rpms/kdebase/F-7 post-3.5.8-kdebase-kdm.diff, NONE, 1.1 kdebase.spec, 1.267, 1.268
Than Ngo (than)
fedora-extras-commits at redhat.com
Mon Jan 28 12:40:55 UTC 2008
- Previous message (by thread): rpms/kdebase/F-8 post-3.5.8-kdebase-kdm.diff, NONE, 1.1 kdebase.spec, 1.284, 1.285
- Next message (by thread): rpms/net-snmp/devel net-snmp.spec, 1.139, 1.140 net-snmpd.init, 1.4, 1.5 net-snmptrapd.init, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: than
Update of /cvs/extras/rpms/kdebase/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7893
Modified Files:
kdebase.spec
Added Files:
post-3.5.8-kdebase-kdm.diff
Log Message:
- kdm: local DoS vulnerability, CVE-2007-5963
post-3.5.8-kdebase-kdm.diff:
--- NEW FILE post-3.5.8-kdebase-kdm.diff ---
--- kdm/backend/inifile.c
+++ kdm/backend/inifile.c
@@ -37,6 +37,7 @@
#include "dm_error.h"
#include <sys/types.h>
+#include <sys/stat.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
@@ -47,17 +48,27 @@
{
char *data;
int fd, len;
+ struct stat st;
if ((fd = open( fname, O_RDONLY | O_NONBLOCK )) < 0) {
Debug( "cannot open ini-file %\"s: %m", fname );
return 0;
}
- len = lseek( fd, 0, SEEK_END );
+ if (fstat( fd, &st ) || !S_ISREG( st.st_mode )) {
+ LogWarn( "Ini-file %\"s is no regular file\n", fname );
+ close( fd );
+ return 0;
+ }
+ if (st.st_size >= 0x10000) {
+ LogWarn( "Ini-file %\"s is too big\n", fname );
+ close( fd );
+ return 0;
+ }
+ len = st.st_size;
if (!(data = Malloc( len + 2 ))) {
close( fd );
return 0;
}
- lseek( fd, 0, SEEK_SET );
if (read( fd, data, len ) != len) {
Debug( "cannot read ini-file %\"s: %m", fname );
free( data );
Index: kdebase.spec
===================================================================
RCS file: /cvs/extras/rpms/kdebase/F-7/kdebase.spec,v
retrieving revision 1.267
retrieving revision 1.268
diff -u -r1.267 -r1.268
--- kdebase.spec 16 Jan 2008 04:23:17 -0000 1.267
+++ kdebase.spec 28 Jan 2008 12:40:22 -0000 1.268
@@ -22,7 +22,7 @@
%endif
Version: 3.5.8
-Release: 30%{?dist}.1
+Release: 31%{?dist}
%if 0%{?fedora} > 8
Name: kdebase3
@@ -104,6 +104,8 @@
Patch203: kdebase-3.5.8-gcc43.patch
# security fixes
+# KDM local DoS vulnerability, CVE-2007-5963
+Patch1000: post-3.5.8-kdebase-kdm.diff
%if 0%{?libs}
Requires: %{name}-libs = %{?epoch:%{epoch}:}%{version}-%{release}
@@ -322,6 +324,9 @@
%patch202 -p4 -b .gtk212
%patch203 -p0 -b .gcc43
+# security fixes
+%patch1000 -p0 -b .CVE-2007-5963
+
%if "%{name}" != "kdebase"
# hacks to omit stuff that doesn't support DO_NOT_COMPILE
sed -i -e 's|^FONTINST_SUBDIR=kfontinst|#FONTINST_SUBDIR=kfontinst|' kcontrol/Makefile.am
@@ -810,6 +815,9 @@
%changelog
+* Mon Jan 28 2008 Than Ngo <than at redhat.com> 3.5.8-31
+- kdm: local DoS vulnerability, CVE-2007-5963
+
* Tue Jan 15 2008 Rex Dieter <rdieter[AT]fedoraproject.org> - 3.5.8-30.1
- f7: fix libkdeinit_* missing dep errors
- Previous message (by thread): rpms/kdebase/F-8 post-3.5.8-kdebase-kdm.diff, NONE, 1.1 kdebase.spec, 1.284, 1.285
- Next message (by thread): rpms/net-snmp/devel net-snmp.spec, 1.139, 1.140 net-snmpd.init, 1.4, 1.5 net-snmptrapd.init, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list