diff options
author | Dejan Lesjak <lesi@FreeBSD.org> | 2006-03-21 17:06:39 +0000 |
---|---|---|
committer | Dejan Lesjak <lesi@FreeBSD.org> | 2006-03-21 17:06:39 +0000 |
commit | 6f9bc91b6d3fcc9e917038989a071b7b3615ddc4 (patch) | |
tree | 0ab8fe7967b313636a101f0c7d7b8a9f9df01205 /x11-servers | |
parent | 461e2908dc5593962e640646907b17bf6c97077c (diff) | |
download | ports-6f9bc91b6d3fcc9e917038989a071b7b3615ddc4.tar.gz ports-6f9bc91b6d3fcc9e917038989a071b7b3615ddc4.zip |
Add patch from X.Org, fixing privilege escalation.
Security: http://www.vuxml.org/61534682-b8f4-11da-8e62-000e0c33c2dc
Security: CVE-2006-0745
Notes
Notes:
svn path=/head/; revision=157904
Diffstat (limited to 'x11-servers')
-rw-r--r-- | x11-servers/xorg-server/Makefile | 1 | ||||
-rw-r--r-- | x11-servers/xorg-server/files/patch-CVE-2006-0745 | 20 |
2 files changed, 21 insertions, 0 deletions
diff --git a/x11-servers/xorg-server/Makefile b/x11-servers/xorg-server/Makefile index be20706fa6c6..f8e6b5089906 100644 --- a/x11-servers/xorg-server/Makefile +++ b/x11-servers/xorg-server/Makefile @@ -7,6 +7,7 @@ PORTNAME= xorg-server PORTVERSION= 6.9.0 +PORTREVISION= 1 CATEGORIES= x11-servers MASTER_SITES= ${MASTER_SITE_XORG} MASTER_SITE_SUBDIR= X11R${PORTVERSION}/src diff --git a/x11-servers/xorg-server/files/patch-CVE-2006-0745 b/x11-servers/xorg-server/files/patch-CVE-2006-0745 new file mode 100644 index 000000000000..afb7d4de763d --- /dev/null +++ b/x11-servers/xorg-server/files/patch-CVE-2006-0745 @@ -0,0 +1,20 @@ +--- programs/Xserver/hw/xfree86/common/xf86Init.c.orig 2006-03-17 23:30:10.000000000 +0200 ++++ programs/Xserver/hw/xfree86/common/xf86Init.c 2006-03-17 23:29:35.000000000 +0200 +@@ -1376,7 +1376,7 @@ + } + + /* First the options that are only allowed for root */ +- if (getuid() == 0 || geteuid != 0) ++ if (getuid() == 0 || geteuid() != 0) + { + if (!strcmp(argv[i], "-modulepath")) + { +@@ -1679,7 +1679,7 @@ + } + if (!strcmp(argv[i], "-configure")) + { +- if (getuid() != 0 && geteuid == 0) { ++ if (getuid() != 0 && geteuid() == 0) { + ErrorF("The '-configure' option can only be used by root.\n"); + exit(1); + } |