Hello community, here is the log from the commit of package xorg-x11-server for openSUSE:11.3 checked in at Thu Dec 1 12:11:02 CET 2011. -------- --- old-versions/11.3/UPDATES/all/xorg-x11-server/xorg-x11-server.changes 2011-05-30 17:29:22.000000000 +0200 +++ 11.3/xorg-x11-server/xorg-x11-server.changes 2011-11-30 15:46:23.000000000 +0100 @@ -1,0 +2,13 @@ +Wed Nov 30 14:37:17 UTC 2011 - sndirsch@suse.com + +- U_Fix-CVE-2011-4028-File-disclosure-vulnerability.patch + * use O_NOFOLLOW to open the existing lock file, so symbolic + links aren't followed, thus avoid revealing if it point to + an existing file. (bnc #722944) +- U_Fix-CVE-2011-4029-File-permission-change-vulnerabili.patch + * Use fchmod() to change permissions of the lock file instead + of chmod(), thus avoid the race that can be exploited to set + a symbolic link to any file or directory in the system. + (bnc #722944) + +------------------------------------------------------------------- calling whatdependson for 11.3-i586 New: ---- U_Fix-CVE-2011-4028-File-disclosure-vulnerability.patch U_Fix-CVE-2011-4029-File-permission-change-vulnerabili.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xorg-x11-server.spec ++++++ --- /var/tmp/diff_new_pack.G9Tz16/_old 2011-12-01 12:10:45.000000000 +0100 +++ /var/tmp/diff_new_pack.G9Tz16/_new 2011-12-01 12:10:45.000000000 +0100 @@ -32,7 +32,7 @@ %endif Url: http://xorg.freedesktop.org/ Version: 7.5_%{dirsuffix} -Release: 10.<RELEASE13> +Release: 10.<RELEASE15> License: GPLv2+ ; MIT License (or similar) BuildRoot: %{_tmppath}/%{name}-%{version}-build Group: System/X11/Servers/XF86_4 @@ -119,6 +119,8 @@ Patch214: CVE-2010-2240-address_space_limit.patch Patch215: CVE-2010-2240-tree_depth_limit.patch Patch216: xorg-x11-server-gl-apps-crash.patch +Patch217: U_Fix-CVE-2011-4028-File-disclosure-vulnerability.patch +Patch218: U_Fix-CVE-2011-4029-File-permission-change-vulnerabili.patch %if %moblin Patch300: moblin-use_preferred_mode_for_all_outputs.diff %endif @@ -248,6 +250,8 @@ %patch214 -p1 %patch215 -p1 %patch216 -p1 +%patch217 -p1 +%patch218 -p1 %if %moblin %patch300 -p1 %endif ++++++ U_Fix-CVE-2011-4028-File-disclosure-vulnerability.patch ++++++
From 6ba44b91e37622ef8c146d8f2ac92d708a18ed34 Mon Sep 17 00:00:00 2001 From: Matthieu Herrb
Date: Mon, 17 Oct 2011 22:26:12 +0200 Subject: [PATCH] Fix CVE-2011-4028: File disclosure vulnerability.
use O_NOFOLLOW to open the existing lock file, so symbolic links
aren't followed, thus avoid revealing if it point to an existing
file.
Signed-off-by: Matthieu Herrb
From b67581cf825940fdf52bf2e0af4330e695d724a4 Mon Sep 17 00:00:00 2001 From: Matthieu Herrb
Date: Mon, 17 Oct 2011 22:27:35 +0200 Subject: [PATCH] Fix CVE-2011-4029: File permission change vulnerability.
Use fchmod() to change permissions of the lock file instead
of chmod(), thus avoid the race that can be exploited to set
a symbolic link to any file or directory in the system.
Signed-off-by: Matthieu Herrb