Author: dnusinow Date: 2006-06-30 01:13:43 -0400 (Fri, 30 Jun 2006) New Revision: 2361
Added: trunk/app/xbase-clients/debian/patches/14_SECURITY_setuid.diff Modified: trunk/app/xbase-clients/debian/changelog trunk/app/xbase-clients/debian/patches/series Log: * Security update. Fix for setuid privledge escalation vulernabilities in xinit, xf86dga, and xload. See http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for the full advisory. This package applies the patches for the 7.0 release of those apps. Modified: trunk/app/xbase-clients/debian/changelog =================================================================== --- trunk/app/xbase-clients/debian/changelog 2006-06-30 05:04:00 UTC (rev 2360) +++ trunk/app/xbase-clients/debian/changelog 2006-06-30 05:13:43 UTC (rev 2361) @@ -1,3 +1,13 @@ +xbase-clients (1:7.1.ds-2) unstable; urgency=high + + * Security update. Fix for setuid privledge escalation vulernabilities in + xinit, xf86dga, and xload. See + http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for the + full advisory. This package applies the patches for the 7.0 release of + those apps. + + -- David Nusinow <[EMAIL PROTECTED]> Fri, 30 Jun 2006 01:10:17 -0400 + xbase-clients (1:7.1.ds-1) unstable; urgency=low [ Steve Langasek ] Added: trunk/app/xbase-clients/debian/patches/14_SECURITY_setuid.diff =================================================================== --- trunk/app/xbase-clients/debian/patches/14_SECURITY_setuid.diff 2006-06-30 05:04:00 UTC (rev 2360) +++ trunk/app/xbase-clients/debian/patches/14_SECURITY_setuid.diff 2006-06-30 05:13:43 UTC (rev 2361) @@ -0,0 +1,72 @@ +Index: xbase-clients/xf86dga-X11R7.0-1.0.1/dga.c +=================================================================== +--- xbase-clients.orig/xf86dga-X11R7.0-1.0.1/dga.c 2006-06-30 01:06:00.000000000 -0400 ++++ xbase-clients/xf86dga-X11R7.0-1.0.1/dga.c 2006-06-30 01:06:50.000000000 -0400 +@@ -16,6 +16,7 @@ + #include <X11/Xmd.h> + #include <X11/extensions/xf86dga.h> + #include <ctype.h> ++#include <errno.h> + #include <stdio.h> + #include <stdlib.h> + #include <signal.h> +@@ -141,7 +142,10 @@ + + #ifndef __UNIXOS2__ + /* Give up root privs */ +- setuid(getuid()); ++ if (setuid(getuid()) == -1) { ++ fprintf(stderr, "Unable to change uid: %s\n", strerror(errno)); ++ exit(2); ++ } + #endif + + XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0); +Index: xbase-clients/xinit/xinit.c +=================================================================== +--- xbase-clients.orig/xinit/xinit.c 2006-06-30 01:07:11.000000000 -0400 ++++ xbase-clients/xinit/xinit.c 2006-06-30 01:07:49.000000000 -0400 +@@ -692,7 +692,10 @@ + startClient(char *client[]) + { + if ((clientpid = vfork()) == 0) { +- setuid(getuid()); ++ if (setuid(getuid()) == -1) { ++ Error("cannot change uid: %s\n", strerror(errno)); ++ _exit(ERR_EXIT); ++ } + setpgrp(0, getpid()); + environ = newenviron; + #ifdef __UNIXOS2__ +Index: xbase-clients/xload-X11R7.0-1.0.1/xload.c +=================================================================== +--- xbase-clients.orig/xload-X11R7.0-1.0.1/xload.c 2006-06-30 01:08:01.000000000 -0400 ++++ xbase-clients/xload-X11R7.0-1.0.1/xload.c 2006-06-30 01:08:51.000000000 -0400 +@@ -35,6 +35,7 @@ + */ + + ++#include <errno.h> + #include <stdio.h> + #include <stdlib.h> + #include <unistd.h> +@@ -162,8 +163,17 @@ + /* For security reasons, we reset our uid/gid after doing the necessary + system initialization and before calling any X routines. */ + InitLoadPoint(); +- setgid(getgid()); /* reset gid first while still (maybe) root */ +- setuid(getuid()); ++ /* reset gid first while still (maybe) root */ ++ if (setgid(getgid()) == -1) { ++ fprintf(stderr, "%s: setgid failed: %s\n", ++ ProgramName, strerror(errno)); ++ exit(1); ++ } ++ if (setuid(getuid()) == -1) { ++ fprintf(stderr, "%s: setuid failed: %s\n", ++ ProgramName, strerror(errno)); ++ exit(1); ++ } + + XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL); + Modified: trunk/app/xbase-clients/debian/patches/series =================================================================== --- trunk/app/xbase-clients/debian/patches/series 2006-06-30 05:04:00 UTC (rev 2360) +++ trunk/app/xbase-clients/debian/patches/series 2006-06-30 05:13:43 UTC (rev 2361) @@ -10,3 +10,4 @@ 11_xkb_documentation_updates.diff -p0 12_startx_paths.diff pkgconfig_naughtiness -p0 +14_SECURITY_setuid.diff -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]