diff options
| author | tron <tron@pkgsrc.org> | 2008-05-22 12:30:44 +0000 |
|---|---|---|
| committer | tron <tron@pkgsrc.org> | 2008-05-22 12:30:44 +0000 |
| commit | 47b0ab48234023bdbacd768dfaa2d8076feb7384 (patch) | |
| tree | fd25a8571f45fa248ea3d06aa9f64189e3efbf82 | |
| parent | 67610ce5164d2f7c3cf4112ab6dbd2ed0df791a1 (diff) | |
| download | pkgsrc-47b0ab48234023bdbacd768dfaa2d8076feb7384.tar.gz | |
Don't try to use the X11 display ":0" if the display not defined because
":0" might not belong to current user. This fixes CVE-2008-1142.
| -rw-r--r-- | x11/wterm/Makefile | 4 | ||||
| -rw-r--r-- | x11/wterm/distinfo | 3 | ||||
| -rw-r--r-- | x11/wterm/patches/patch-af | 17 |
3 files changed, 21 insertions, 3 deletions
diff --git a/x11/wterm/Makefile b/x11/wterm/Makefile index 311deee7c2e..88202f24e56 100644 --- a/x11/wterm/Makefile +++ b/x11/wterm/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.34 2008/01/15 12:52:51 obache Exp $ +# $NetBSD: Makefile,v 1.35 2008/05/22 12:30:44 tron Exp $ DISTNAME= wterm-6.2.9 -PKGREVISION= 7 +PKGREVISION= 8 CATEGORIES= x11 windowmaker MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=wterm/} diff --git a/x11/wterm/distinfo b/x11/wterm/distinfo index c3fc547aa8c..6fd1b2253eb 100644 --- a/x11/wterm/distinfo +++ b/x11/wterm/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.10 2008/01/15 12:52:51 obache Exp $ +$NetBSD: distinfo,v 1.11 2008/05/22 12:30:44 tron Exp $ SHA1 (wterm-6.2.9.tar.gz) = e3624d44c70f143ec77a6089ce4074357a9c3ae8 RMD160 (wterm-6.2.9.tar.gz) = 954c6264998456e90a62e25089fb5adc3924b2a8 @@ -8,3 +8,4 @@ SHA1 (patch-ab) = b0103999bf2d38e61d46772d0396c45102e8f559 SHA1 (patch-ac) = 5dd3db02b265872c6cfb8dc8e47957c3bdfe8224 SHA1 (patch-ad) = 2f5e03a8f8096358050cf5fb9f27b5e590d77f58 SHA1 (patch-ae) = 55237ec4c7aa49c313cc0811f345249eeff0f0ed +SHA1 (patch-af) = f11833b22911f758e7bba214ec6e2bb6943c0f90 diff --git a/x11/wterm/patches/patch-af b/x11/wterm/patches/patch-af new file mode 100644 index 00000000000..223e200fe92 --- /dev/null +++ b/x11/wterm/patches/patch-af @@ -0,0 +1,17 @@ +$NetBSD: patch-af,v 1.1 2008/05/22 12:30:44 tron Exp $ + +--- src/main.c.orig 2001-08-17 05:47:41.000000000 +0100 ++++ src/main.c 2008-05-22 13:20:38.000000000 +0100 +@@ -1444,8 +1444,10 @@ + /* + * Open display, get options/resources and create the window + */ +- if ((display_name = getenv("DISPLAY")) == NULL) +- display_name = ":0"; ++ if ((display_name = getenv("DISPLAY")) == NULL) { ++ print_error("display not defined"); ++ exit(EXIT_FAILURE); ++ } + + get_options(argc, argv); + |