X Strike Force X.Org X11 SVN commit: r2363 - in trunk/lib/xtrans/debian: . patches
Author: dnusinow
Date: 2006-06-30 02:07:11 -0400 (Fri, 30 Jun 2006)
New Revision: 2363
Added:
trunk/lib/xtrans/debian/patches/03_SECURITY_setuid.diff
Modified:
trunk/lib/xtrans/debian/changelog
trunk/lib/xtrans/debian/patches/series
Log:
* Security update. Fix for setuid privledge escalation vulernabilities.
See http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for
the full advisory.
Modified: trunk/lib/xtrans/debian/changelog
===================================================================
--- trunk/lib/xtrans/debian/changelog 2006-06-30 05:59:40 UTC (rev 2362)
+++ trunk/lib/xtrans/debian/changelog 2006-06-30 06:07:11 UTC (rev 2363)
@@ -1,3 +1,11 @@
+xtrans (1.0.0-6) unstable; urgency=high
+
+ * Security update. Fix for setuid privledge escalation vulernabilities.
+ See http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for
+ the full advisory.
+
+ -- David Nusinow <dnusinow@debian.org> Fri, 30 Jun 2006 02:06:09 -0400
+
xtrans (1.0.0-5) unstable; urgency=low
* Reorder makeshlib command in rules file so that ldconfig is run
Added: trunk/lib/xtrans/debian/patches/03_SECURITY_setuid.diff
===================================================================
--- trunk/lib/xtrans/debian/patches/03_SECURITY_setuid.diff 2006-06-30 05:59:40 UTC (rev 2362)
+++ trunk/lib/xtrans/debian/patches/03_SECURITY_setuid.diff 2006-06-30 06:07:11 UTC (rev 2363)
@@ -0,0 +1,31 @@
+Index: xtrans/Xtranslcl.c
+===================================================================
+--- xtrans.orig/Xtranslcl.c 2006-06-30 02:02:58.000000000 -0400
++++ xtrans/Xtranslcl.c 2006-06-30 02:04:46.000000000 -0400
+@@ -360,7 +360,10 @@
+ uid_t saved_euid;
+
+ saved_euid = geteuid();
+- setuid( getuid() ); /** sets the euid to the actual/real uid **/
++ /** sets the euid to the actual/real uid **/
++ if (setuid( getuid() ) == -1) {
++ exit(1);
++ }
+ if( chown( slave, saved_euid, -1 ) < 0 ) {
+ exit( 1 );
+ }
+@@ -369,7 +372,13 @@
+ }
+
+ waitpid(saved_pid, &exitval, 0);
+-
++ if (WIFEXITED(exitval) && WEXITSTATUS(exitval) != 0) {
++ close(fd);
++ close(server);
++ PRMSG(1, "PTSOpenClient: cannot set the owner of %s\n",
++ slave, 0, 0);
++ return(-1);
++ }
+ if (chmod(slave, 0666) < 0) {
+ close(fd);
+ close(server);
Modified: trunk/lib/xtrans/debian/patches/series
===================================================================
--- trunk/lib/xtrans/debian/patches/series 2006-06-30 05:59:40 UTC (rev 2362)
+++ trunk/lib/xtrans/debian/patches/series 2006-06-30 06:07:11 UTC (rev 2363)
@@ -1,2 +1,3 @@
01_hurd_maxhostnamelen.diff -p3
02_gnu-kbsd_sock_un.diff -p0
+03_SECURITY_setuid.diff
Reply to: