summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDonnie Berkholz <dberkholz@gentoo.org>2006-06-20 16:18:26 +0000
committerDonnie Berkholz <dberkholz@gentoo.org>2006-06-20 16:18:26 +0000
commit7d3f2480c7742dd24f43f0eb6d90395e0edcf71a (patch)
treee8acd5483f3c83f8b0325f76fa9d376134255113 /x11-apps/xload
parentInclude fix for GCC4 compilation; Resolves Bug #137179; Thanks to Hanno Meyer... (diff)
downloadhistorical-7d3f2480c7742dd24f43f0eb6d90395e0edcf71a.tar.gz
historical-7d3f2480c7742dd24f43f0eb6d90395e0edcf71a.tar.bz2
historical-7d3f2480c7742dd24f43f0eb6d90395e0edcf71a.zip
Security bump. Failure to check the return value of setuid() in a privileged process could be used by a local user for file overwriting and possible privilege escalation in corner cases. See http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for more information.
Package-Manager: portage-2.1.1_pre1-r1
Diffstat (limited to 'x11-apps/xload')
-rw-r--r--x11-apps/xload/ChangeLog13
-rw-r--r--x11-apps/xload/files/digest-xload-1.0.1-r13
-rw-r--r--x11-apps/xload/files/xload-1.0.1-setuid.diff36
-rw-r--r--x11-apps/xload/xload-1.0.1-r1.ebuild24
4 files changed, 75 insertions, 1 deletions
diff --git a/x11-apps/xload/ChangeLog b/x11-apps/xload/ChangeLog
index 03573ba76c52..70f74fd7b2ee 100644
--- a/x11-apps/xload/ChangeLog
+++ b/x11-apps/xload/ChangeLog
@@ -1,6 +1,17 @@
# ChangeLog for x11-apps/xload
# Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/x11-apps/xload/ChangeLog,v 1.12 2006/05/20 10:46:39 robbat2 Exp $
+# $Header: /var/cvsroot/gentoo-x86/x11-apps/xload/ChangeLog,v 1.13 2006/06/20 16:18:26 spyderous Exp $
+
+*xload-1.0.1-r1 (20 Jun 2006)
+
+ 20 Jun 2006; Donnie Berkholz <spyderous@gentoo.org>;
+ +files/xload-1.0.1-setuid.diff, -xload-1.0.1.ebuild,
+ +xload-1.0.1-r1.ebuild:
+ Security bump. Failure to check the return value of setuid() in a privileged
+ process could be used by a local user for file overwriting and possible
+ privilege escalation in corner cases. See
+ http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for more
+ information.
20 May 2006; Robin H. Johnson <robbat2@gentoo.org> xload-1.0.1.ebuild:
Added ~ppc after testing.
diff --git a/x11-apps/xload/files/digest-xload-1.0.1-r1 b/x11-apps/xload/files/digest-xload-1.0.1-r1
new file mode 100644
index 000000000000..4ac282ada8b6
--- /dev/null
+++ b/x11-apps/xload/files/digest-xload-1.0.1-r1
@@ -0,0 +1,3 @@
+MD5 ba013813f9c21eb015559466f8d02a44 xload-1.0.1.tar.bz2 87468
+RMD160 9179267c9ab8eb64f36eccaa55ed7428c944f6c5 xload-1.0.1.tar.bz2 87468
+SHA256 8d51184d6b18eea2f64e0c5b88cd95edff8353ce6529e780f95b1f2347babbf2 xload-1.0.1.tar.bz2 87468
diff --git a/x11-apps/xload/files/xload-1.0.1-setuid.diff b/x11-apps/xload/files/xload-1.0.1-setuid.diff
new file mode 100644
index 000000000000..da776c8d1435
--- /dev/null
+++ b/x11-apps/xload/files/xload-1.0.1-setuid.diff
@@ -0,0 +1,36 @@
+Index: xload.c
+===================================================================
+RCS file: /cvs/xorg/app/xload/xload.c,v
+retrieving revision 1.2
+diff -u -r1.2 xload.c
+--- xload.c 23 Apr 2004 19:54:57 -0000 1.2
++++ xload.c 19 Jun 2006 21:32:20 -0000
+@@ -34,7 +34,7 @@
+ * xload - display system load average in a window
+ */
+
+-
++#include <errno.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <unistd.h>
+@@ -162,8 +162,17 @@
+ /* For security reasons, we reset our uid/gid after doing the necessary
+ system initialization and before calling any X routines. */
+ InitLoadPoint();
+- setgid(getgid()); /* reset gid first while still (maybe) root */
+- setuid(getuid());
++ /* reset gid first while still (maybe) root */
++ if (setgid(getgid()) == -1) {
++ fprintf(stderr, "%s: setgid failed: %s\n",
++ ProgramName, strerror(errno));
++ exit(1);
++ }
++ if (setuid(getuid()) == -1) {
++ fprintf(stderr, "%s: setuid failed: %s\n",
++ ProgramName, strerror(errno));
++ exit(1);
++ }
+
+ XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);
+
diff --git a/x11-apps/xload/xload-1.0.1-r1.ebuild b/x11-apps/xload/xload-1.0.1-r1.ebuild
new file mode 100644
index 000000000000..85d9c5f1717d
--- /dev/null
+++ b/x11-apps/xload/xload-1.0.1-r1.ebuild
@@ -0,0 +1,24 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/x11-apps/xload/xload-1.0.1-r1.ebuild,v 1.1 2006/06/20 16:18:26 spyderous Exp $
+
+# Must be before x-modular eclass is inherited
+#SNAPSHOT="yes"
+
+inherit x-modular
+
+DESCRIPTION="X.Org xload application"
+KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
+IUSE="xprint"
+RDEPEND="x11-libs/libXaw"
+DEPEND="${RDEPEND}"
+
+CONFIGURE_OPTIONS="$(use_enable xprint)"
+
+PATCHES="${FILESDIR}/${P}-setuid.diff"
+
+pkg_setup() {
+ if use xprint && ! built_with_use x11-libs/libXaw xprint; then
+ die "Build x11-libs/libXaw with USE=xprint."
+ fi
+}