Hi, the security team asked me to fix #626281 via next stable update. I prepared the update and attached the diff. Am I allowed to continue with the upload? Thanks in advance Alex
diff -u keepalived-1.1.20/debian/changelog keepalived-1.1.20/debian/changelog --- keepalived-1.1.20/debian/changelog +++ keepalived-1.1.20/debian/changelog @@ -1,3 +1,11 @@ +keepalived (1:1.1.20-1+squeeze1) unstable; urgency=low + + * Set correct permissions on pid file. + This is a fix for CVE-2011-1784. + (Closes: #626281) + + -- Alexander Wirt <formorer@debian.org> Sun, 18 Mar 2012 21:56:09 +0000 + keepalived (1:1.1.20-1) unstable; urgency=low * Go back to 1.1.20 since 1.2.0 is not ready for release only in patch2: unchanged: --- keepalived-1.1.20.orig/debian/patches/0001-Set-correct-rights-on-PID-file.patch +++ keepalived-1.1.20/debian/patches/0001-Set-correct-rights-on-PID-file.patch @@ -0,0 +1,40 @@ +From 78aac2699469d610b5aa2f45dac4a30bd379938a Mon Sep 17 00:00:00 2001 +From: Vincent Bernat <bernat@luffy.cx> +Date: Tue, 10 May 2011 21:17:22 +0200 +Subject: [PATCH] Set correct rights on PID file. + +This file was writable by anybody, leading to the possibility of +writing any PID an waiting for some admin to restart keepalived to +kill the process of your choice. +--- + keepalived/core/pidfile.c | 7 ++++++- + 1 files changed, 6 insertions(+), 1 deletions(-) + +diff --git a/keepalived/core/pidfile.c b/keepalived/core/pidfile.c +index 383912e..0c3ea33 100644 +--- a/keepalived/core/pidfile.c ++++ b/keepalived/core/pidfile.c +@@ -20,6 +20,9 @@ + * Copyright (C) 2001-2011 Alexandre Cassen, <acassen@linux-vs.org> + */ + ++#include <sys/types.h> ++#include <sys/stat.h> ++#include <fcntl.h> + #include "logger.h" + #include "pidfile.h" + extern char *main_pidfile; +@@ -30,7 +33,9 @@ extern char *vrrp_pidfile; + int + pidfile_write(char *pid_file, int pid) + { +- FILE *pidfile = fopen(pid_file, "w"); ++ FILE *pidfile = NULL; ++ int pidfd = creat(pid_file, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); ++ if (pidfd != -1) pidfile = fdopen(pidfd, "w"); + + if (!pidfile) { + log_message(LOG_INFO, "pidfile_write : Can not open %s pidfile", +-- +1.7.5.1 +
Attachment:
pgpyu_MvZJce4.pgp
Description: PGP signature