Security bump. Failure to check the return value of setuid() in a privileged
authorEmanuele Giaquinta <exg@gentoo.org>
Tue, 20 Jun 2006 21:17:05 +0000 (21:17 +0000)
committerEmanuele Giaquinta <exg@gentoo.org>
Tue, 20 Jun 2006 21:17:05 +0000 (21:17 +0000)
process could be used by a local user for file overwriting and possible
privilege escalation in corner cases. See
http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for more
information.

Package-Manager: portage-2.1

x11-terms/xterm/ChangeLog
x11-terms/xterm/Manifest
x11-terms/xterm/files/digest-xterm-215 [new file with mode: 0644]
x11-terms/xterm/xterm-215.ebuild [new file with mode: 0644]

index 638fddb6f35e88b0b04475ac8f4a2ffee04bfa1e..ab0416bc3d38b80d59a5ae67be27ce3490980185 100644 (file)
@@ -1,6 +1,15 @@
 # ChangeLog for x11-terms/xterm
 # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/x11-terms/xterm/ChangeLog,v 1.143 2006/06/14 10:58:22 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/x11-terms/xterm/ChangeLog,v 1.144 2006/06/20 21:17:05 exg Exp $
+
+*xterm-215 (20 Jun 2006)
+
+  20 Jun 2006; Emanuele Giaquinta <exg@gentoo.org> +xterm-215.ebuild:
+  Security bump. Failure to check the return value of setuid() in a privileged
+  process could be used by a local user for file overwriting and possible
+  privilege escalation in corner cases. See
+  http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for more
+  information.
 
   14 Jun 2006; Jeroen Roovers <jer@gentoo.org> xterm-212-r3.ebuild:
   Stable for hppa (bug #136546).
index 0b4d29949bd081aba71890f5742404276aa34a46..2a3f1af7d38bb49c4a4466b6286148dfa775f084 100644 (file)
@@ -5,6 +5,7 @@ SHA256 41616cb3a3dd687b9c5e1e60ff0e5ebfc6a116f3e0de89c86705235ecfc6203f files/xt
 DIST xterm-207.tgz 745083 RMD160 225aafce1de43212e0cd86da953e99a1a9121a05 SHA1 12a37a18e337315a3526a6a71571aaea94d73ca8 SHA256 652f579171e6e8f73c13ab6b060d2447ae35ebfbd39a6002b7c05a1dfc0f7eb8
 DIST xterm-212.tgz 764465 RMD160 2808cdf3f550ef9df7e83a4844f3f4f64f0508a1 SHA1 1189d9dfeb989362f123d6f5a4d21b5be4deaf93 SHA256 bfd201600c0f0f3c3d9dcfe32fde1db333307a87a4453084bf55a7aa97b3b6ae
 DIST xterm-213.tgz 765077 RMD160 a6419401b30bcdc56f710af8e0bfeba62c101736 SHA1 7b76c63bcc0ccd70a5aa68045da6d51388b93515 SHA256 745ea1f97a8e1cb836802d9433f5f466076953eab915b06448383d40ed2df68e
+DIST xterm-215.tgz 784236 RMD160 458c14aa97503bdac5da3881491de14e2d87f52a SHA1 d2cb4919d3a2bada27c5ff6e32727b9aecb2266a SHA256 4564c646a4a4f56e49e8c8cda1d4aa027e228db2d4bb2a4ad0f055f34373734f
 EBUILD xterm-207-r1.ebuild 2818 RMD160 8cb5bd708100c585eceed156c24d83ab502f5bdb SHA1 dd1aa4ad81533c90edc57eff99d818848918f890 SHA256 913e1723bad1d55c00efd9f8ad18a019892bef4c168f66bc36a919fe3958cec3
 MD5 63a61b7a2471d5c02801f89ac54e5315 xterm-207-r1.ebuild 2818
 RMD160 8cb5bd708100c585eceed156c24d83ab502f5bdb xterm-207-r1.ebuild 2818
@@ -29,10 +30,14 @@ EBUILD xterm-213.ebuild 2619 RMD160 d4a7de736a1511746edf72d96cd919bf97cd3983 SHA
 MD5 4bdb247b49d76e86ee3a9688a09f633b xterm-213.ebuild 2619
 RMD160 d4a7de736a1511746edf72d96cd919bf97cd3983 xterm-213.ebuild 2619
 SHA256 dfb16db614d07356bf924efc71713fe2bc18ccb52b57281ec058cae6b8767939 xterm-213.ebuild 2619
-MISC ChangeLog 20857 RMD160 87da98668bc2a4f70add95a9d81e986e8ac3ef92 SHA1 3664c5e433f8089b63b8bdd7af44baa115b483ba SHA256 1d2704889aa302d900302477144309fac1f97ca4d61c2bd37d842bd1c332dbd3
-MD5 7b142cf9ea00f1ee499d0ffdd1ea417f ChangeLog 20857
-RMD160 87da98668bc2a4f70add95a9d81e986e8ac3ef92 ChangeLog 20857
-SHA256 1d2704889aa302d900302477144309fac1f97ca4d61c2bd37d842bd1c332dbd3 ChangeLog 20857
+EBUILD xterm-215.ebuild 2414 RMD160 01207f96b157ff070a49a97c25d06babd32400bb SHA1 fd5d138fae27f677a50ae0c1d826347bffcf0729 SHA256 4cba8884db2186b779cd3e1350a74d80585faf2ff2f535e13fda0b3225e260cc
+MD5 e184c19fdb0956952bf257a51fb3bed1 xterm-215.ebuild 2414
+RMD160 01207f96b157ff070a49a97c25d06babd32400bb xterm-215.ebuild 2414
+SHA256 4cba8884db2186b779cd3e1350a74d80585faf2ff2f535e13fda0b3225e260cc xterm-215.ebuild 2414
+MISC ChangeLog 21242 RMD160 f6a6db05c22fd54c4c737742206b983de46d70e2 SHA1 21707643f8853538c0d545a49460bd7915360803 SHA256 188096b777e90c26bbe266ad8f1efff2508e22afb656b8c144e0c8548b25d083
+MD5 b1bab363709f28ad488b3b7ba297adac ChangeLog 21242
+RMD160 f6a6db05c22fd54c4c737742206b983de46d70e2 ChangeLog 21242
+SHA256 188096b777e90c26bbe266ad8f1efff2508e22afb656b8c144e0c8548b25d083 ChangeLog 21242
 MISC metadata.xml 509 RMD160 8260071117978c13f534adbaa2c080d5834420d7 SHA1 9edccd3fe2d180a92790068b5cdde8f47c7c4a3a SHA256 c4cf8fd894af68e5c7249d22885de0dd20b681dc636686d43c3bce7074fdf692
 MD5 0f56141a57f7925bd8470488fa51c330 metadata.xml 509
 RMD160 8260071117978c13f534adbaa2c080d5834420d7 metadata.xml 509
@@ -55,3 +60,6 @@ SHA256 c7d7f85ce52eee14c5651ef2565e887e116be152bc5d64e2c00f6d123c56b717 files/di
 MD5 f1e06625f293203b84c63eecfd95d601 files/digest-xterm-213-r1 220
 RMD160 87ac0aa1fa757179db24e68f5487c2e5c9b9073a files/digest-xterm-213-r1 220
 SHA256 c7d7f85ce52eee14c5651ef2565e887e116be152bc5d64e2c00f6d123c56b717 files/digest-xterm-213-r1 220
+MD5 4cedea1a5eac1efdb432db19adabbe14 files/digest-xterm-215 220
+RMD160 4aa5a97ff7d914a01d1a05e37d0791e73046c9e5 files/digest-xterm-215 220
+SHA256 7517f175c943e594165cc49555b344e09e52039901f6522cecc530e93edf3fc7 files/digest-xterm-215 220
diff --git a/x11-terms/xterm/files/digest-xterm-215 b/x11-terms/xterm/files/digest-xterm-215
new file mode 100644 (file)
index 0000000..d75b4f0
--- /dev/null
@@ -0,0 +1,3 @@
+MD5 8c2a45d4ca754b2cb019242e26f657eb xterm-215.tgz 784236
+RMD160 458c14aa97503bdac5da3881491de14e2d87f52a xterm-215.tgz 784236
+SHA256 4564c646a4a4f56e49e8c8cda1d4aa027e228db2d4bb2a4ad0f055f34373734f xterm-215.tgz 784236
diff --git a/x11-terms/xterm/xterm-215.ebuild b/x11-terms/xterm/xterm-215.ebuild
new file mode 100644 (file)
index 0000000..8bed0a2
--- /dev/null
@@ -0,0 +1,94 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/x11-terms/xterm/xterm-215.ebuild,v 1.1 2006/06/20 21:17:05 exg Exp $
+
+inherit flag-o-matic
+
+DESCRIPTION="Terminal Emulator for X Windows"
+HOMEPAGE="http://dickey.his.com/xterm/"
+SRC_URI="ftp://invisible-island.net/${PN}/${P}.tgz"
+
+LICENSE="X11"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
+IUSE="truetype Xaw3d unicode toolbar"
+
+RDEPEND="|| ( (        x11-libs/libX11
+               x11-libs/libXrender
+               x11-libs/libXt
+               x11-libs/libXmu
+               x11-libs/libxkbfile
+               x11-libs/libXft
+               x11-libs/libXaw
+               unicode? ( x11-apps/luit ) )
+       virtual/x11 )
+       Xaw3d? ( x11-libs/Xaw3d )
+       sys-libs/libutempter"
+
+DEPEND="${RDEPEND}
+       || ( x11-proto/xproto virtual/x11 )"
+
+pkg_setup() {
+       if has_version "x11-libs/libX11"; then
+               DEFAULTS_DIR="/usr/share/X11/app-defaults"
+       else
+               DEFAULTS_DIR="/etc/X11/app-defaults"
+       fi
+}
+
+src_compile() {
+       filter-flags "-fstack-protector"
+
+       local myconf=""
+
+       if has_version "x11-libs/libX11"; then
+               myconf="--disable-narrowproto"
+       fi
+
+       econf \
+               --libdir=/etc \
+               --with-x \
+               --with-utempter \
+               --disable-setuid \
+               --disable-full-tgetent \
+               --disable-imake \
+               --enable-ansi-color \
+               --enable-256-color \
+               --enable-broken-osc \
+               --enable-broken-st \
+               --enable-load-vt-fonts \
+               --enable-i18n \
+               --enable-wide-chars \
+               --enable-doublechars \
+               --enable-warnings \
+               --enable-tcap-query \
+               --enable-logging \
+               --enable-dabbrev \
+               --with-app-defaults=${DEFAULTS_DIR} \
+               $(use_enable toolbar) \
+               $(use_enable truetype freetype) \
+               $(use_enable unicode luit) $(use_enable unicode mini-luit) \
+               $(use_with Xaw3d) \
+               ${myconf} \
+               || die
+
+       emake || die "failed to compile xterm"
+}
+
+src_install() {
+       make DESTDIR=${D} install || die
+       dodoc README{,.i18n} ctlseqs.txt xterm.log.html
+
+       # Fix permissions -- it grabs them from live system, and they can
+       # be suid or sgid like they were in pre-unix98 pty or pre-utempter days,
+       # respectively (#69510).
+       # (info from Thomas Dickey) - Donnie Berkholz <spyderous@gentoo.org>
+       fperms 0755 /usr/bin/xterm
+
+       # restore the navy blue
+       sed -i "s:blue2$:blue:" ${D}${DEFAULTS_DIR}/XTerm-color
+
+       # Fix for bug #91453 at Thomas Dickey's suggestion:
+       echo "*allowWindowOps:  false" >> ${D}/${DEFAULTS_DIR}/XTerm
+       echo "*allowWindowOps:  false" >> ${D}/${DEFAULTS_DIR}/UXTerm
+}