diff options
| author | markd <markd@pkgsrc.org> | 2011-11-19 21:12:05 +0000 |
|---|---|---|
| committer | markd <markd@pkgsrc.org> | 2011-11-19 21:12:05 +0000 |
| commit | fbff24072daa770bdf33adede21d4ef5611e6125 (patch) | |
| tree | 1b1a0a11f626f18f5d492d2f4794d9b3356aeb74 /x11 | |
| parent | 6825c8f56cf2f333f6cb141160ef08f68a62fe6e (diff) | |
| download | pkgsrc-fbff24072daa770bdf33adede21d4ef5611e6125.tar.gz | |
Dont allow a path in pam_service. CVE-2011-4122
Diffstat (limited to 'x11')
| -rw-r--r-- | x11/kdebase-workspace4/Makefile | 4 | ||||
| -rw-r--r-- | x11/kdebase-workspace4/distinfo | 3 | ||||
| -rw-r--r-- | x11/kdebase-workspace4/patches/patch-kcheckpass_checkpass_pam.c | 15 |
3 files changed, 19 insertions, 3 deletions
diff --git a/x11/kdebase-workspace4/Makefile b/x11/kdebase-workspace4/Makefile index dc7477f7f0a..72971f17446 100644 --- a/x11/kdebase-workspace4/Makefile +++ b/x11/kdebase-workspace4/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.30 2011/11/01 06:03:01 sbd Exp $ +# $NetBSD: Makefile,v 1.31 2011/11/19 21:12:05 markd Exp $ DISTNAME= kdebase-workspace-${_KDE_VERSION} -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= x11 COMMENT= base workspace for the KDE 4 integrated X11 desktop diff --git a/x11/kdebase-workspace4/distinfo b/x11/kdebase-workspace4/distinfo index 32c67c6715a..c2a6209066e 100644 --- a/x11/kdebase-workspace4/distinfo +++ b/x11/kdebase-workspace4/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.17 2011/01/23 07:55:16 markd Exp $ +$NetBSD: distinfo,v 1.18 2011/11/19 21:12:05 markd Exp $ SHA1 (Daemon.README) = eb1e6af52adc02ded77af17e8953134b7e60d23b RMD160 (Daemon.README) = 39edd92ed4314397080f32a8caff0ac3f716ecf4 @@ -30,3 +30,4 @@ SHA1 (patch-cb) = 8bfcc8b7e91eafd6b444f4103d3860fb6434a535 SHA1 (patch-cc) = f0c92eb5edc2690008d028652820cad77bf50b07 SHA1 (patch-cd) = c9e7b32b39b8191f5f54a799bdfa7009136429f9 SHA1 (patch-ce) = b02c04dae0005bec33a13ecf09254d35a0e4cd0b +SHA1 (patch-kcheckpass_checkpass_pam.c) = 7c897fe7fa078a7027a08de5de5ad4c17369f0df diff --git a/x11/kdebase-workspace4/patches/patch-kcheckpass_checkpass_pam.c b/x11/kdebase-workspace4/patches/patch-kcheckpass_checkpass_pam.c new file mode 100644 index 00000000000..8615f1a6524 --- /dev/null +++ b/x11/kdebase-workspace4/patches/patch-kcheckpass_checkpass_pam.c @@ -0,0 +1,15 @@ +$NetBSD: patch-kcheckpass_checkpass_pam.c,v 1.1 2011/11/19 21:12:05 markd Exp $ + +Don't all pam_service to be a path. + +--- kcheckpass/checkpass_pam.c.orig 2009-10-06 21:37:13.000000000 +0000 ++++ kcheckpass/checkpass_pam.c +@@ -147,6 +147,8 @@ AuthReturn Authenticate(const char *call + /* PAM_data.classic = 1; */ + pam_service = caller; + } ++ if (strchr(pam_service, '/')) /* service shouldn't be a path */ ++ return AuthError; + pam_error = pam_start(pam_service, user, &PAM_conversation, &pamh); + if (pam_error != PAM_SUCCESS) + return AuthError; |