summaryrefslogtreecommitdiff
path: root/x11/xorg-libs
diff options
context:
space:
mode:
authorjoerg <joerg@pkgsrc.org>2006-03-20 21:34:59 +0000
committerjoerg <joerg@pkgsrc.org>2006-03-20 21:34:59 +0000
commit567b4c2d52b5f772fb2a26efc22f59c4ab70dd6b (patch)
treead1fd0060539797c22252edab00295f024a6c415 /x11/xorg-libs
parentebb1f30e89f17dbca103a3652f677492189e5d46 (diff)
downloadpkgsrc-567b4c2d52b5f772fb2a26efc22f59c4ab70dd6b.tar.gz
Fix CVE-2006-0745: Comparing the address of geteuid and 0 to detect
whether the server was started by non-root is not likely to ever work. This could allow a local user to override system files or run arbitrary code. Patch from the original advisory. Bump revision of xorg-server.
Diffstat (limited to 'x11/xorg-libs')
-rw-r--r--x11/xorg-libs/distinfo3
-rw-r--r--x11/xorg-libs/patches/patch-bm20
2 files changed, 22 insertions, 1 deletions
diff --git a/x11/xorg-libs/distinfo b/x11/xorg-libs/distinfo
index 1b64034d567..ddc3931431c 100644
--- a/x11/xorg-libs/distinfo
+++ b/x11/xorg-libs/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.37 2006/03/02 23:57:14 joerg Exp $
+$NetBSD: distinfo,v 1.38 2006/03/20 21:34:59 joerg Exp $
SHA1 (X11R6.9.0-src1.tar.gz) = a6c077ed8fdeee5fe1956a427c4cb0bc266e1bef
RMD160 (X11R6.9.0-src1.tar.gz) = d12270a4f41a3ceee4bfd5da22d387a3aa707df8
@@ -43,3 +43,4 @@ SHA1 (patch-be) = b9bc7d05429652400343609b123c99c76f64b33a
SHA1 (patch-bf) = 753c56b84a6859fa4048d88a53f9c04400525d72
SHA1 (patch-bg) = 3db63fcbe81d9f801ccac6353ad4a213a15c3ffe
SHA1 (patch-bl) = ccfd290ebffc08b9cd03b7eb83a9671b0e16baec
+SHA1 (patch-bm) = f9b73b7c1bd7d6d6db6d23741d5d1125eea5f860
diff --git a/x11/xorg-libs/patches/patch-bm b/x11/xorg-libs/patches/patch-bm
new file mode 100644
index 00000000000..afb7d4de763
--- /dev/null
+++ b/x11/xorg-libs/patches/patch-bm
@@ -0,0 +1,20 @@
+--- programs/Xserver/hw/xfree86/common/xf86Init.c.orig 2006-03-17 23:30:10.000000000 +0200
++++ programs/Xserver/hw/xfree86/common/xf86Init.c 2006-03-17 23:29:35.000000000 +0200
+@@ -1376,7 +1376,7 @@
+ }
+
+ /* First the options that are only allowed for root */
+- if (getuid() == 0 || geteuid != 0)
++ if (getuid() == 0 || geteuid() != 0)
+ {
+ if (!strcmp(argv[i], "-modulepath"))
+ {
+@@ -1679,7 +1679,7 @@
+ }
+ if (!strcmp(argv[i], "-configure"))
+ {
+- if (getuid() != 0 && geteuid == 0) {
++ if (getuid() != 0 && geteuid() == 0) {
+ ErrorF("The '-configure' option can only be used by root.\n");
+ exit(1);
+ }