summaryrefslogtreecommitdiff
path: root/x11/eterm
diff options
context:
space:
mode:
authortonnerre <tonnerre@pkgsrc.org>2008-04-03 22:42:33 +0000
committertonnerre <tonnerre@pkgsrc.org>2008-04-03 22:42:33 +0000
commit8fd5e453004bb332ac5a7c1a70b07c481897a771 (patch)
treef706fab8c2bd9ab550708e770e0b4c273652df95 /x11/eterm
parent2ce9a60bf67b6ab6a92ff4f7b02e8418736ddc1e (diff)
downloadpkgsrc-8fd5e453004bb332ac5a7c1a70b07c481897a771.tar.gz
Fix eterm default X11 display vulnerability (CVE-2008-1142).
Approved-by: jlam
Diffstat (limited to 'x11/eterm')
-rw-r--r--x11/eterm/Makefile3
-rw-r--r--x11/eterm/distinfo3
-rw-r--r--x11/eterm/patches/patch-ac30
3 files changed, 34 insertions, 2 deletions
diff --git a/x11/eterm/Makefile b/x11/eterm/Makefile
index 8a1ab91253a..62ec9ef807b 100644
--- a/x11/eterm/Makefile
+++ b/x11/eterm/Makefile
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.51 2007/01/14 11:07:34 joerg Exp $
+# $NetBSD: Makefile,v 1.52 2008/04/03 22:42:33 tonnerre Exp $
DISTNAME= Eterm-0.9.4
PKGNAME= ${DISTNAME:S/^E/e/}
+PKGREVISION= 1
CATEGORIES= x11
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=eterm/} \
ftp://ftp.dti.ad.jp/pub/X/Eterm/
diff --git a/x11/eterm/distinfo b/x11/eterm/distinfo
index bc85d9e758e..1d8a9beefe4 100644
--- a/x11/eterm/distinfo
+++ b/x11/eterm/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.15 2006/11/25 14:01:18 sketch Exp $
+$NetBSD: distinfo,v 1.16 2008/04/03 22:42:33 tonnerre Exp $
SHA1 (Eterm-0.9.4.tar.gz) = d63628098b3aa08c8f2bc1bd756683e5fd227995
RMD160 (Eterm-0.9.4.tar.gz) = ce5d7ba74b19e3c8992d104d00f10302c3e8150e
@@ -14,6 +14,7 @@ RMD160 (Eterm-bg-tile.tar.gz) = 43761cc527730a0305fd857fad1316b8fd04eefe
Size (Eterm-bg-tile.tar.gz) = 1568166 bytes
SHA1 (patch-aa) = 19da5e05392994a60fdf47e9d52c82fc41cefa4c
SHA1 (patch-ab) = d019a18bb32f890d6de7c5bb0cdb43e7715a7d4d
+SHA1 (patch-ac) = eaeed9066b546d563f7b0404afbdb9e9737d8f63
SHA1 (patch-ad) = f70a92e4eb84466e379653cbd3a9188db6d408c8
SHA1 (patch-ah) = e9a924abff857448a6d7c9281915bcf001b7451c
SHA1 (patch-ai) = 94d684a490752831de2fb2aba92c0b9f461ddb5a
diff --git a/x11/eterm/patches/patch-ac b/x11/eterm/patches/patch-ac
new file mode 100644
index 00000000000..ba68c5f4ea5
--- /dev/null
+++ b/x11/eterm/patches/patch-ac
@@ -0,0 +1,30 @@
+$NetBSD: patch-ac,v 1.6 2008/04/03 22:42:33 tonnerre Exp $
+
+Fix X11 privilege escalation vulnerability (CVE-2008-1142).
+
+--- src/startup.c.orig 2008-03-31 19:27:46.000000000 +0200
++++ src/startup.c
+@@ -95,11 +95,7 @@ eterm_bootstrap(int argc, char *argv[])
+ init_libast();
+
+ /* Open display, get options/resources and create the window */
+- if (getenv("DISPLAY") == NULL) {
+- display_name = STRDUP(":0");
+- } else {
+- display_name = STRDUP(getenv("DISPLAY"));
+- }
++ display_name = NULL;
+
+ /* This MUST be called before any other Xlib functions */
+ #ifdef SPIFOPT_SETTING_PREPARSE
+@@ -116,7 +112,9 @@ eterm_bootstrap(int argc, char *argv[])
+ privileges(REVERT);
+ #endif
+ if (!Xdisplay && !(Xdisplay = XOpenDisplay(display_name))) {
+- libast_print_error("can't open display %s\n", display_name);
++ libast_print_error("can't open display %s\n", display_name?display_name:
++ getenv("DISPLAY")?getenv("DISPLAY"):
++ "as no -display given and DISPLAY not set");
+ exit(EXIT_FAILURE);
+ }
+ XSetErrorHandler((XErrorHandler) xerror_handler);