Hello community,
here is the log from the commit of package kdebase3 for openSUSE:Factory
checked in at Fri Apr 16 00:34:59 CEST 2010.
--------
--- KDE/kdebase3/kdebase3.changes 2010-01-01 20:10:24.000000000 +0100
+++ /mounts/work_src_done/STABLE/kdebase3/kdebase3.changes 2010-03-23 13:54:25.000000000 +0100
@@ -1,0 +2,5 @@
+Tue Mar 23 12:45:11 UTC 2010 - llunak@novell.com
+
+- CVE-2010-0436 (bnc#584223)
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
New:
----
bnc584223.diff
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ kdebase3.spec ++++++
--- /var/tmp/diff_new_pack.jPxqrL/_old 2010-04-16 00:32:14.000000000 +0200
+++ /var/tmp/diff_new_pack.jPxqrL/_new 2010-04-16 00:32:14.000000000 +0200
@@ -76,7 +76,7 @@
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Url: http://www.kde.org/
Version: 3.5.10.1
-Release: 3
+Release: 4
%define kde_version 3.5.10
Requires: kdebase3-runtime == %{version}
Source0: kdebase-%{kde_version}.tar.bz2
@@ -241,6 +241,7 @@
Patch237: suspend-kpowersave.diff
Patch238: knetattach-show.diff
Patch239: gcc44.diff
+Patch240: bnc584223.diff
%description
This package contains kdebase, one of the basic packages of the K
@@ -497,7 +498,7 @@
Summary: Set and list fileshares
Group: System/Management
Version: 2.0
-Release: 572
+Release: 573
%description -n fileshareset
This package contains the the fileshareset utility to allow users to
@@ -680,6 +681,7 @@
%endif
%patch238
%patch239
+%patch240 -p1
rm -rf kappfinder
rm pics/crystalsvg/cr??-*emacs.png
cp %SOURCE17 l10n/tw/flag.png
++++++ bnc584223.diff ++++++
--- kdebase-3.5.10/kdm/backend/ctrl.c.sav 2010-03-23 13:22:28.000000000 +0100
+++ kdebase-3.5.10/kdm/backend/ctrl.c 2010-03-23 14:21:48.619350322 +0100
@@ -78,7 +78,25 @@ nukeSock( struct cmdsock *cs )
}
+#ifdef HONORS_SOCKET_PERMS
static CtrlRec ctrl = { 0, 0, -1, 0, 0, { -1, 0, 0 } };
+#else
+static CtrlRec ctrl = { 0, 0, 0, -1, 0, 0, { -1, 0, 0 } };
+
+static int mkTempDir( char *dir )
+{
+ int i, l = strlen( dir ) - 6;
+
+ for (i = 0; i < 100; i++) {
+ randomStr( dir + l );
+ if (!mkdir( dir, 0700 ))
+ return True;
+ if (errno != EEXIST)
+ break;
+ }
+ return False;
+}
+#endif
void
openCtrl( struct display *d )
@@ -140,22 +158,50 @@ openCtrl( struct display *d )
if (strlen( cr->path ) >= sizeof(sa.sun_path))
LogError( "path %\"s too long; no control sockets will be available\n",
cr->path );
- else if (mkdir( sockdir, 0755 ) && errno != EEXIST)
+#ifdef HONORS_SOCKET_PERMS
+ else if (mkdir( sockdir, 0700 ) && errno != EEXIST)
LogError( "mkdir %\"s failed; no control sockets will be available\n",
sockdir );
+ else if (unlink( cr->path ) && errno != ENOENT)
+ LogError( "unlink %\"s failed: %m; control socket will not be available\n",
+ cr->path );
else {
- if (!d)
- chown( sockdir, -1, fifoGroup );
+#else
+ else if (unlink( sockdir ) && errno != ENOENT)
+ LogError( "unlink %\"s failed: %m; control socket will not be available\n",
+ sockdir );
+ else if (!strApp( &cr->realdir, sockdir, "-XXXXXX", (char *)0))
+ ;
+ else if (!mkTempDir( cr->realdir )) {
+ LogError( "mkdir %\"s failed: %m; control socket will not be available\n",
+ cr->realdir );
+ free( cr->realdir );
+ cr->realdir = 0;
+ } else if (symlink( cr->realdir, sockdir )) {
+ LogError( "symlink %\"s => %\"s failed: %m; control socket will not be available\n",
+ sockdir, cr->realdir );
+ rmdir( cr->realdir );
+ free( cr->realdir );
+ cr->realdir = 0;
+ } else {
+ chown( sockdir, 0, d ? 0 : fifoGroup );
chmod( sockdir, 0750 );
+#endif
if ((cr->fd = socket( PF_UNIX, SOCK_STREAM, 0 )) < 0)
LogError( "Cannot create control socket\n" );
else {
- unlink( cr->path );
sa.sun_family = AF_UNIX;
strcpy( sa.sun_path, cr->path );
if (!bind( cr->fd, (struct sockaddr *)&sa, sizeof(sa) )) {
if (!listen( cr->fd, 5 )) {
+#ifdef HONORS_SOCKET_PERMS
+ chmod( cr->path, 0660 );
+ if (!d)
+ chown( cr->path, -1, fifoGroup );
+ chmod( sockdir, 0755 );
+#else
chmod( cr->path, 0666 );
+#endif
RegisterCloseOnFork( cr->fd );
RegisterInput( cr->fd );
free( sockdir );
@@ -170,6 +216,14 @@ openCtrl( struct display *d )
close( cr->fd );
cr->fd = -1;
}
+#ifdef HONORS_SOCKET_PERMS
+ rmdir( sockdir );
+#else
+ unlink( sockdir );
+ rmdir( cr->realdir );
+ free( cr->realdir );
+ cr->realdir = 0;
+#endif
}
free( cr->path );
cr->path = 0;
@@ -190,7 +244,14 @@ closeCtrl( struct display *d )
cr->fd = -1;
unlink( cr->path );
*strrchr( cr->path, '/' ) = 0;
+#ifdef HONORS_SOCKET_PERMS
rmdir( cr->path );
+#else
+ unlink( cr->path );
+ rmdir( cr->realdir );
+ free( cr->realdir );
+ cr->realdir = 0;
+#endif
free( cr->path );
cr->path = 0;
while (cr->css) {
@@ -218,12 +279,12 @@ chownCtrl( CtrlRec *cr, int uid )
{
if (cr->fpath)
chown( cr->fpath, uid, -1 );
- if (cr->path) {
- char *ptr = strrchr( cr->path, '/' );
- *ptr = 0;
+ if (cr->path)
+#ifdef HONORS_SOCKET_PERMS
chown( cr->path, uid, -1 );
- *ptr = '/';
- }
+#else
+ chown( cr->realdir, uid, -1 );
+#endif
}
void
--- kdebase-3.5.10/kdm/backend/dm.h.sav 2010-03-23 13:22:28.401354858 +0100
+++ kdebase-3.5.10/kdm/backend/dm.h 2010-03-23 13:28:24.843351116 +0100
@@ -218,6 +218,9 @@ typedef struct {
struct cmdsock *css; /* open connections */
char *path; /* filename of the socket */
+#ifndef HONORS_SOCKET_PERMS
+ char *realdir; /* real dirname of the socket */
+#endif
int fd; /* fd of the socket */
int gid; /* owner group of the socket */
--- kdebase-3.5.10/config.h.in.sav 2008-08-20 18:00:23.000000000 +0200
+++ kdebase-3.5.10/config.h.in 2010-03-23 13:36:38.913475918 +0100
@@ -739,6 +739,9 @@
/* Defined if your system has XRandR support */
#undef XRANDR_SUPPORT
+/* Define to 1 if OS honors permission bits on socket inodes */
+#undef HONORS_SOCKET_PERMS
+
/*
* jpeg.h needs HAVE_BOOLEAN, when the system uses boolean in system
* headers and I'm too lazy to write a configure test as long as only
--- kdebase-3.5.10/configure.in.in.sav 2006-07-22 10:15:55.000000000 +0200
+++ kdebase-3.5.10/configure.in.in 2010-03-23 13:51:24.504477535 +0100
@@ -274,3 +274,31 @@ AC_SUBST(LIBART_RPATH)
AC_ARG_WITH([composite],
AC_HELP_STRING([--without-composite], [Disable Xcomposite support (default: check)]) )
+AC_TRY_RUN([
+#include