rpms/pulseaudio/devel pulseaudio-0.9.8-droproot.patch, NONE, 1.1 pulseaudio-0.9.8-create-dot-pulse.patch, 1.1, 1.2 pulseaudio.spec, 1.27, 1.28 pulseaudio-0.9.6-nochown.patch, 1.1, NONE

Lubomir Kundrak (lkundrak) fedora-extras-commits at redhat.com
Wed Jan 23 15:42:10 UTC 2008 

Author: lkundrak

Update of /cvs/pkgs/rpms/pulseaudio/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25763/devel

Modified Files:
	pulseaudio-0.9.8-create-dot-pulse.patch pulseaudio.spec 
Added Files:
	pulseaudio-0.9.8-droproot.patch 
Removed Files:
	pulseaudio-0.9.6-nochown.patch 
Log Message:
Sync with F-8, add fix for CVE-2008-0008


pulseaudio-0.9.8-droproot.patch:

--- NEW FILE pulseaudio-0.9.8-droproot.patch ---
Fail when dropping root privileges is not successful.

https://bugzilla.novell.com/show_bug.cgi?id=347822
https://bugzilla.redhat.com/show_bug.cgi?id=425481

Lubomir Kundrak <lkundrak at redhat.com>

Index: src/daemon/main.c
===================================================================
--- src/daemon/main.c	(revision 2098)
+++ src/daemon/main.c	(working copy)
@@ -372,7 +372,8 @@
         pa_limit_caps();
 
         /* Drop priviliges, but keep CAP_SYS_NICE */
-        pa_drop_root();
+        if (pa_drop_root() < 0)
+            goto finish;
 
         /* After dropping root, the effective set is reset, hence,
          * let's raise it again */
@@ -443,7 +444,8 @@
              * let's give it up early */
 
             pa_drop_caps();
-            pa_drop_root();
+            if (pa_drop_root() < 0)
+                goto finish;
             suid_root = real_root = FALSE;
 
             if (conf->high_priority || conf->realtime_scheduling)
@@ -497,7 +499,8 @@
 
         if (drop)  {
             pa_drop_caps();
-            pa_drop_root();
+            if (pa_drop_root() < 0)
+                goto finish;
             suid_root = real_root = FALSE;
         }
     }
Index: src/daemon/caps.c
===================================================================
--- src/daemon/caps.c	(revision 2098)
+++ src/daemon/caps.c	(working copy)
@@ -54,27 +54,36 @@
 #ifdef HAVE_GETUID
 
 /* Drop root rights when called SUID root */
-void pa_drop_root(void) {
+int pa_drop_root(void) {
     uid_t uid = getuid();
+    int error = 0;
 
     if (uid == 0 || geteuid() != 0)
-        return;
+        return 0;
 
     pa_log_info("Dropping root priviliges.");
 
 #if defined(HAVE_SETRESUID)
-    setresuid(uid, uid, uid);
+    error += setresuid(uid, uid, uid);
 #elif defined(HAVE_SETREUID)
-    setreuid(uid, uid);
+    error += setreuid(uid, uid);
 #else
-    setuid(uid);
-    seteuid(uid);
+    error += setuid(uid);
+    error += seteuid(uid);
 #endif
+
+    if (error != 0) {
+        pa_log_error("Could not drop root priviliges.");
+        return -1;
+    }
+
+    return 0;
 }
 
 #else
 
-void pa_drop_root(void) {
+int pa_drop_root(void) {
+    return 0;
 }
 
 #endif
@@ -142,8 +151,7 @@
 }
 
 int pa_drop_caps(void) {
-    pa_drop_root();
-    return 0;
+    return pa_drop_root();
 }
 
 #endif
Index: src/daemon/caps.h
===================================================================
--- src/daemon/caps.h	(revision 2098)
+++ src/daemon/caps.h	(working copy)
@@ -24,7 +24,7 @@
   USA.
 ***/
 
-void pa_drop_root(void);
+int pa_drop_root(void);
 int pa_limit_caps(void);
 int pa_drop_caps(void);
 

pulseaudio-0.9.8-create-dot-pulse.patch:

Index: pulseaudio-0.9.8-create-dot-pulse.patch
===================================================================
RCS file: /cvs/pkgs/rpms/pulseaudio/devel/pulseaudio-0.9.8-create-dot-pulse.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- pulseaudio-0.9.8-create-dot-pulse.patch	29 Nov 2007 18:01:07 -0000	1.1
+++ pulseaudio-0.9.8-create-dot-pulse.patch	23 Jan 2008 15:42:03 -0000	1.2
@@ -0,0 +1,21 @@
+Index: src/pulsecore/core-util.c
+===================================================================
+--- src/pulsecore/core-util.c	(revision 2077)
++++ src/pulsecore/core-util.c	(revision 2078)
+@@ -1129,8 +1129,15 @@
+ 
+         if ((e = getenv("PULSE_CONFIG_PATH")))
+             fn = lfn = pa_sprintf_malloc("%s/%s", e, local);
+-        else if (pa_get_home_dir(h, sizeof(h)))
++        else if (pa_get_home_dir(h, sizeof(h))) {
++            char *d;
++
++            d = pa_sprintf_malloc("%s/.pulse", h);
++            mkdir(d, 0755);
++            pa_xfree(d);
++
+             fn = lfn = pa_sprintf_malloc("%s/.pulse/%s", h, local);
++        }
+ 
+         if (lfn) {
+             FILE *f;


Index: pulseaudio.spec
===================================================================
RCS file: /cvs/pkgs/rpms/pulseaudio/devel/pulseaudio.spec,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -r1.27 -r1.28
--- pulseaudio.spec	30 Nov 2007 01:25:19 -0000	1.27
+++ pulseaudio.spec	23 Jan 2008 15:42:03 -0000	1.28
@@ -3,11 +3,10 @@
 Name:		pulseaudio
 Summary: 	Improved Linux sound server
 Version:	0.9.8
-Release:	4%{?dist}
+Release:	5%{?dist}
 License:	GPLv2+
 Group:		System Environment/Daemons
-#Source0:	http://0pointer.de/lennart/projects/pulseaudio/pulseaudio-%{version}.tar.gz
-Source0:	pulseaudio-0.9.8.tar.gz
+Source0:	http://0pointer.de/lennart/projects/pulseaudio/pulseaudio-%{version}.tar.gz
 URL:		http://pulseaudio.org
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: tcp_wrappers-devel, libsamplerate-devel, libsndfile-devel
@@ -23,10 +22,10 @@
 BuildRequires: openssl-devel
 Requires:	%{name}-core-libs = %{version}-%{release}
 Obsoletes:	pulseaudio-devel
-Patch1: 	pulseaudio-0.9.6-nochown.patch
 Patch2: 	pulseaudio-0.9.8-fix-sample-upload.patch
 Patch3: 	pulseaudio-0.9.8-unbreak-tunnels.patch
 Patch4:		pulseaudio-0.9.8-create-dot-pulse.patch
+Patch5:		pulseaudio-0.9.8-droproot.patch
 
 %description
 PulseAudio is a sound server for Linux and other Unix like operating 
@@ -166,6 +165,7 @@
 %patch2 -p2
 %patch3 -p1
 %patch4 -p0
+%patch5 -p0
 
 %build
 %configure --disable-ltdl-install --disable-static --disable-rpath --with-system-user=pulse --with-system-group=pulse --with-realtime-group=pulse-rt --with-access-group=pulse-access
@@ -381,6 +381,14 @@
 %{_mandir}/man1/pax11publish.1.gz
 
 %changelog
+* Wed Jan 23 2008 Lubomir Kundrak <lkundrak at redhat.com> 0.9.8-5
+- Fix CVE-2008-0008 security issue (#425481)
+
+* Sun Jan 13 2008 Lubomir Kundrak <lkundrak at redhat.com> 0.9.8-4.1
+- Actually add content to pulseaudio-0.9.8-create-dot-pulse.patch
+- Make the Source0 tag point to URL instead of a local file
+- Drop the nochown patch; it's not applied at all and no longer needed
+
 * Thu Nov 29 2007 Lennart Poettering <lpoetter at redhat.com> 0.9.8-4
 - add missing dependency on pulseaudio-utils for pulseaudio-module-x11
 


--- pulseaudio-0.9.6-nochown.patch DELETED ---

More information about the fedora-extras-commits mailing list