diff options
| author | kwm <kwm@FreeBSD.org> | 2011-10-19 02:25:44 +0800 |
|---|---|---|
| committer | kwm <kwm@FreeBSD.org> | 2011-10-19 02:25:44 +0800 |
| commit | cbcab697a2e9687c792d5ac25134f939ac218158 (patch) | |
| tree | 31764c2e92b9f59438ac6a8571f8b7b4612194c4 /x11-servers | |
| parent | df119ce8c32e56f6cd4863182029aef3640fd186 (diff) | |
| download | freebsd-ports-gnome-cbcab697a2e9687c792d5ac25134f939ac218158.tar.gz freebsd-ports-gnome-cbcab697a2e9687c792d5ac25134f939ac218158.tar.zst freebsd-ports-gnome-cbcab697a2e9687c792d5ac25134f939ac218158.zip | |
Fix CVE-2011-4028 and CVE-2011-4029.
Obtained from: upstream xorg-server
Security: 8441957c-f9b4-11e0-a78a-bcaec565249c
Diffstat (limited to 'x11-servers')
| -rw-r--r-- | x11-servers/xorg-server/Makefile | 2 | ||||
| -rw-r--r-- | x11-servers/xorg-server/files/patch-os-utils.c | 24 |
2 files changed, 22 insertions, 4 deletions
diff --git a/x11-servers/xorg-server/Makefile b/x11-servers/xorg-server/Makefile index 5cfede912f3b..b1e7a1bc7e10 100644 --- a/x11-servers/xorg-server/Makefile +++ b/x11-servers/xorg-server/Makefile @@ -7,7 +7,7 @@ PORTNAME= xorg-server PORTVERSION= 1.7.7 -PORTREVISION= 2 +PORTREVISION= 3 PORTEPOCH= 1 CATEGORIES= x11-servers MASTER_SITES= http://xorg.freedesktop.org/releases/individual/xserver/ diff --git a/x11-servers/xorg-server/files/patch-os-utils.c b/x11-servers/xorg-server/files/patch-os-utils.c index a5509b86539a..3fe8530231e9 100644 --- a/x11-servers/xorg-server/files/patch-os-utils.c +++ b/x11-servers/xorg-server/files/patch-os-utils.c @@ -1,6 +1,24 @@ ---- os/utils.c.orig 2007-08-23 15:04:55.000000000 -0400 -+++ os/utils.c 2008-02-29 13:11:01.000000000 -0500 -@@ -525,7 +525,11 @@ +--- os/utils.c.orig 2010-05-04 02:48:00.000000000 +0200 ++++ os/utils.c 2011-10-18 20:08:10.000000000 +0200 +@@ -315,7 +315,7 @@ + FatalError("Could not create lock file in %s\n", tmp); + (void) sprintf(pid_str, "%10ld\n", (long)getpid()); + (void) write(lfd, pid_str, 11); +- (void) chmod(tmp, 0444); ++ (void) fchmod(tmp, 0444); + (void) close(lfd); + + /* +@@ -336,7 +336,7 @@ + /* + * Read the pid from the existing file + */ +- lfd = open(LockFile, O_RDONLY); ++ lfd = open(LockFile, O_RDONLY|O_NOFOLLOW); + if (lfd < 0) { + unlink(tmp); + FatalError("Can't read lock file %s\n", LockFile); +@@ -436,7 +436,11 @@ #ifdef MONOTONIC_CLOCK struct timespec tp; |