Imported Debian patch 4.0.3-11+lenny1debian/4.0.3-11+lenny1

4 files changed, 48 insertions, 29 deletions

diff --git a/debian/changelog b/debian/changelog
index f5fc36d..b7f3a0b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+screen (4.0.3-11+lenny1) stable; urgency=high
+
+  * Security upload.
+  * Change the fix for #433338 so symlink attacks against the
+    public exchange file are prevented again. Closes: #521123.
+    Tracked as CVE-2009-1214 and CVE-2009-1215.
+
+ -- Jan Christoph Nordholz <hesso@pool.math.tu-berlin.de>  Thu, 04 Apr 2009 02:10:09 +0200
+
 screen (4.0.3-11) unstable; urgency=low
 
   * Unbreak <End> and <^A Bksp> using a patch from Loïc Minier
diff --git a/debian/patches/00list b/debian/patches/00list
index 901adc6..5f9b585 100644
--- a/debian/patches/00list
+++ b/debian/patches/00list
@@ -21,7 +21,7 @@
 19flowcontrol_lockup
 20defmonitor
 21manpage_nethack_activation
-22no_public_exchange
+22exchange_file_mode
 23exitcode_q_ls
 24option_parser
 25allow_symlink_sockdir
diff --git a/debian/patches/22exchange_file_mode.dpatch b/debian/patches/22exchange_file_mode.dpatch
new file mode 100644
index 0000000..730bf31
--- /dev/null
+++ b/debian/patches/22exchange_file_mode.dpatch
@@ -0,0 +1,38 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## 22exchange_file_mode.dpatch by  <hesso@pool.math.tu-berlin.de>
+##
+## DP: Make it a bit harder to shoot oneself in the foot by
+## DP: keeping the umask tight by default when creating the
+## DP: screen exchange file. Fearless users may still chmod it.
+
+@DPATCH@
+--- screen-4.0.3.orig/fileio.c	2009-04-02 02:01:23.530568088 +0200
++++ screen-4.0.3/fileio.c	2009-04-02 02:02:18.155521670 +0200
+@@ -367,11 +367,6 @@
+   char *mode = "w";
+ #ifdef COPY_PASTE
+   int public = 0;
+-# ifdef _MODE_T
+-  mode_t old_umask;
+-# else
+-  int old_umask;
+-# endif
+ # ifdef HAVE_LSTAT
+   struct stat stb, stb2;
+   int fd, exists = 0;
+@@ -434,7 +429,6 @@
+ #ifdef COPY_PASTE
+       if (dump == DUMP_EXCHANGE && public)
+ 	{
+-          old_umask = umask(0);
+ # ifdef HAVE_LSTAT
+ 	  if (exists)
+ 	    {
+@@ -455,7 +449,6 @@
+ # else
+           f = fopen(fn, mode);
+ # endif
+-          umask(old_umask);
+ 	}
+       else
+ #endif /* COPY_PASTE */
diff --git a/debian/patches/22no_public_exchange.dpatch b/debian/patches/22no_public_exchange.dpatch
deleted file mode 100644
index 2fcc489..0000000
--- a/debian/patches/22no_public_exchange.dpatch
+++ /dev/null
@@ -1,28 +0,0 @@
-#! /bin/sh /usr/share/dpatch/dpatch-run
-## 22no_public_exchange.dpatch by  <hesso@pool.math.tu-berlin.de>
-##
-## All lines beginning with `## DP:' are a description of the patch.
-## DP: No description.
-
-@DPATCH@
-diff -Naur screen-4.0.3.orig/fileio.c screen-4.0.3/fileio.c
---- screen-4.0.3.orig/fileio.c	2008-06-01 23:39:49.000000000 +0200
-+++ screen-4.0.3/fileio.c	2008-06-01 23:44:58.000000000 +0200
-@@ -414,7 +414,17 @@
- 	  fnbuf[sizeof(fnbuf) - 1] = 0;
- 	  fn = fnbuf;
- 	}
-+/**
-+ * I consider this 'public exchange file' feature a bad idea, at least
-+ * if this is the default case. I really don't like the idea of an admin
-+ * copying configuration file snippets around that might get changed
-+ * in that buffer file.
-+ * Drop the notion of a 'public' exchange file. If someone explictly wants
-+ * to share his copy buffer contents, he is free to chmod it after its
-+ * creation.
-+ * Jan Nordholz <hesso@pool.math.tu-berlin.de>, 2007/08/07
-       public = !strcmp(fn, DEFAULT_BUFFERFILE);
-+ */
- # ifdef HAVE_LSTAT
-       exists = !lstat(fn, &stb);
-       if (public && exists && (S_ISLNK(stb.st_mode) || stb.st_nlink > 1))