231]: https://github.com/ClusterLabs/pcs/issues/231
+ [rhbz#1676431]: https://bugzilla.redhat.com/show_bug.cgi?id=1676431
+@@ -28,7 +30,7 @@
+ [rhbz#1793574]: https://bugzilla.redhat.com/show_bug.cgi?id=1793574
+ [rhbz#1805082]: https://bugzilla.redhat.com/show_bug.cgi?id=1805082
+ [rhbz#1810017]: https://bugzilla.redhat.com/show_bug.cgi?id=1810017
+-
+[huntr#220307]: https://huntr.dev/bounties/7aa921fc-a568-4fd8-96f4-7cd826246aa5/
+ 
+ ## [0.10.4] - 2019-11-28
+ 
+diff --git a/pcs/daemon/auth.py b/pcs/daemon/auth.py
+index fa8cc24..7113046 100644
+--- a/pcs/daemon/auth.py
+++ b/pcs/daemon/auth.py
+@@ -46,6 +46,7 @@ libpam = CDLL(find_library("pam"))
+ strdup = prep_fn(libc.strdup, POINTER(c_char), [c_char_p])
+ calloc = prep_fn(libc.calloc, c_void_p, [c_uint, c_uint])
+ pam_authenticate = prep_fn(libpam.pam_authenticate, c_int, [pam_handle, c_int])
+pam_acct_mgmt = prep_fn(libpam.pam_acct_mgmt, c_int, [pam_handle, c_int])
+ pam_end = prep_fn(libpam.pam_end, c_int, [pam_handle, c_int])
+ pam_start = prep_fn(
+     libpam.pam_start,
+@@ -82,6 +83,8 @@ def authenticate_by_pam(username, password):
+     )
+     if returncode == PAM_SUCCESS:
+         returncode = pam_authenticate(pamh, 0)
+    if returncode == PAM_SUCCESS:
+        returncode = pam_acct_mgmt(pamh, 0)
+     pam_end(pamh, returncode)
+     return returncode == PAM_SUCCESS
+ 
+-- 
+2.33.0
+
--- a/pcs.spec
+++ b/pcs.spec
@ -1,6 +1,6 @@
 Name:    pcs
 Version: 0.10.5
-Release: 1
+Release: 2
 License: GPLv2 and BSD-2-Clause and ASL 2.0 and MIT
 URL:     https://github.com/ClusterLabs/pcs
 Summary: Pacemaker Configuration System
@ -52,6 +52,8 @@ Source5: https://github.com/konradhalas/dacite/archive/v%{dacite_version}/dacite
 Source6: https://github.com/idevat/pcs-web-ui/archive/%{ui_commit}/%{ui_src_name}.tar.gz
 Source7: https://github.com/idevat/pcs-web-ui/releases/download/%{ui_commit}/pcs-web-ui-node-modules-%{ui_commit}.tar.xz

+Patch0:  0001-FIX-CVE-2022-1049.patch
+
 # git for patches
 BuildRequires: git
 #printf from coreutils is used in makefile
@ -435,6 +437,9 @@ remove_all_tests
 %license pyagentx_LICENSE.txt

 %changelog
+* Fri Jun 17 2022 duyiwei <duyiwei@kylinos.cn> - 0.10.5-2
+- FIX-CVE-2022-1049
+
 * Fri Oct 30 2020 jiangxinyu <jiangxinyu@kylinos.cn> - 0.10.5-1
 - Upgrade the pcs package version to 0.10.5-1