X Strike Force X.Org X11 SVN commit: r2361 - in trunk/app/xbase-clients/debian: . patches

To: debian-x@lists.debian.org
Subject: X Strike Force X.Org X11 SVN commit: r2361 - in trunk/app/xbase-clients/debian: . patches
From: X Strike Force SVN Repository Admin <branden+svnadmin@deadbeast.net>
Date: Fri, 30 Jun 2006 01:13:44 -0400 (EDT)
Message-id: <[🔎] 20060630051344.775E75C06F@necrotic.deadbeast.net>
Mail-followup-to: debian-x@lists.debian.org

Author: dnusinow
Date: 2006-06-30 01:13:43 -0400 (Fri, 30 Jun 2006)
New Revision: 2361

Added:
   trunk/app/xbase-clients/debian/patches/14_SECURITY_setuid.diff
Modified:
   trunk/app/xbase-clients/debian/changelog
   trunk/app/xbase-clients/debian/patches/series
Log:
* Security update. Fix for setuid privledge escalation vulernabilities in
  xinit, xf86dga, and xload. See
  http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for the
  full advisory. This package applies the patches for the 7.0 release of
  those apps.

Modified: trunk/app/xbase-clients/debian/changelog
===================================================================
--- trunk/app/xbase-clients/debian/changelog	2006-06-30 05:04:00 UTC (rev 2360)
+++ trunk/app/xbase-clients/debian/changelog	2006-06-30 05:13:43 UTC (rev 2361)
@@ -1,3 +1,13 @@
+xbase-clients (1:7.1.ds-2) unstable; urgency=high
+
+  * Security update. Fix for setuid privledge escalation vulernabilities in
+    xinit, xf86dga, and xload. See
+    http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for the
+    full advisory. This package applies the patches for the 7.0 release of
+    those apps.
+
+ -- David Nusinow <dnusinow@debian.org>  Fri, 30 Jun 2006 01:10:17 -0400
+
 xbase-clients (1:7.1.ds-1) unstable; urgency=low
 
   [ Steve Langasek ]

Added: trunk/app/xbase-clients/debian/patches/14_SECURITY_setuid.diff
===================================================================
--- trunk/app/xbase-clients/debian/patches/14_SECURITY_setuid.diff	2006-06-30 05:04:00 UTC (rev 2360)
+++ trunk/app/xbase-clients/debian/patches/14_SECURITY_setuid.diff	2006-06-30 05:13:43 UTC (rev 2361)
@@ -0,0 +1,72 @@
+Index: xbase-clients/xf86dga-X11R7.0-1.0.1/dga.c
+===================================================================
+--- xbase-clients.orig/xf86dga-X11R7.0-1.0.1/dga.c	2006-06-30 01:06:00.000000000 -0400
++++ xbase-clients/xf86dga-X11R7.0-1.0.1/dga.c	2006-06-30 01:06:50.000000000 -0400
+@@ -16,6 +16,7 @@
+ #include <X11/Xmd.h>
+ #include <X11/extensions/xf86dga.h>
+ #include <ctype.h>
++#include <errno.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <signal.h>
+@@ -141,7 +142,10 @@
+ 
+ #ifndef __UNIXOS2__
+    /* Give up root privs */
+-   setuid(getuid());
++   if (setuid(getuid()) == -1) {
++      fprintf(stderr, "Unable to change uid: %s\n", strerror(errno));
++      exit(2);
++   }
+ #endif
+ 
+    XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);
+Index: xbase-clients/xinit/xinit.c
+===================================================================
+--- xbase-clients.orig/xinit/xinit.c	2006-06-30 01:07:11.000000000 -0400
++++ xbase-clients/xinit/xinit.c	2006-06-30 01:07:49.000000000 -0400
+@@ -692,7 +692,10 @@
+ startClient(char *client[])
+ {
+ 	if ((clientpid = vfork()) == 0) {
+-		setuid(getuid());
++        if (setuid(getuid()) == -1) {
++            Error("cannot change uid: %s\n", strerror(errno));
++            _exit(ERR_EXIT);
++        }
+ 		setpgrp(0, getpid());
+ 		environ = newenviron;
+ #ifdef __UNIXOS2__
+Index: xbase-clients/xload-X11R7.0-1.0.1/xload.c
+===================================================================
+--- xbase-clients.orig/xload-X11R7.0-1.0.1/xload.c	2006-06-30 01:08:01.000000000 -0400
++++ xbase-clients/xload-X11R7.0-1.0.1/xload.c	2006-06-30 01:08:51.000000000 -0400
+@@ -35,6 +35,7 @@
+  */
+ 
+ 
++#include <errno.h>
+ #include <stdio.h> 
+ #include <stdlib.h>
+ #include <unistd.h>
+@@ -162,8 +163,17 @@
+     /* For security reasons, we reset our uid/gid after doing the necessary
+        system initialization and before calling any X routines. */
+     InitLoadPoint();
+-    setgid(getgid());		/* reset gid first while still (maybe) root */
+-    setuid(getuid());
++    /* reset gid first while still (maybe) root */
++    if (setgid(getgid()) == -1) {
++       fprintf(stderr, "%s: setgid failed: %s\n", 
++       ProgramName, strerror(errno));
++       exit(1);
++    }
++    if (setuid(getuid()) == -1) {
++       fprintf(stderr, "%s: setuid failed: %s\n", 
++       ProgramName, strerror(errno));
++       exit(1);
++    }
+ 
+     XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);
+ 

Modified: trunk/app/xbase-clients/debian/patches/series
===================================================================
--- trunk/app/xbase-clients/debian/patches/series	2006-06-30 05:04:00 UTC (rev 2360)
+++ trunk/app/xbase-clients/debian/patches/series	2006-06-30 05:13:43 UTC (rev 2361)
@@ -10,3 +10,4 @@
 11_xkb_documentation_updates.diff -p0
 12_startx_paths.diff
 pkgconfig_naughtiness -p0
+14_SECURITY_setuid.diff

Reply to:

Prev by Date: X Strike Force X.Org X11 SVN commit: r2360 - in trunk/debian/xorg/debian: . po
Next by Date: Bug#366245: X crashes with Sig 11 when switching from console to GUI using Alt + Fn keys
Previous by thread: X Strike Force X.Org X11 SVN commit: r2360 - in trunk/debian/xorg/debian: . po
Next by thread: Bug#366245: X crashes with Sig 11 when switching from console to GUI using Alt + Fn keys
Index(es):
- Date
- Thread