diff options
author | tron <tron@pkgsrc.org> | 2011-11-20 08:39:14 +0000 |
---|---|---|
committer | tron <tron@pkgsrc.org> | 2011-11-20 08:39:14 +0000 |
commit | 1f8bea46aeb3535516cd15aa5194bdf246e05b41 (patch) | |
tree | 72c6ba9996accf7ca3a88fe94cf72878f57b276b | |
parent | d68ed7f0e8961c20d87c5ee97fa8fec52ed0313e (diff) | |
download | pkgsrc-1f8bea46aeb3535516cd15aa5194bdf246e05b41.tar.gz |
Pullup ticket #3611 - requested by markd
x11/kdebase-workspace4: security patch
Revisions pulled up:
- x11/kdebase-workspace4/Makefile 1.31 via patch
- x11/kdebase-workspace4/distinfo 1.18
- x11/kdebase-workspace4/patches/patch-kcheckpass_checkpass_pam.c 1.1
---
Module Name: pkgsrc
Committed By: markd
Date: Sat Nov 19 21:12:05 UTC 2011
Modified Files:
pkgsrc/x11/kdebase-workspace4: Makefile distinfo
Added Files:
pkgsrc/x11/kdebase-workspace4/patches: patch-kcheckpass_checkpass_pam.c
Log Message:
Dont allow a path in pam_service. CVE-2011-4122
-rw-r--r-- | x11/kdebase-workspace4/Makefile | 4 | ||||
-rw-r--r-- | x11/kdebase-workspace4/distinfo | 3 | ||||
-rw-r--r-- | x11/kdebase-workspace4/patches/patch-kcheckpass_checkpass_pam.c | 15 |
3 files changed, 19 insertions, 3 deletions
diff --git a/x11/kdebase-workspace4/Makefile b/x11/kdebase-workspace4/Makefile index fa5b107c976..ddc9ff4fb3a 100644 --- a/x11/kdebase-workspace4/Makefile +++ b/x11/kdebase-workspace4/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.28 2011/04/22 13:42:35 obache Exp $ +# $NetBSD: Makefile,v 1.28.4.1 2011/11/20 08:39:14 tron Exp $ DISTNAME= kdebase-workspace-${_KDE_VERSION} -PKGREVISION= 1 +PKGREVISION= 4 CATEGORIES= x11 COMMENT= base workspace for the KDE 4 integrated X11 desktop diff --git a/x11/kdebase-workspace4/distinfo b/x11/kdebase-workspace4/distinfo index 32c67c6715a..a07b2b06c95 100644 --- a/x11/kdebase-workspace4/distinfo +++ b/x11/kdebase-workspace4/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.17 2011/01/23 07:55:16 markd Exp $ +$NetBSD: distinfo,v 1.17.6.1 2011/11/20 08:39:14 tron Exp $ SHA1 (Daemon.README) = eb1e6af52adc02ded77af17e8953134b7e60d23b RMD160 (Daemon.README) = 39edd92ed4314397080f32a8caff0ac3f716ecf4 @@ -30,3 +30,4 @@ SHA1 (patch-cb) = 8bfcc8b7e91eafd6b444f4103d3860fb6434a535 SHA1 (patch-cc) = f0c92eb5edc2690008d028652820cad77bf50b07 SHA1 (patch-cd) = c9e7b32b39b8191f5f54a799bdfa7009136429f9 SHA1 (patch-ce) = b02c04dae0005bec33a13ecf09254d35a0e4cd0b +SHA1 (patch-kcheckpass_checkpass_pam.c) = 7c897fe7fa078a7027a08de5de5ad4c17369f0df diff --git a/x11/kdebase-workspace4/patches/patch-kcheckpass_checkpass_pam.c b/x11/kdebase-workspace4/patches/patch-kcheckpass_checkpass_pam.c new file mode 100644 index 00000000000..058a8f16718 --- /dev/null +++ b/x11/kdebase-workspace4/patches/patch-kcheckpass_checkpass_pam.c @@ -0,0 +1,15 @@ +$NetBSD: patch-kcheckpass_checkpass_pam.c,v 1.1.2.2 2011/11/20 08:39:14 tron Exp $ + +Don't all pam_service to be a path. + +--- kcheckpass/checkpass_pam.c.orig 2009-10-06 21:37:13.000000000 +0000 ++++ kcheckpass/checkpass_pam.c +@@ -147,6 +147,8 @@ AuthReturn Authenticate(const char *call + /* PAM_data.classic = 1; */ + pam_service = caller; + } ++ if (strchr(pam_service, '/')) /* service shouldn't be a path */ ++ return AuthError; + pam_error = pam_start(pam_service, user, &PAM_conversation, &pamh); + if (pam_error != PAM_SUCCESS) + return AuthError; |