aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authormakc <makc@FreeBSD.org>2010-04-29 05:02:38 +0800
committermakc <makc@FreeBSD.org>2010-04-29 05:02:38 +0800
commit00f5a08639bb1a2ac619dceb98d06ba9d1ea8cb0 (patch)
tree6751ddb1f6523772fe40c523568ea2d3f323f3b7
parentaa3ed375e1987f11819cdabb8a398e0c0d51ac46 (diff)
downloadfreebsd-ports-gnome-00f5a08639bb1a2ac619dceb98d06ba9d1ea8cb0.tar.gz
freebsd-ports-gnome-00f5a08639bb1a2ac619dceb98d06ba9d1ea8cb0.tar.zst
freebsd-ports-gnome-00f5a08639bb1a2ac619dceb98d06ba9d1ea8cb0.zip
Fix KDM vulnerability.
Bump PORTREVISION. Obtained from: Debian (kdebase_3.5.9.dfsg.1-6+lenny1.diff.gz) Security: CVE-2010-0436 Security: http://www.kde.org/info/security/advisory-20100413-1.txt
Diffstat
-rw-r--r--x11/kdebase3/Makefile2
-rw-r--r--x11/kdebase3/files/patch-kdm-backend-ctrl.c47
2 files changed, 48 insertions, 1 deletions
diff --git a/x11/kdebase3/Makefile b/x11/kdebase3/Makefile
index 1879f4d5a568..b37fbc93bfc4 100644
--- a/x11/kdebase3/Makefile
+++ b/x11/kdebase3/Makefile
@@ -8,7 +8,7 @@
PORTNAME= kdebase
PORTVERSION= ${KDE_VERSION}
-PORTREVISION= 6
+PORTREVISION= 7
CATEGORIES= x11 kde
MASTER_SITES= ${MASTER_SITE_KDE}
MASTER_SITE_SUBDIR= stable/${PORTVERSION:S/.0//}/src
diff --git a/x11/kdebase3/files/patch-kdm-backend-ctrl.c b/x11/kdebase3/files/patch-kdm-backend-ctrl.c
new file mode 100644
index 000000000000..bf468d33e20d
--- /dev/null
+++ b/x11/kdebase3/files/patch-kdm-backend-ctrl.c
@@ -0,0 +1,47 @@
+--- ./kdm/backend/ctrl.c.orig 2007-01-15 14:32:23.000000000 +0300
++++ ./kdm/backend/ctrl.c 2010-04-28 23:00:11.560932810 +0400
+@@ -140,22 +140,24 @@
+ if (strlen( cr->path ) >= sizeof(sa.sun_path))
+ LogError( "path %\"s too long; no control sockets will be available\n",
+ cr->path );
+- else if (mkdir( sockdir, 0755 ) && errno != EEXIST)
++ else if (mkdir( sockdir, 0700 ) && errno != EEXIST)
+ LogError( "mkdir %\"s failed; no control sockets will be available\n",
+ sockdir );
++ else if (unlink( cr->path ) && errno != ENOENT)
++ LogError( "unlink %\"s failed: %m; control socket will not be available\n",
++ cr->path );
+ else {
+- if (!d)
+- chown( sockdir, -1, fifoGroup );
+- chmod( sockdir, 0750 );
+ if ((cr->fd = socket( PF_UNIX, SOCK_STREAM, 0 )) < 0)
+ LogError( "Cannot create control socket\n" );
+ else {
+- unlink( cr->path );
+ sa.sun_family = AF_UNIX;
+ strcpy( sa.sun_path, cr->path );
+ if (!bind( cr->fd, (struct sockaddr *)&sa, sizeof(sa) )) {
+ if (!listen( cr->fd, 5 )) {
+- chmod( cr->path, 0666 );
++ chmod( cr->path, 0660 );
++ if (!d)
++ chown( cr->path, -1, fifoGroup );
++ chmod( sockdir, 0755 );
+ RegisterCloseOnFork( cr->fd );
+ RegisterInput( cr->fd );
+ free( sockdir );
+@@ -218,12 +220,8 @@
+ {
+ if (cr->fpath)
+ chown( cr->fpath, uid, -1 );
+- if (cr->path) {
+- char *ptr = strrchr( cr->path, '/' );
+- *ptr = 0;
++ if (cr->path)
+ chown( cr->path, uid, -1 );
+- *ptr = '/';
+- }
+ }
+
+ void
generated by cgit (git 2.34.1) at 2024-12-28 05:13:28 +0800