diff options
author | Donnie Berkholz <dberkholz@gentoo.org> | 2006-06-20 16:18:26 +0000 |
---|---|---|
committer | Donnie Berkholz <dberkholz@gentoo.org> | 2006-06-20 16:18:26 +0000 |
commit | 7d3f2480c7742dd24f43f0eb6d90395e0edcf71a (patch) | |
tree | e8acd5483f3c83f8b0325f76fa9d376134255113 /x11-apps/xload | |
parent | Include fix for GCC4 compilation; Resolves Bug #137179; Thanks to Hanno Meyer... (diff) | |
download | historical-7d3f2480c7742dd24f43f0eb6d90395e0edcf71a.tar.gz historical-7d3f2480c7742dd24f43f0eb6d90395e0edcf71a.tar.bz2 historical-7d3f2480c7742dd24f43f0eb6d90395e0edcf71a.zip |
Security bump. Failure to check the return value of setuid() in a privileged process could be used by a local user for file overwriting and possible privilege escalation in corner cases. See http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for more information.
Package-Manager: portage-2.1.1_pre1-r1
Diffstat (limited to 'x11-apps/xload')
-rw-r--r-- | x11-apps/xload/ChangeLog | 13 | ||||
-rw-r--r-- | x11-apps/xload/files/digest-xload-1.0.1-r1 | 3 | ||||
-rw-r--r-- | x11-apps/xload/files/xload-1.0.1-setuid.diff | 36 | ||||
-rw-r--r-- | x11-apps/xload/xload-1.0.1-r1.ebuild | 24 |
4 files changed, 75 insertions, 1 deletions
diff --git a/x11-apps/xload/ChangeLog b/x11-apps/xload/ChangeLog index 03573ba76c52..70f74fd7b2ee 100644 --- a/x11-apps/xload/ChangeLog +++ b/x11-apps/xload/ChangeLog @@ -1,6 +1,17 @@ # ChangeLog for x11-apps/xload # Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/x11-apps/xload/ChangeLog,v 1.12 2006/05/20 10:46:39 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/x11-apps/xload/ChangeLog,v 1.13 2006/06/20 16:18:26 spyderous Exp $ + +*xload-1.0.1-r1 (20 Jun 2006) + + 20 Jun 2006; Donnie Berkholz <spyderous@gentoo.org>; + +files/xload-1.0.1-setuid.diff, -xload-1.0.1.ebuild, + +xload-1.0.1-r1.ebuild: + Security bump. Failure to check the return value of setuid() in a privileged + process could be used by a local user for file overwriting and possible + privilege escalation in corner cases. See + http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for more + information. 20 May 2006; Robin H. Johnson <robbat2@gentoo.org> xload-1.0.1.ebuild: Added ~ppc after testing. diff --git a/x11-apps/xload/files/digest-xload-1.0.1-r1 b/x11-apps/xload/files/digest-xload-1.0.1-r1 new file mode 100644 index 000000000000..4ac282ada8b6 --- /dev/null +++ b/x11-apps/xload/files/digest-xload-1.0.1-r1 @@ -0,0 +1,3 @@ +MD5 ba013813f9c21eb015559466f8d02a44 xload-1.0.1.tar.bz2 87468 +RMD160 9179267c9ab8eb64f36eccaa55ed7428c944f6c5 xload-1.0.1.tar.bz2 87468 +SHA256 8d51184d6b18eea2f64e0c5b88cd95edff8353ce6529e780f95b1f2347babbf2 xload-1.0.1.tar.bz2 87468 diff --git a/x11-apps/xload/files/xload-1.0.1-setuid.diff b/x11-apps/xload/files/xload-1.0.1-setuid.diff new file mode 100644 index 000000000000..da776c8d1435 --- /dev/null +++ b/x11-apps/xload/files/xload-1.0.1-setuid.diff @@ -0,0 +1,36 @@ +Index: xload.c +=================================================================== +RCS file: /cvs/xorg/app/xload/xload.c,v +retrieving revision 1.2 +diff -u -r1.2 xload.c +--- xload.c 23 Apr 2004 19:54:57 -0000 1.2 ++++ xload.c 19 Jun 2006 21:32:20 -0000 +@@ -34,7 +34,7 @@ + * xload - display system load average in a window + */ + +- ++#include <errno.h> + #include <stdio.h> + #include <stdlib.h> + #include <unistd.h> +@@ -162,8 +162,17 @@ + /* For security reasons, we reset our uid/gid after doing the necessary + system initialization and before calling any X routines. */ + InitLoadPoint(); +- setgid(getgid()); /* reset gid first while still (maybe) root */ +- setuid(getuid()); ++ /* reset gid first while still (maybe) root */ ++ if (setgid(getgid()) == -1) { ++ fprintf(stderr, "%s: setgid failed: %s\n", ++ ProgramName, strerror(errno)); ++ exit(1); ++ } ++ if (setuid(getuid()) == -1) { ++ fprintf(stderr, "%s: setuid failed: %s\n", ++ ProgramName, strerror(errno)); ++ exit(1); ++ } + + XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL); + diff --git a/x11-apps/xload/xload-1.0.1-r1.ebuild b/x11-apps/xload/xload-1.0.1-r1.ebuild new file mode 100644 index 000000000000..85d9c5f1717d --- /dev/null +++ b/x11-apps/xload/xload-1.0.1-r1.ebuild @@ -0,0 +1,24 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/x11-apps/xload/xload-1.0.1-r1.ebuild,v 1.1 2006/06/20 16:18:26 spyderous Exp $ + +# Must be before x-modular eclass is inherited +#SNAPSHOT="yes" + +inherit x-modular + +DESCRIPTION="X.Org xload application" +KEYWORDS="~amd64 ~arm ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" +IUSE="xprint" +RDEPEND="x11-libs/libXaw" +DEPEND="${RDEPEND}" + +CONFIGURE_OPTIONS="$(use_enable xprint)" + +PATCHES="${FILESDIR}/${P}-setuid.diff" + +pkg_setup() { + if use xprint && ! built_with_use x11-libs/libXaw xprint; then + die "Build x11-libs/libXaw with USE=xprint." + fi +} |