summaryrefslogtreecommitdiff
path: root/x11
diff options
context:
space:
mode:
authormarkd <markd@pkgsrc.org>2011-11-19 21:17:27 +0000
committermarkd <markd@pkgsrc.org>2011-11-19 21:17:27 +0000
commit9d3ad7a0ae41ccb7306769331856c0a71bd38086 (patch)
tree44c8fa34b54e542b6f9ee451c9ebff50fb6a2c3d /x11
parent50b5ffa30d232b761ada7a104fd4fe403127c3bb (diff)
downloadpkgsrc-9d3ad7a0ae41ccb7306769331856c0a71bd38086.tar.gz
Dont allow a path in pam_service. CVE-2011-4122
Diffstat (limited to 'x11')
-rw-r--r--x11/kdebase3/Makefile4
-rw-r--r--x11/kdebase3/distinfo3
-rw-r--r--x11/kdebase3/patches/patch-kcheckpass_checkpass_pam.c15
3 files changed, 19 insertions, 3 deletions
diff --git a/x11/kdebase3/Makefile b/x11/kdebase3/Makefile
index 7b704e2cd7f..0e8223a5f50 100644
--- a/x11/kdebase3/Makefile
+++ b/x11/kdebase3/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.162 2011/11/01 06:03:01 sbd Exp $
+# $NetBSD: Makefile,v 1.163 2011/11/19 21:17:27 markd Exp $
DISTNAME= kdebase-${_KDE_VERSION}
-PKGREVISION= 15
+PKGREVISION= 16
CATEGORIES= x11
COMMENT= Base modules for the KDE 3 integrated X11 desktop
diff --git a/x11/kdebase3/distinfo b/x11/kdebase3/distinfo
index 950d9cecedf..bdd2c23a266 100644
--- a/x11/kdebase3/distinfo
+++ b/x11/kdebase3/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.113 2011/09/14 17:53:17 hans Exp $
+$NetBSD: distinfo,v 1.114 2011/11/19 21:17:27 markd Exp $
SHA1 (Daemon.README) = eb1e6af52adc02ded77af17e8953134b7e60d23b
RMD160 (Daemon.README) = 39edd92ed4314397080f32a8caff0ac3f716ecf4
@@ -59,4 +59,5 @@ SHA1 (patch-gc) = e02ddb93ae7aa249b3b3e68690f587b2c98255b8
SHA1 (patch-gd) = 39469384668e4ee7fc489406e2813100fc90aa9b
SHA1 (patch-ge) = 8470cf03d768d784714e926281757e9d68749360
SHA1 (patch-gf) = 78de196a700fa9cd5e221ff57c295fdb3562f931
+SHA1 (patch-kcheckpass_checkpass_pam.c) = b5dd2e50c5f1047d3c195836c8b2d06e11edea3b
SHA1 (patch-kdesud) = acc40c2d1fb65e404a7aa0dbb6eae72fa7ac6a5e
diff --git a/x11/kdebase3/patches/patch-kcheckpass_checkpass_pam.c b/x11/kdebase3/patches/patch-kcheckpass_checkpass_pam.c
new file mode 100644
index 00000000000..a267c973b81
--- /dev/null
+++ b/x11/kdebase3/patches/patch-kcheckpass_checkpass_pam.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-kcheckpass_checkpass_pam.c,v 1.1 2011/11/19 21:17:28 markd Exp $
+
+Don't allow pam_service to be a path.
+
+--- kcheckpass/checkpass_pam.c.orig 2007-10-08 09:51:09.000000000 +0000
++++ kcheckpass/checkpass_pam.c
+@@ -147,6 +147,8 @@ AuthReturn Authenticate(const char *call
+ PAM_data.classic = 1;
+ pam_service = caller;
+ }
++ if (strchr(pam_service, '/')) /* service shouldn't be a path */
++ return AuthError;
+ pam_error = pam_start(pam_service, user, &PAM_conversation, &pamh);
+ if (pam_error != PAM_SUCCESS)
+ return AuthError;
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-11 13:31:56 +0000