The 2.17 version of glibc's crypt() was changed to returning NULL if it got an invalid seed, this broke tinylogin and shadow in different ways.
Thanks to the Slackware team for "just in time patches", they found it first in shadow around March 28th! I do not believe that these will introduce any security concerns, please review with a careful eye. Sau! Saul Wold (2): tinylogin: fix segfault from crypt() shadow: add patch to fix crypt: Invalid Argument .../tinylogin/tinylogin-1.4/glibc_crypt_fix.patch | 23 ++++++++ meta/recipes-core/tinylogin/tinylogin_1.4.bb | 4 +- .../files/slackware_fix_for_glib-2.17_crypt.patch | 63 ++++++++++++++++++++++ meta/recipes-extended/shadow/shadow_4.1.4.3.bb | 1 + 4 files changed, 90 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-core/tinylogin/tinylogin-1.4/glibc_crypt_fix.patch create mode 100644 meta/recipes-extended/shadow/files/slackware_fix_for_glib-2.17_crypt.patch -- 1.8.0.2 _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
