1 The following patch was copied from Debian.
3 Description: Fix CVE-2015-3202
4 Missing scrubbing of the environment before executing a mount or umount
7 Author: Miklos Szeredi <miklos@szeredi.hu>
8 Last-Update: 2015-05-19
11 lib/mount_util.c | 23 +++++++++++++++++------
12 1 file changed, 17 insertions(+), 6 deletions(-)
14 --- a/lib/mount_util.c
15 +++ b/lib/mount_util.c
16 @@ -95,10 +95,12 @@ static int add_mount(const char *prognam
22 sigprocmask(SIG_SETMASK, &oldmask, NULL);
24 - execl("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
25 - "-f", "-t", type, "-o", opts, fsname, mnt, NULL);
26 + execle("/bin/mount", "/bin/mount", "--no-canonicalize", "-i",
27 + "-f", "-t", type, "-o", opts, fsname, mnt, NULL, &env);
28 fprintf(stderr, "%s: failed to execute /bin/mount: %s\n",
29 progname, strerror(errno));
31 @@ -146,10 +148,17 @@ static int exec_umount(const char *progn
37 sigprocmask(SIG_SETMASK, &oldmask, NULL);
39 - execl("/bin/umount", "/bin/umount", "-i", rel_mnt,
40 - lazy ? "-l" : NULL, NULL);
42 + execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
45 + execle("/bin/umount", "/bin/umount", "-i", rel_mnt,
48 fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
49 progname, strerror(errno));
51 @@ -205,10 +214,12 @@ static int remove_mount(const char *prog
57 sigprocmask(SIG_SETMASK, &oldmask, NULL);
59 - execl("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
60 - "--fake", mnt, NULL);
61 + execle("/bin/umount", "/bin/umount", "--no-canonicalize", "-i",
62 + "--fake", mnt, NULL, &env);
63 fprintf(stderr, "%s: failed to execute /bin/umount: %s\n",
64 progname, strerror(errno));