From 36841906573384932c7f82ade475bcc5325db6e2 Mon Sep 17 00:00:00 2001 From: tron Date: Wed, 1 Nov 2006 13:32:32 +0000 Subject: Make sure that a temporary has been opened with proper permissions. That fixes the security problem reported in CVE-2006-5298. --- mail/mutt/Makefile | 3 ++- mail/mutt/distinfo | 3 ++- mail/mutt/patches/patch-ad | 29 +++++++++++++++++++++++++++++ 3 files changed, 33 insertions(+), 2 deletions(-) create mode 100644 mail/mutt/patches/patch-ad (limited to 'mail') diff --git a/mail/mutt/Makefile b/mail/mutt/Makefile index 1ef5c3f257b..333c2c78402 100644 --- a/mail/mutt/Makefile +++ b/mail/mutt/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.144 2006/07/14 19:55:56 tron Exp $ +# $NetBSD: Makefile,v 1.145 2006/11/01 13:32:32 tron Exp $ DISTNAME= mutt-1.4.2.2i +PKGREVISION= 1 PKGNAME= ${DISTNAME:C/i$//} CATEGORIES= mail MASTER_SITES= ftp://ftp.mutt.org/mutt/ \ diff --git a/mail/mutt/distinfo b/mail/mutt/distinfo index ba8a5cffb93..50243082013 100644 --- a/mail/mutt/distinfo +++ b/mail/mutt/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.31 2006/07/14 19:55:56 tron Exp $ +$NetBSD: distinfo,v 1.32 2006/11/01 13:32:32 tron Exp $ SHA1 (mutt-1.4.2.2i.tar.gz) = 0ee12f734f21186b143fa96a5ea79f72397747fb RMD160 (mutt-1.4.2.2i.tar.gz) = a749c13e9b56b0f3cf09ce5eabae3fd2edce4c0a @@ -6,6 +6,7 @@ Size (mutt-1.4.2.2i.tar.gz) = 2676306 bytes SHA1 (patch-aa) = 057c11486bb855e321853a106992c8792b75b812 SHA1 (patch-ab) = 46518ebcd144bdb19da3f2238455d25544539e23 SHA1 (patch-ac) = acfece3438c1cadc43247c590045699be7212ede +SHA1 (patch-ad) = e207b279b4b6cf9bd29f5537beedb3f34453b62d SHA1 (patch-ag) = c369b0b5d4855e50a016530f81190b2cbd47cef1 SHA1 (patch-ah) = 04549728683b4250a26f6d6c7a212b8d505014d2 SHA1 (patch-ai) = 317b736d6b9a896e1ee185cce37a1c2184c02cde diff --git a/mail/mutt/patches/patch-ad b/mail/mutt/patches/patch-ad new file mode 100644 index 00000000000..2c25dcead29 --- /dev/null +++ b/mail/mutt/patches/patch-ad @@ -0,0 +1,29 @@ +$NetBSD: patch-ad,v 1.8 2006/11/01 13:32:32 tron Exp $ + +--- lib.c.orig 2002-04-29 18:12:18.000000000 +0100 ++++ lib.c 2006-11-01 13:22:51.000000000 +0000 +@@ -351,8 +351,8 @@ + struct stat osb, nsb; + int fd; + +- if ((fd = open (path, flags, 0600)) < 0) +- return fd; ++ if ((fd = open (path, flags, S_IRUSR|S_IWUSR)) < 0) ++ return (-1); + + /* make sure the file is not symlink */ + if (lstat (path, &osb) < 0 || fstat (fd, &nsb) < 0 || +@@ -363,6 +363,13 @@ + return (-1); + } + ++ /* Make sure the file is owned by us and has save permissions. */ ++ if (nsb.st_uid != geteuid() || ++ (nsb.st_mode & (S_IRWXG|S_IRWXO)) != 0) { ++ close (fd); ++ return (-1); ++ } ++ + return (fd); + } + -- cgit v1.2.3