rpms/pulseaudio/F-11 0001-Remove-exploitable-LD_BIND_NOW-hack-CVE-2009-1894.patch, NONE, 1.1 pulseaudio.spec, 1.84, 1.85
Lennart Poettering
lennart at fedoraproject.org
Tue Jul 28 20:52:34 UTC 2009
- Previous message (by thread): rpms/koffice/F-11 koffice.spec,1.103,1.104
- Next message (by thread): rpms/koffice/F-10 koffice-1.6.3-dejavu_fonts.patch, NONE, 1.1 koffice-1.6.3-glibc_strrchr.patch, NONE, 1.1 koffice-1.6.3-no_local_fonts.patch, NONE, 1.1 koffice-1.6.3-quint32.patch, NONE, 1.1 koffice-20090306svn.patch, NONE, 1.1 koffice-svn_checkout.sh, NONE, 1.1 koffice.spec, 1.82, 1.83
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: lennart
Update of /cvs/pkgs/rpms/pulseaudio/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv31669
Modified Files:
pulseaudio.spec
Added Files:
0001-Remove-exploitable-LD_BIND_NOW-hack-CVE-2009-1894.patch
Log Message:
Fix bug 510071
0001-Remove-exploitable-LD_BIND_NOW-hack-CVE-2009-1894.patch:
configure.ac | 6 ++++++
src/Makefile.am | 4 ++--
src/daemon/main.c | 23 -----------------------
3 files changed, 8 insertions(+), 25 deletions(-)
--- NEW FILE 0001-Remove-exploitable-LD_BIND_NOW-hack-CVE-2009-1894.patch ---
>From 84200b423ebfa7e2dad9b1b65f64eac7bf3d2114 Mon Sep 17 00:00:00 2001
From: =?utf-8?q?Diego=20Elio=20'Flameeyes'=20Petten=C3=B2?= <flameeyes at gmail.com>
Date: Tue, 7 Jul 2009 20:51:53 +0200
Subject: [PATCH] Remove exploitable LD_BIND_NOW hack (CVE-2009-1894).
Instead of trying to re-execute pulseaudio itself with LD_BIND_NOW set,
just find the correct flag for the linker to request immediate bindings
(all ELF files support that option), and use that when linking the daemon.
Reduce the amount of compiled and executed code as well.
---
configure.ac | 6 ++++++
src/Makefile.am | 4 ++--
src/daemon/main.c | 22 ----------------------
3 files changed, 8 insertions(+), 24 deletions(-)
diff --git a/configure.ac b/configure.ac
index 9c96d1c..cc7f674 100644
--- a/configure.ac
+++ b/configure.ac
@@ -113,6 +113,12 @@ CC_CHECK_LDFLAGS([${tmp_ldflag}],
[VERSIONING_LDFLAGS='-Wl,-version-script=$(srcdir)/map-file'])
AC_SUBST([VERSIONING_LDFLAGS])
+dnl Use immediate (now) bindings; avoids the funky re-call in itself
+dnl the -z now syntax is lifted from Sun's linker and works with GNU's too
+dnl other linkes might be added later
+CC_CHECK_LDFLAGS([-Wl,-z,now], [IMMEDIATE_LDFLAGS="-Wl,-z,now"])
+AC_SUBST([IMMEDIATE_LDFLAGS])
+
dnl Check for the proper way to build libraries that have no undefined
dnl symbols; on some hosts this needs to be avoided but the macro
dnl takes care of it.
diff --git a/src/Makefile.am b/src/Makefile.am
index 7ebf1f8..ac627c8 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -183,9 +183,9 @@ PREOPEN_LIBS = $(modlibexec_LTLIBRARIES)
endif
if FORCE_PREOPEN
-pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlpreopen force $(foreach f,$(PREOPEN_LIBS),-dlpreopen $(f))
else
-pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
+pulseaudio_LDFLAGS = $(AM_LDFLAGS) $(BINLDFLAGS) $(IMMEDIATE_LDFLAGS) -dlopen force $(foreach f,$(PREOPEN_LIBS),-dlopen $(f))
endif
###################################
diff --git a/src/daemon/main.c b/src/daemon/main.c
index eb378d2..0f6fc90 100644
--- a/src/daemon/main.c
+++ b/src/daemon/main.c
@@ -401,28 +401,6 @@ int main(int argc, char *argv[]) {
pa_log_set_level(PA_LOG_NOTICE);
pa_log_set_flags(PA_LOG_COLORS|PA_LOG_PRINT_FILE|PA_LOG_PRINT_LEVEL, PA_LOG_RESET);
-#if defined(__linux__) && defined(__OPTIMIZE__)
- /*
- Disable lazy relocations to make usage of external libraries
- more deterministic for our RT threads. We abuse __OPTIMIZE__ as
- a check whether we are a debug build or not.
- */
-
- if (!getenv("LD_BIND_NOW")) {
- char *rp;
-
- /* We have to execute ourselves, because the libc caches the
- * value of $LD_BIND_NOW on initialization. */
-
- pa_set_env("LD_BIND_NOW", "1");
-
- if ((rp = pa_readlink("/proc/self/exe")))
- pa_assert_se(execv(rp, argv) == 0);
- else
- pa_log_warn("Couldn't read /proc/self/exe, cannot self execute. Running in a chroot()?");
- }
-#endif
-
if ((e = getenv("PULSE_PASSED_FD"))) {
passed_fd = atoi(e);
--
1.6.3.3
Index: pulseaudio.spec
===================================================================
RCS file: /cvs/pkgs/rpms/pulseaudio/F-11/pulseaudio.spec,v
retrieving revision 1.84
retrieving revision 1.85
diff -u -p -r1.84 -r1.85
--- pulseaudio.spec 9 Jun 2009 17:53:35 -0000 1.84
+++ pulseaudio.spec 28 Jul 2009 20:52:33 -0000 1.85
@@ -3,7 +3,7 @@
Name: pulseaudio
Summary: Improved Linux sound server
Version: 0.9.15
-Release: 14%{?dist}
+Release: 15%{?dist}
License: GPLv2+
Group: System Environment/Daemons
Source0: http://0pointer.de/lennart/projects/pulseaudio/pulseaudio-%{version}.tar.gz
@@ -36,6 +36,7 @@ Patch25: 0001-core-cache-requested-laten
Patch26: 0001-sample-fix-build-on-BE-archs.patch
Patch27: 0001-alsa-properly-convert-return-values-of-snd_strerror.patch
Patch28: 0001-alsa-remove-debug-code.patch
+Patch29: 0001-Remove-exploitable-LD_BIND_NOW-hack-CVE-2009-1894.patch
URL: http://pulseaudio.org
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: m4
@@ -244,6 +245,7 @@ This package contains command line utili
%patch26 -p1
%patch27 -p1
%patch28 -p1
+%patch29 -p1
%build
CFLAGS="-ggdb" %configure --disable-static --disable-rpath --with-system-user=pulse --with-system-group=pulse --with-realtime-group=pulse-rt --with-access-group=pulse-access
@@ -464,6 +466,9 @@ groupadd -r pulse-access &>/dev/null ||
%{_mandir}/man1/pax11publish.1.gz
%changelog
+* Tue Jul 28 2009 Lennart Poettering <lpoetter at redhat.com> 0.9.15-15
+- Fix bug 510071
+
* Tue Jun 9 2009 Lennart Poettering <lpoetter at redhat.com> 0.9.15-14
- Fix mmap() related segfault
- Closes #504750
- Previous message (by thread): rpms/koffice/F-11 koffice.spec,1.103,1.104
- Next message (by thread): rpms/koffice/F-10 koffice-1.6.3-dejavu_fonts.patch, NONE, 1.1 koffice-1.6.3-glibc_strrchr.patch, NONE, 1.1 koffice-1.6.3-no_local_fonts.patch, NONE, 1.1 koffice-1.6.3-quint32.patch, NONE, 1.1 koffice-20090306svn.patch, NONE, 1.1 koffice-svn_checkout.sh, NONE, 1.1 koffice.spec, 1.82, 1.83
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list