diff options
author | Mihai Moldovan <ionic@ionic.de> | 2017-12-15 12:55:17 +0100 |
---|---|---|
committer | Mihai Moldovan <ionic@ionic.de> | 2017-12-15 12:55:17 +0100 |
commit | 1dad092caf01d733990648e6df64cbf964df5143 (patch) | |
tree | 39de0e643e76754a3e23ca9dd0350b8ba4f76250 /debian/patches/1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch | |
parent | 6d70b9e3c47f27a166f4aacb522c5c1e49092dd9 (diff) | |
parent | 2b9025f797ee322e21077e100c2ee27c2e7fa0e0 (diff) | |
download | nx-libs-1dad092caf01d733990648e6df64cbf964df5143.tar.gz nx-libs-1dad092caf01d733990648e6df64cbf964df5143.tar.bz2 nx-libs-1dad092caf01d733990648e6df64cbf964df5143.zip |
Merge branch '3.6.x'
Diffstat (limited to 'debian/patches/1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch')
-rw-r--r-- | debian/patches/1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch | 24 |
1 files changed, 0 insertions, 24 deletions
diff --git a/debian/patches/1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch b/debian/patches/1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch deleted file mode 100644 index a2dcdd653..000000000 --- a/debian/patches/1002-Fix-CVE-2011-4028-File-disclosure-vulnerability.full.patch +++ /dev/null @@ -1,24 +0,0 @@ -From df4a3b7270539843ae76275485ca76efcdf361d9 Mon Sep 17 00:00:00 2001 -From: Mike DePaulo <mikedep333@gmail.com> -Date: Sun, 8 Feb 2015 19:16:38 -0500 -Subject: [PATCH 02/40] Fix CVE-2011-4028: File disclosure vulnerability. - upstream xorg/xserver commit 6ba44b91e37622ef8c146d8f2ac92d708a18ed34 - -use O_NOFOLLOW to open the existing lock file, so symbolic links -aren't followed, thus avoid revealing if it point to an existing -file. ---- - nx-X11/programs/Xserver/os/utils.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/nx-X11/programs/Xserver/os/utils.c -+++ b/nx-X11/programs/Xserver/os/utils.c -@@ -483,7 +483,7 @@ LockServer(void) - /* - * Read the pid from the existing file - */ -- lfd = open(LockFile, O_RDONLY); -+ lfd = open(LockFile, O_RDONLY|O_NOFOLLOW); - if (lfd < 0) { - unlink(tmp); - FatalError("Can't read lock file %s\n", LockFile); |