rpms/xorg-x11-apps/FC-5 xload-1.0.1-setuid.patch, NONE, 1.1 xorg-x11-apps.spec, 1.12, 1.13
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Jun 28 09:08:56 UTC 2006
Author: mharris
Update of /cvs/dist/rpms/xorg-x11-apps/FC-5
In directory cvs.devel.redhat.com:/tmp/cvs-serv8306
Modified Files:
xorg-x11-apps.spec
Added Files:
xload-1.0.1-setuid.patch
Log Message:
* Wed Jun 28 2006 Mike A. Harris <mharris at redhat.com> 7.0-1
- Added xload-1.0.1-setuid.patch to fix potential security issue (#196126)
- Artificially inflate package version-release to 7.0-1 to match the X11R7.0
release that all of the tarballs are taken from.
- Add temporary dependency on autoconf, automake for brew builds.
- Add more BuildRequires to fix mock builds. (#191896)
- Build package for update release for FC5.
xload-1.0.1-setuid.patch:
xload.c | 15 ++++++++++++---
1 files changed, 12 insertions(+), 3 deletions(-)
--- NEW FILE xload-1.0.1-setuid.patch ---
Patch from X.Org, modified to match path where files need patching in rpm
packaging.
Index: xload.c
===================================================================
RCS file: /cvs/xorg/app/xload/xload.c,v
retrieving revision 1.2
diff -u -r1.2 xload.c
--- xload-1.0.1/xload.c 23 Apr 2004 19:54:57 -0000 1.2
+++ xload-1.0.1/xload.c 19 Jun 2006 21:32:20 -0000
@@ -34,7 +34,7 @@
* xload - display system load average in a window
*/
-
+#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
@@ -162,8 +162,17 @@
/* For security reasons, we reset our uid/gid after doing the necessary
system initialization and before calling any X routines. */
InitLoadPoint();
- setgid(getgid()); /* reset gid first while still (maybe) root */
- setuid(getuid());
+ /* reset gid first while still (maybe) root */
+ if (setgid(getgid()) == -1) {
+ fprintf(stderr, "%s: setgid failed: %s\n",
+ ProgramName, strerror(errno));
+ exit(1);
+ }
+ if (setuid(getuid()) == -1) {
+ fprintf(stderr, "%s: setuid failed: %s\n",
+ ProgramName, strerror(errno));
+ exit(1);
+ }
XtSetLanguageProc(NULL, (XtLanguageProc) NULL, NULL);
Index: xorg-x11-apps.spec
===================================================================
RCS file: /cvs/dist/rpms/xorg-x11-apps/FC-5/xorg-x11-apps.spec,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- xorg-x11-apps.spec 3 Mar 2006 01:37:12 -0000 1.12
+++ xorg-x11-apps.spec 28 Jun 2006 09:08:54 -0000 1.13
@@ -2,7 +2,9 @@
Summary: X.Org X11 applications
Name: xorg-x11-%{pkgname}
-Version: 1.0.2
+# NOTE: The package version should be set to the X11 major release from which
+# the OS release is based upon.
+Version: 7.0
Release: 1
License: MIT/X11
Group: User Interface/X
@@ -10,33 +12,51 @@
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
# Clock apps
-Source0: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/oclock-1.0.1.tar.bz2
-Source1: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xclock-1.0.1.tar.bz2
+Source0: http://xorg.freedesktop.org/releases/individual/app/oclock-1.0.1.tar.bz2
+Source1: http://xorg.freedesktop.org/releases/individual/app/xclock-1.0.1.tar.bz2
# X Window Dump (xwd) utilities
-Source2: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xwd-1.0.1.tar.bz2
-Source3: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xwud-1.0.1.tar.bz2
-Source4: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xpr-1.0.1.tar.bz2
+Source2: http://xorg.freedesktop.org/releases/individual/app/xwd-1.0.1.tar.bz2
+Source3: http://xorg.freedesktop.org/releases/individual/app/xwud-1.0.1.tar.bz2
+Source4: http://xorg.freedesktop.org/releases/individual/app/xpr-1.0.1.tar.bz2
# Miscellaneous other applications
-Source5: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/luit-1.0.1.tar.bz2
+Source5: http://xorg.freedesktop.org/releases/individual/app/luit-1.0.1.tar.bz2
Source6: http://xorg.freedesktop.org/releases/individual/app/x11perf-1.4.1.tar.bz2
-Source7: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xbiff-1.0.1.tar.bz2
-Source8: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xclipboard-1.0.1.tar.bz2
-Source9: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xconsole-1.0.1.tar.bz2
-Source10: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xcursorgen-1.0.0.tar.bz2
-Source11: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xeyes-1.0.1.tar.bz2
-Source12: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xkill-1.0.1.tar.bz2
-Source13: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xload-1.0.1.tar.bz2
-Source14: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xlogo-1.0.1.tar.bz2
-Source15: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xmag-1.0.1.tar.bz2
-Source16: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/xmessage-1.0.1.tar.bz2
+Source7: http://xorg.freedesktop.org/releases/individual/app/xbiff-1.0.1.tar.bz2
+Source8: http://xorg.freedesktop.org/releases/individual/app/xclipboard-1.0.1.tar.bz2
+Source9: http://xorg.freedesktop.org/releases/individual/app/xconsole-1.0.1.tar.bz2
+Source10: http://xorg.freedesktop.org/releases/individual/app/xcursorgen-1.0.0.tar.bz2
+Source11: http://xorg.freedesktop.org/releases/individual/app/xeyes-1.0.1.tar.bz2
+Source12: http://xorg.freedesktop.org/releases/individual/app/xkill-1.0.1.tar.bz2
+Source13: http://xorg.freedesktop.org/releases/individual/app/xload-1.0.1.tar.bz2
+Source14: http://xorg.freedesktop.org/releases/individual/app/xlogo-1.0.1.tar.bz2
+Source15: http://xorg.freedesktop.org/releases/individual/app/xmag-1.0.1.tar.bz2
+Source16: http://xorg.freedesktop.org/releases/individual/app/xmessage-1.0.1.tar.bz2
Patch0: x11perf-1.4.1-x11perf-datadir-cleanups.patch
Patch1: luit-1.0.1-locale.alias-datadir.patch
+Patch10: xload-1.0.1-setuid.patch
+
+# FIXME: Temporary dependencies on autotools packages for now
+BuildRequires: autoconf automake
BuildRequires: pkgconfig
BuildRequires: xorg-x11-util-macros
# xbiff needs xbitmaps-devel
BuildRequires: xbitmaps-devel
+BuildRequires: zlib-devel
+BuildRequires: libfontenc-devel
+BuildRequires: libX11-devel
+BuildRequires: libXmu-devel
+BuildRequires: libXext-devel
+BuildRequires: libXt-devel
+BuildRequires: libXaw-devel
+BuildRequires: libXpm-devel
+BuildRequires: libXft-devel
+BuildRequires: libXrender-devel
+BuildRequires: libxkbfile-devel
+BuildRequires: libXcursor-devel
+BuildRequires: libpng-devel
+BuildRequires: libXfixes-devel
Requires(pre): xorg-x11-filesystem >= 0.99.2-3
@@ -55,6 +75,8 @@
%patch0 -p0 -b .x11perf-datadir-cleanups
%patch1 -p0 -b .locale.alias-datadir
+%patch10 -p0 -b .setuid
+
%build
# Build all apps
{
@@ -92,7 +114,7 @@
%files
%defattr(-,root,root,-)
-%doc
+#%doc
%{_bindir}/luit
%{_bindir}/oclock
%{_bindir}/x11perf
@@ -155,7 +177,15 @@
%{_mandir}/man1/xwud.1x*
%changelog
-* Thu Mar 2 2006 Adam Jackson <ajackson at redhat.com> 1.0.2-1
+* Wed Jun 28 2006 Mike A. Harris <mharris at redhat.com> 7.0-1
+- Added xload-1.0.1-setuid.patch to fix potential security issue (#196126)
+- Artificially inflate package version-release to 7.0-1 to match the X11R7.0
+ release that all of the tarballs are taken from.
+- Add temporary dependency on autoconf, automake for brew builds.
+- Add more BuildRequires to fix mock builds. (#191896)
+- Build package for update release for FC5.
+
+* Thu Mar 02 2006 Adam Jackson <ajackson at redhat.com> 1.0.2-1
- Bump x11perf to 1.4.1 from upstream.
* Fri Feb 24 2006 Mike A. Harris <mharris at redhat.com> 1.0.1-2
More information about the fedora-cvs-commits
mailing list