shadow: Update to 4.1.5.1

Fixes CVE-2005-4890 and CVE-2011-0721.

pkgs/os-specific/linux/shadow/keep-path.patch

@@ -1,18 +1,15 @@
-Don't reset $PATH to /bin:/usr/bin.  This is consistent with `su' in
-coreutils and important on NixOS.
-
-diff -ru -x '*~' shadow-4.1.4.2-orig/src/su.c shadow-4.1.4.2/src/su.c
---- shadow-4.1.4.2-orig/src/su.c	2009-07-23 22:38:56.000000000 +0200
-+++ shadow-4.1.4.2/src/su.c	2010-06-04 13:23:11.000000000 +0200
-@@ -827,6 +827,7 @@
- 	(void) signal (SIGINT, SIG_DFL);
- 	(void) signal (SIGQUIT, SIG_DFL);
+diff -ru shadow-4.1.5.1-orig/src/su.c shadow-4.1.5.1/src/su.c
+--- shadow-4.1.5.1-orig/src/su.c	2012-05-25 07:51:55.000000000 -0400
++++ shadow-4.1.5.1/src/su.c	2012-07-25 17:22:57.013547930 -0400
+@@ -879,6 +879,7 @@
+ 		}
+ 	}
  
 +#if 0
- 	cp = getdef_str ((pwent.pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
+ 	cp = getdef_str ((pw->pw_uid == 0) ? "ENV_SUPATH" : "ENV_PATH");
  	if (NULL == cp) {
- 		addenv ("PATH=/bin:/usr/bin", NULL);
-@@ -835,6 +836,7 @@
+ 		addenv ((pw->pw_uid == 0) ? "PATH=/sbin:/bin:/usr/sbin:/usr/bin" : "PATH=/bin:/usr/bin", NULL);
+@@ -887,6 +888,7 @@
  	} else {
  		addenv ("PATH", cp);
  	}