aboutsummaryrefslogtreecommitdiffstats
path: root/x11
diff options
context:
space:
mode:
authorrakuco <rakuco@FreeBSD.org>2014-07-31 23:24:44 +0800
committerrakuco <rakuco@FreeBSD.org>2014-07-31 23:24:44 +0800
commitca000dcbfcb3b297fd83cf2c18410b0ab81922a3 (patch)
tree100e66ebb494af0fe2bb3b7d2e9ddcb6b818bc7c /x11
parenta4a50eea969b77a97d32c3e30924bdafe8fa683c (diff)
downloadfreebsd-ports-gnome-ca000dcbfcb3b297fd83cf2c18410b0ab81922a3.tar.gz
freebsd-ports-gnome-ca000dcbfcb3b297fd83cf2c18410b0ab81922a3.tar.zst
freebsd-ports-gnome-ca000dcbfcb3b297fd83cf2c18410b0ab81922a3.zip
Add upstream patch for CVE-2014-5033.
MFH: 2014Q3 Security: 2f90556f-18c6-11e4-9cc4-5453ed2e2b49
Diffstat (limited to 'x11')
-rw-r--r--x11/kdelibs4/Makefile2
-rw-r--r--x11/kdelibs4/files/patch-CVE-2014-503348
2 files changed, 49 insertions, 1 deletions
diff --git a/x11/kdelibs4/Makefile b/x11/kdelibs4/Makefile
index 87a7684180db..97f55c893156 100644
--- a/x11/kdelibs4/Makefile
+++ b/x11/kdelibs4/Makefile
@@ -3,7 +3,7 @@
PORTNAME= kdelibs
PORTVERSION= ${KDE4_VERSION}
-PORTREVISION= 2
+PORTREVISION= 3
CATEGORIES= x11 kde
MASTER_SITES= KDE/${KDE4_BRANCH}/${PORTVERSION}/src
DIST_SUBDIR= KDE/${PORTVERSION}
diff --git a/x11/kdelibs4/files/patch-CVE-2014-5033 b/x11/kdelibs4/files/patch-CVE-2014-5033
new file mode 100644
index 000000000000..613cf739216d
--- /dev/null
+++ b/x11/kdelibs4/files/patch-CVE-2014-5033
@@ -0,0 +1,48 @@
+commit e4e7b53b71e2659adaf52691d4accc3594203b23
+Author: Martin T. H. Sandsmark <martin.sandsmark@kde.org>
+Date: Mon Jul 21 22:52:40 2014 +0200
+
+ Use dbus system bus name instead of PID for authentication.
+
+ Using the PID for authentication is prone to a PID reuse
+ race condition, and a security issue.
+
+ REVIEW: 119323
+
+diff --git a/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp b/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
+index cd7f6f3..732d2cb 100644
+--- kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
++++ kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
+@@ -144,7 +144,7 @@ void Polkit1Backend::setupAction(const QString &action)
+
+ Action::AuthStatus Polkit1Backend::actionStatus(const QString &action)
+ {
+- PolkitQt1::UnixProcessSubject subject(QCoreApplication::applicationPid());
++ PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID()));
+ PolkitQt1::Authority::Result r = PolkitQt1::Authority::instance()->checkAuthorizationSync(action, subject,
+ PolkitQt1::Authority::None);
+ switch (r) {
+@@ -160,21 +160,12 @@ Action::AuthStatus Polkit1Backend::actionStatus(const QString &action)
+
+ QByteArray Polkit1Backend::callerID() const
+ {
+- QByteArray a;
+- QDataStream s(&a, QIODevice::WriteOnly);
+- s << QCoreApplication::applicationPid();
+-
+- return a;
++ return QDBusConnection::systemBus().baseService().toUtf8();
+ }
+
+ bool Polkit1Backend::isCallerAuthorized(const QString &action, QByteArray callerID)
+ {
+- QDataStream s(&callerID, QIODevice::ReadOnly);
+- qint64 pid;
+-
+- s >> pid;
+-
+- PolkitQt1::UnixProcessSubject subject(pid);
++ PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID));
+ PolkitQt1::Authority *authority = PolkitQt1::Authority::instance();
+
+ PolkitResultEventLoop e;