First Last Prev Next    This bug is not in your last search results.
Bug 44673 - shadow: regression in su signal handling (4.2)
shadow: regression in su signal handling (4.2)
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Security updates
UCS 4.2
Other Linux
: P5 normal (vote)
: UCS 4.2-1-errata
Assigned To: Philipp Hahn
Arvid Requate
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-05-23 18:24 CEST by Arvid Requate
Modified: 2017-06-28 15:33 CEST (History)
0 users

See Also:
What kind of report is it?: Security Issue
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Security, Troubleshooting
Max CVSS v3 score:
requate: Patch_Available+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2017-05-23 18:24:58 CEST 
Version 1:4.2-3+deb8u3 of the Debian "shadow" package has a regression which has been fixed in the upstream package version 1:4.2-3+deb8u4:

The update for the shadow suite issued as DSA-3793-1 introduced a
regression in su signal handling. If su receives a signal like SIGTERM,
it is not propagated to the child. Updated packages are now available to
correct this issue.
Comment 1 Philipp Hahn univentionstaff 2017-06-13 10:42:54 CEST 
Automatically imported through Bug #44451
OK: errata-announce -V --only sudo.yaml
Comment 2 Arvid Requate univentionstaff 2017-06-22 19:26:07 CEST 
The source package is missing:
* apt/ucs_4.2-0-errata4.2-0/source/shadow_4.2-3+deb8u4.dsc
Comment 3 Arvid Requate univentionstaff 2017-06-22 19:29:25 CEST 
It's also not shown by repo_stat.py
Comment 4 Philipp Hahn univentionstaff 2017-06-26 00:12:22 CEST 
(In reply to Arvid Requate from comment #2)
> The source package is missing:
> * apt/ucs_4.2-0-errata4.2-0/source/shadow_4.2-3+deb8u4.dsc

Fixed

(In reply to Arvid Requate from comment #3)
> It's also not shown by repo_stat.py

Fixed
Comment 5 Arvid Requate univentionstaff 2017-06-26 12:39:21 CEST 
The advisory is missing.
Comment 6 Philipp Hahn univentionstaff 2017-06-26 15:39:54 CEST 
(In reply to Arvid Requate from comment #5)
> The advisory is missing.

r80495 | Bug #44673: shadow.yaml
Comment 7 Arvid Requate univentionstaff 2017-06-26 16:12:24 CEST 
Ok
Comment 8 Janek Walkenhorst univentionstaff 2017-06-28 15:33:36 CEST 
<http://errata.software-univention.de/ucs/4.2/63.html>
First Last Prev Next    This bug is not in your last search results.