X Strike Force X.Org X11 SVN commit: r2363 - in trunk/lib/xtrans/debian: . patches

To: debian-x@lists.debian.org
Subject: X Strike Force X.Org X11 SVN commit: r2363 - in trunk/lib/xtrans/debian: . patches
From: X Strike Force SVN Repository Admin <branden+svnadmin@deadbeast.net>
Date: Fri, 30 Jun 2006 02:07:12 -0400 (EDT)
Message-id: <[🔎] 20060630060712.3418B5C06F@necrotic.deadbeast.net>
Mail-followup-to: debian-x@lists.debian.org

Author: dnusinow
Date: 2006-06-30 02:07:11 -0400 (Fri, 30 Jun 2006)
New Revision: 2363

Added:
   trunk/lib/xtrans/debian/patches/03_SECURITY_setuid.diff
Modified:
   trunk/lib/xtrans/debian/changelog
   trunk/lib/xtrans/debian/patches/series
Log:
* Security update. Fix for setuid privledge escalation vulernabilities.
  See http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for
  the full advisory.

Modified: trunk/lib/xtrans/debian/changelog
===================================================================
--- trunk/lib/xtrans/debian/changelog	2006-06-30 05:59:40 UTC (rev 2362)
+++ trunk/lib/xtrans/debian/changelog	2006-06-30 06:07:11 UTC (rev 2363)
@@ -1,3 +1,11 @@
+xtrans (1.0.0-6) unstable; urgency=high
+
+  * Security update. Fix for setuid privledge escalation vulernabilities.
+    See http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for
+    the full advisory.
+
+ -- David Nusinow <dnusinow@debian.org>  Fri, 30 Jun 2006 02:06:09 -0400
+
 xtrans (1.0.0-5) unstable; urgency=low
 
   * Reorder makeshlib command in rules file so that ldconfig is run

Added: trunk/lib/xtrans/debian/patches/03_SECURITY_setuid.diff
===================================================================
--- trunk/lib/xtrans/debian/patches/03_SECURITY_setuid.diff	2006-06-30 05:59:40 UTC (rev 2362)
+++ trunk/lib/xtrans/debian/patches/03_SECURITY_setuid.diff	2006-06-30 06:07:11 UTC (rev 2363)
@@ -0,0 +1,31 @@
+Index: xtrans/Xtranslcl.c
+===================================================================
+--- xtrans.orig/Xtranslcl.c	2006-06-30 02:02:58.000000000 -0400
++++ xtrans/Xtranslcl.c	2006-06-30 02:04:46.000000000 -0400
+@@ -360,7 +360,10 @@
+ 	uid_t       saved_euid;
+ 
+ 	saved_euid = geteuid();
+-	setuid( getuid() ); /** sets the euid to the actual/real uid **/
++    /** sets the euid to the actual/real uid **/
++    if (setuid( getuid() ) == -1) {
++        exit(1);
++    }
+ 	if( chown( slave, saved_euid, -1 ) < 0 ) {
+ 		exit( 1 );
+ 		}
+@@ -369,7 +372,13 @@
+     }
+ 
+     waitpid(saved_pid, &exitval, 0);
+-
++    if (WIFEXITED(exitval) && WEXITSTATUS(exitval) != 0) {
++         close(fd);
++         close(server);
++         PRMSG(1, "PTSOpenClient: cannot set the owner of %s\n",
++               slave, 0, 0);
++         return(-1);
++    }
+     if (chmod(slave, 0666) < 0) {
+ 	close(fd);
+ 	close(server);

Modified: trunk/lib/xtrans/debian/patches/series
===================================================================
--- trunk/lib/xtrans/debian/patches/series	2006-06-30 05:59:40 UTC (rev 2362)
+++ trunk/lib/xtrans/debian/patches/series	2006-06-30 06:07:11 UTC (rev 2363)
@@ -1,2 +1,3 @@
 01_hurd_maxhostnamelen.diff -p3
 02_gnu-kbsd_sock_un.diff -p0
+03_SECURITY_setuid.diff

Reply to:

Prev by Date: X Strike Force X.Org X11 SVN commit: r2362 - tags/app/xbase-clients
Next by Date: X Strike Force X.Org X11 SVN commit: r2364 - trunk/lib/xtrans/debian
Previous by thread: X Strike Force X.Org X11 SVN commit: r2362 - tags/app/xbase-clients
Next by thread: X Strike Force X.Org X11 SVN commit: r2364 - trunk/lib/xtrans/debian
Index(es):
- Date
- Thread