[Pkg-xfce-commits] r6481 - in goodies/branches/wheezy/lightdm/debian: . patches
Yves-Alexis Perez
corsac at alioth.debian.org
Mon Mar 5 06:39:06 UTC 2012
Author: corsac
Date: 2012-03-05 06:39:05 +0000 (Mon, 05 Mar 2012)
New Revision: 6481
Removed:
goodies/branches/wheezy/lightdm/debian/patches/07_CVE-2011-4105.patch
goodies/branches/wheezy/lightdm/debian/patches/08_CVE-2011-3153.patch
Modified:
goodies/branches/wheezy/lightdm/debian/changelog
goodies/branches/wheezy/lightdm/debian/patches/series
Log:
* debian/patches:
- 07_CVE-2011-4105 removed, code not present anymore.
- 08_CVE-2011-3153 dropped, included upstream.
Modified: goodies/branches/wheezy/lightdm/debian/changelog
===================================================================
--- goodies/branches/wheezy/lightdm/debian/changelog 2012-03-05 06:31:18 UTC (rev 6480)
+++ goodies/branches/wheezy/lightdm/debian/changelog 2012-03-05 06:39:05 UTC (rev 6481)
@@ -3,6 +3,9 @@
* New upstream release.
- don't leak fds to child processes. closes: #658678
* debian/watch updated to track 1.0 branch.
+ * debian/patches:
+ - 07_CVE-2011-4105 removed, code not present anymore.
+ - 08_CVE-2011-3153 dropped, included upstream.
-- Yves-Alexis Perez <corsac at debian.org> Fri, 02 Mar 2012 11:26:45 +0100
Deleted: goodies/branches/wheezy/lightdm/debian/patches/07_CVE-2011-4105.patch
===================================================================
--- goodies/branches/wheezy/lightdm/debian/patches/07_CVE-2011-4105.patch 2012-03-05 06:31:18 UTC (rev 6480)
+++ goodies/branches/wheezy/lightdm/debian/patches/07_CVE-2011-4105.patch 2012-03-05 06:39:05 UTC (rev 6481)
@@ -1,56 +0,0 @@
-Description: ensure we don't chown links
-Author: Marc Deslauriers <marc.deslauriers at canonical.com>
-
-Index: lightdm-1.0.6/src/xsession.c
-===================================================================
---- lightdm-1.0.6.orig/src/xsession.c 2011-11-25 07:22:24.509683804 +0100
-+++ lightdm-1.0.6/src/xsession.c 2011-11-25 07:22:47.773863861 +0100
-@@ -9,6 +9,7 @@
- * license.
- */
-
-+#include <config.h>
- #include <errno.h>
- #include <string.h>
- #include <fcntl.h>
-@@ -104,10 +105,26 @@
- * incorrectly written as root in a buggy version of LightDM */
- if (getuid () == 0)
- {
-+ int fd = -1;
- int result;
-- result = lchown (path, user_get_uid (session_get_user (session)), user_get_gid (session_get_user (session)));
-+ struct stat st_buf;
-+
-+ fd = open (path, O_RDONLY|O_NOFOLLOW);
-+ if (fd == -1)
-+ goto out;
-+
-+ if (fstat (fd, &st_buf) != 0)
-+ goto out;
-+
-+ if ((!S_ISREG (st_buf.st_mode)) || (st_buf.st_nlink > 1))
-+ goto out;
-+
-+ result = fchown (fd, user_get_uid (session_get_user (session)), user_get_gid (session_get_user (session)));
- if (result < 0 && errno != ENOENT)
-- g_warning ("Failed to correct ownership of %s: %s", path, strerror (errno));
-+ g_warning ("Failed to correct ownership of %s: %s", path, strerror (errno));
-+out:
-+ if (fd > 0)
-+ close(fd);
- }
- }
-
-Index: lightdm-1.0.6/configure.ac
-===================================================================
---- lightdm-1.0.6.orig/configure.ac 2011-11-25 07:22:24.525683929 +0100
-+++ lightdm-1.0.6/configure.ac 2011-11-25 07:22:27.489706870 +0100
-@@ -1,6 +1,7 @@
- dnl Process this file with autoconf to produce a configure script.
-
- AC_INIT(lightdm, 1.0.6)
-+AC_USE_SYSTEM_EXTENSIONS
- AC_CONFIG_MACRO_DIR(m4)
- AC_CONFIG_HEADER(config.h)
- AM_INIT_AUTOMAKE
Deleted: goodies/branches/wheezy/lightdm/debian/patches/08_CVE-2011-3153.patch
===================================================================
--- goodies/branches/wheezy/lightdm/debian/patches/08_CVE-2011-3153.patch 2012-03-05 06:31:18 UTC (rev 6480)
+++ goodies/branches/wheezy/lightdm/debian/patches/08_CVE-2011-3153.patch 2012-03-05 06:39:05 UTC (rev 6481)
@@ -1,33 +0,0 @@
-Description: drop privileges before reading ~/.dmrc
-Author: Marc Deslauriers <marc.deslauriers at canonical.com>
-Origin: http://bazaar.launchpad.net/~lightdm-team/lightdm/trunk/revision/1299
-Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/883865
-
-Index: lightdm-1.0.6/src/dmrc.c
-===================================================================
---- lightdm-1.0.6.orig/src/dmrc.c 2011-11-11 12:54:46.841116960 -0500
-+++ lightdm-1.0.6/src/dmrc.c 2011-11-11 12:58:38.877118919 -0500
-@@ -24,7 +24,7 @@
- User *user;
- GKeyFile *dmrc_file;
- gchar *path;
-- gboolean have_dmrc;
-+ gboolean have_dmrc, drop_privileges;
-
- dmrc_file = g_key_file_new ();
-
-@@ -38,7 +38,14 @@
- /* Load from the user directory, if this fails (e.g. the user directory
- * is not yet mounted) then load from the cache */
- path = g_build_filename (user_get_home_directory (user), ".dmrc", NULL);
-+
-+ /* Guard against privilege escalation through symlinks, etc. */
-+ drop_privileges = geteuid () == 0;
-+ if (drop_privileges)
-+ privileges_drop (user);
- have_dmrc = g_key_file_load_from_file (dmrc_file, path, G_KEY_FILE_KEEP_COMMENTS, NULL);
-+ if (drop_privileges)
-+ privileges_reclaim ();
- g_free (path);
-
- /* If no ~/.dmrc, then load from the cache */
Modified: goodies/branches/wheezy/lightdm/debian/patches/series
===================================================================
--- goodies/branches/wheezy/lightdm/debian/patches/series 2012-03-05 06:31:18 UTC (rev 6480)
+++ goodies/branches/wheezy/lightdm/debian/patches/series 2012-03-05 06:39:05 UTC (rev 6481)
@@ -4,5 +4,3 @@
04_default-gtk-greeter-config.patch
05_dont-add-pkglibexecdir-path.patch
06_move-progs-to-pkglibexecdir.patch
-07_CVE-2011-4105.patch
-08_CVE-2011-3153.patch
More information about the Pkg-xfce-commits
mailing list