cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Security fix for kdm. Fixes a symlink attack vulnerability. (CVE-2006-2449)

Browse Source 
Detailed information:
http://www.kde.org/info/security/advisory-20060614-1.txt

"go ahead" espie@
This commit is contained in:
bernd 2006-06-15 12:10:30 +00:00
parent a021df0e58
commit 3ae63a12bc
2 changed files with 26 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
x11/kde/base3/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.61 2006/06/03 12:47:30 espie Exp $
# $OpenBSD: Makefile,v 1.62 2006/06/15 12:10:30 bernd Exp $
COMMENT= "K Desktop Environment, basic applications"
COMMENT-plugins= "Konqueror nsplugins, essentially native JDK"
@ -6,7 +6,7 @@ COMMENT-samba= "K Desktop Environment, samba support"
CATEGORIES= x11 x11/kde
VERSION= 3.5.3
DISTNAME= kdebase-${VERSION}
PKGNAME= ${DISTNAME}
PKGNAME= ${DISTNAME}p0
PKGNAME-samba= kdesamba-${VERSION}
MODKDE_VERSION?= 3.5.3
SHARED_LIBS= kasbar 2.0 \

24
x11/kde/base3/patches/patch-kdm_backend_client_c Normal file
View File

@ -0,0 +1,24 @@
$OpenBSD: patch-kdm_backend_client_c,v 1.4 2006/06/15 12:10:30 bernd Exp $
Security fix. (CVE-2006-2449)
http://www.kde.org/info/security/advisory-20060614-1.txt
--- kdm/backend/client.c.orig Fri Mar 17 11:17:47 2006
+++ kdm/backend/client.c Thu Jun 15 12:10:33 2006
@@ -1537,16 +1537,6 @@ ReadDmrc()
if (!StrApp( &fname, p->pw_dir, "/.dmrc", (char *)0 ))
return GE_Error;
- if ((curdmrc = iniLoad( fname ))) {
- free( fname );
- return GE_Ok;
- }
-
- if (errno != EACCES) {
- free( fname );
- return GE_NoFile;
- }
-
if (pipe( pfd ))
return GE_Error;
if ((pid = Fork()) < 0) {