aboutsummaryrefslogtreecommitdiffstats
path: root/main/xorg-server
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2011-12-22 13:36:16 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2011-12-22 13:36:16 +0000
commit32122d96f3056f03a88facdb5acfec2debc35ce6 (patch)
treebbc11a16699ecacf648a15fdaff2476591d1e9bd /main/xorg-server
parentc2e8048e9057cba684d3df7ba2ebc3354d1d34d2 (diff)
downloadaports-32122d96f3056f03a88facdb5acfec2debc35ce6.tar.bz2
aports-32122d96f3056f03a88facdb5acfec2debc35ce6.tar.xz
main/xorg-server: security fix (CVE-2011-4029)
fixes #883
Diffstat (limited to 'main/xorg-server')
-rw-r--r--main/xorg-server/APKBUILD7
-rw-r--r--main/xorg-server/cve-2011-4029.patch27
2 files changed, 31 insertions, 3 deletions
diff --git a/main/xorg-server/APKBUILD b/main/xorg-server/APKBUILD
index d6b2cd33d7..821c4493a9 100644
--- a/main/xorg-server/APKBUILD
+++ b/main/xorg-server/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=xorg-server
pkgver=1.10.4
-pkgrel=0
+pkgrel=1
pkgdesc="X.Org X servers"
url="http://xorg.freedesktop.org"
arch="all"
@@ -62,7 +62,7 @@ source="http://xorg.freedesktop.org/releases/individual/xserver/$pkgname-$pkgver
xorg-redhat-die-ugly-pattern-die-die-die.patch
bg-none-revert.patch
xserver-1.10-pointer-barriers.patch
-
+ cve-2011-4029.patch
"
depends_dev="pixman-dev libpciaccess-dev xproto randrproto renderproto
@@ -154,4 +154,5 @@ xephyr() {
md5sums="94f23d30a77d63e27dd209a57fccfebf xorg-server-1.10.4.tar.bz2
222de594206d1148a90eddfda4f7a11a xorg-redhat-die-ugly-pattern-die-die-die.patch
030dd3ec221b895de3057d7513d8c1d7 bg-none-revert.patch
-db48cea655c7bccec9171c5df1558a64 xserver-1.10-pointer-barriers.patch"
+db48cea655c7bccec9171c5df1558a64 xserver-1.10-pointer-barriers.patch
+09ecdf3b4e49bd2490946ac15b464535 cve-2011-4029.patch"
diff --git a/main/xorg-server/cve-2011-4029.patch b/main/xorg-server/cve-2011-4029.patch
new file mode 100644
index 0000000000..aa75f60791
--- /dev/null
+++ b/main/xorg-server/cve-2011-4029.patch
@@ -0,0 +1,27 @@
+From b67581cf825940fdf52bf2e0af4330e695d724a4 Mon Sep 17 00:00:00 2001
+From: Matthieu Herrb <matthieu.herrb@laas.fr>
+Date: Mon, 17 Oct 2011 20:27:35 +0000
+Subject: Fix CVE-2011-4029: File permission change vulnerability.
+
+Use fchmod() to change permissions of the lock file instead
+of chmod(), thus avoid the race that can be exploited to set
+a symbolic link to any file or directory in the system.
+
+Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
+Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
+---
+diff --git a/os/utils.c b/os/utils.c
+index fe49254..07cf4c2 100644
+--- a/os/utils.c
++++ b/os/utils.c
+@@ -297,7 +297,7 @@ LockServer(void)
+ FatalError("Could not create lock file in %s\n", tmp);
+ (void) sprintf(pid_str, "%10ld\n", (long)getpid());
+ (void) write(lfd, pid_str, 11);
+- (void) chmod(tmp, 0444);
++ (void) fchmod(lfd, 0444);
+ (void) close(lfd);
+
+ /*
+--
+cgit v0.9.0.2-2-gbebe