Security bump. Failure to check the return value of setuid() in a privileged process...

Package-Manager: portage-2.1.1_pre1-r1

diff --git a/x11-libs/libX11/ChangeLog b/x11-libs/libX11/ChangeLog
index ee45869567c309e6c6a6c06ee6640a9676c63463..9b70a4fdfa6f42a92eb60a50f0826d9b3560be9c 100644 (file)
--- a/x11-libs/libX11/ChangeLog
+++ b/x11-libs/libX11/ChangeLog
@@ -1,6 +1,17 @@
 # ChangeLog for x11-libs/libX11
 # Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/x11-libs/libX11/ChangeLog,v 1.33 2006/05/13 13:57:55 joshuabaergen Exp $
+# $Header: /var/cvsroot/gentoo-x86/x11-libs/libX11/ChangeLog,v 1.34 2006/06/20 16:13:34 spyderous Exp $
+
+*libX11-1.0.1-r1 (20 Jun 2006)
+
+  20 Jun 2006; Donnie Berkholz <spyderous@gentoo.org>;
+  +files/libX11-1.0.1-setuid.diff, -libX11-1.0.0-r2.ebuild,
+  -libX11-1.0.1.ebuild, +libX11-1.0.1-r1.ebuild:
+  Security bump. Failure to check the return value of setuid() in a privileged
+  process could be used by a local user for file overwriting and possible
+  privilege escalation in corner cases. See
+  http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for more
+  information.
 
   13 May 2006; Joshua Baergen <joshuabaergen@gentoo.org>
   files/digest-libX11-1.0.1, Manifest:

diff --git a/x11-libs/libX11/files/digest-libX11-1.0.1-r1 b/x11-libs/libX11/files/digest-libX11-1.0.1-r1
new file mode 100644 (file)
index 0000000..fe5d45d
--- /dev/null
+++ b/x11-libs/libX11/files/digest-libX11-1.0.1-r1
@@ -0,0 +1,3 @@
+MD5 58f0537f21183e27149cf906a1b6bef9 libX11-1.0.1.tar.bz2 1419629
+RMD160 a4a2a1c7499ceeb29efa4357aa5b4529416e732d libX11-1.0.1.tar.bz2 1419629
+SHA256 f99e4ce6d8e3b8833957978fe22223897b0e636c83580f2b07eff0388eb75294 libX11-1.0.1.tar.bz2 1419629

diff --git a/x11-libs/libX11/files/libX11-1.0.1-setuid.diff b/x11-libs/libX11/files/libX11-1.0.1-setuid.diff
new file mode 100644 (file)
index 0000000..5325fa4
--- /dev/null
+++ b/x11-libs/libX11/files/libX11-1.0.1-setuid.diff
@@ -0,0 +1,17 @@
+diff --git a/src/xlibi18n/lcFile.c b/src/xlibi18n/lcFile.c
+index f8b3404..bb1ee20 100644
+--- a/src/xlibi18n/lcFile.c
++++ b/src/xlibi18n/lcFile.c
+@@ -269,7 +269,11 @@ #else
+           if (seteuid(0) != 0) {
+               priv = 0;
+           } else {
+-              seteuid(oldeuid);
++              if (seteuid(oldeuid) == -1) {
++                  /* XXX ouch, coudn't get back to original uid 
++                   what can we do ??? */
++                  _exit(127);
++              }
+               priv = 1;
+           }
+ #endif

diff --git a/x11-libs/libX11/libX11-1.0.1-r1.ebuild b/x11-libs/libX11/libX11-1.0.1-r1.ebuild
new file mode 100644 (file)
index 0000000..480b4df
--- /dev/null
+++ b/x11-libs/libX11/libX11-1.0.1-r1.ebuild
@@ -0,0 +1,39 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/x11-libs/libX11/libX11-1.0.1-r1.ebuild,v 1.1 2006/06/20 16:13:34 spyderous Exp $
+
+# Must be before x-modular eclass is inherited
+#SNAPSHOT="yes"
+
+inherit x-modular
+
+DESCRIPTION="X.Org X11 library"
+RESTRICT="mirror"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
+IUSE="ipv6"
+RDEPEND="x11-libs/xtrans
+       x11-libs/libXau
+       x11-libs/libXdmcp
+       x11-proto/kbproto
+       x11-proto/inputproto
+       x11-proto/xproto"
+DEPEND="${RDEPEND}
+       x11-proto/xf86bigfontproto
+       x11-proto/bigreqsproto
+       x11-proto/xextproto
+       x11-proto/xcmiscproto
+       >=x11-misc/util-macros-0.99.0_p20051007"
+
+PATCHES="${FILESDIR}/${P}-setuid.diff"
+
+CONFIGURE_OPTIONS="$(use_enable ipv6)"
+# xorg really doesn't like xlocale disabled.
+# $(use_enable nls xlocale)
+
+src_install() {
+       x-modular_src_install
+
+       local ENVD="10libx11"
+       echo "LDPATH=\"/usr/lib\"" > ${T}/${ENVD}
+       doenvd ${T}/${ENVD}
+}