X Strike Force X.Org X11 SVN commit: r2361 - in trunk/app/xbase-clients/debian: . patches
Author: dnusinow
Date: 2006-06-30 01:13:43 -0400 (Fri, 30 Jun 2006)
New Revision: 2361
Added:
trunk/app/xbase-clients/debian/patches/14_SECURITY_setuid.diff
Modified:
trunk/app/xbase-clients/debian/changelog
trunk/app/xbase-clients/debian/patches/series
Log:
* Security update. Fix for setuid privledge escalation vulernabilities in
xinit, xf86dga, and xload. See
http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for the
full advisory. This package applies the patches for the 7.0 release of
those apps.
Modified: trunk/app/xbase-clients/debian/changelog
===================================================================
--- trunk/app/xbase-clients/debian/changelog 2006-06-30 05:04:00 UTC (rev 2360)
+++ trunk/app/xbase-clients/debian/changelog 2006-06-30 05:13:43 UTC (rev 2361)
@@ -1,3 +1,13 @@
+xbase-clients (1:7.1.ds-2) unstable; urgency=high
+
+ * Security update. Fix for setuid privledge escalation vulernabilities in
+ xinit, xf86dga, and xload. See
+ http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for the
+ full advisory. This package applies the patches for the 7.0 release of
+ those apps.
+
+ -- David Nusinow <dnusinow@debian.org> Fri, 30 Jun 2006 01:10:17 -0400
+
xbase-clients (1:7.1.ds-1) unstable; urgency=low
[ Steve Langasek ]
Added: trunk/app/xbase-clients/debian/patches/14_SECURITY_setuid.diff
===================================================================
--- trunk/app/xbase-clients/debian/patches/14_SECURITY_setuid.diff 2006-06-30 05:04:00 UTC (rev 2360)
+++ trunk/app/xbase-clients/debian/patches/14_SECURITY_setuid.diff 2006-06-30 05:13:43 UTC (rev 2361)
@@ -0,0 +1,72 @@
+Index: xbase-clients/xf86dga-X11R7.0-1.0.1/dga.c
+===================================================================
+--- xbase-clients.orig/xf86dga-X11R7.0-1.0.1/dga.c 2006-06-30 01:06:00.000000000 -0400
++++ xbase-clients/xf86dga-X11R7.0-1.0.1/dga.c 2006-06-30 01:06:50.000000000 -0400
+@@ -16,6 +16,7 @@
+ #include <X11/Xmd.h>
+ #include <X11/extensions/xf86dga.h>
+ #include <ctype.h>
++#include <errno.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <signal.h>
+@@ -141,7 +142,10 @@
+
+ #ifndef __UNIXOS2__
+ /* Give up root privs */
+- setuid(getuid());
++ if (setuid(getuid()) == -1) {
++ fprintf(stderr, "Unable to change uid: %s\n", strerror(errno));
++ exit(2);
++ }
+ #endif
+
+ XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);
+Index: xbase-clients/xinit/xinit.c
+===================================================================
+--- xbase-clients.orig/xinit/xinit.c 2006-06-30 01:07:11.000000000 -0400
++++ xbase-clients/xinit/xinit.c 2006-06-30 01:07:49.000000000 -0400
+@@ -692,7 +692,10 @@
+ startClient(char *client[])
+ {
+ if ((clientpid = vfork()) == 0) {
+- setuid(getuid());
++ if (setuid(getuid()) == -1) {
++ Error("cannot change uid: %s\n", strerror(errno));
++ _exit(ERR_EXIT);
++ }
+ setpgrp(0, getpid());
+ environ = newenviron;
+ #ifdef __UNIXOS2__
+Index: xbase-clients/xload-X11R7.0-1.0.1/xload.c
+===================================================================
+--- xbase-clients.orig/xload-X11R7.0-1.0.1/xload.c 2006-06-30 01:08:01.000000000 -0400
++++ xbase-clients/xload-X11R7.0-1.0.1/xload.c 2006-06-30 01:08:51.000000000 -0400
+@@ -35,6 +35,7 @@
+ */
+
+
++#include <errno.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <unistd.h>
+@@ -162,8 +163,17 @@
+ /* For security reasons, we reset our uid/gid after doing the necessary
+ system initialization and before calling any X routines. */
+ InitLoadPoint();
+- setgid(getgid()); /* reset gid first while still (maybe) root */
+- setuid(getuid());
++ /* reset gid first while still (maybe) root */
++ if (setgid(getgid()) == -1) {
++ fprintf(stderr, "%s: setgid failed: %s\n",
++ ProgramName, strerror(errno));
++ exit(1);
++ }
++ if (setuid(getuid()) == -1) {
++ fprintf(stderr, "%s: setuid failed: %s\n",
++ ProgramName, strerror(errno));
++ exit(1);
++ }
+
+ XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);
+
Modified: trunk/app/xbase-clients/debian/patches/series
===================================================================
--- trunk/app/xbase-clients/debian/patches/series 2006-06-30 05:04:00 UTC (rev 2360)
+++ trunk/app/xbase-clients/debian/patches/series 2006-06-30 05:13:43 UTC (rev 2361)
@@ -10,3 +10,4 @@
11_xkb_documentation_updates.diff -p0
12_startx_paths.diff
pkgconfig_naughtiness -p0
+14_SECURITY_setuid.diff
Reply to: