rpms/xorg-x11-xinit/FC-5 xinit-1.0.1-setuid.patch, NONE, 1.1 xorg-x11-xinit.spec, 1.17, 1.18
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Jun 28 08:51:50 UTC 2006
Author: mharris
Update of /cvs/dist/rpms/xorg-x11-xinit/FC-5
In directory cvs.devel.redhat.com:/tmp/cvs-serv7912
Modified Files:
xorg-x11-xinit.spec
Added Files:
xinit-1.0.1-setuid.patch
Log Message:
* Wed Jun 28 2006 Mike A. Harris <mharris at redhat.com> 1.0.1-2.FC5.0
- Added xinit-1.0.1-setuid.patch to fix potential security issue (#196126)
- Added "BuildRequires: pkgconfig" for bug (#194187)
- Added documentation to doc macro.
- Build new package for official FC5 update.
xinit-1.0.1-setuid.patch:
xinit.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletion(-)
--- NEW FILE xinit-1.0.1-setuid.patch ---
Index: xinit.c
===================================================================
RCS file: /cvs/xorg/app/xinit/xinit.c,v
retrieving revision 1.4
diff -u -r1.4 xinit.c
--- xinit.c 4 Oct 2005 01:27:34 -0000 1.4
+++ xinit.c 19 Jun 2006 21:31:58 -0000
@@ -692,7 +692,10 @@
startClient(char *client[])
{
if ((clientpid = vfork()) == 0) {
- setuid(getuid());
+ if (setuid(getuid()) == -1) {
+ Error("cannot change uid: %s\n", strerror(errno));
+ _exit(ERR_EXIT);
+ }
setpgrp(0, getpid());
environ = newenviron;
#ifdef __UNIXOS2__
Index: xorg-x11-xinit.spec
===================================================================
RCS file: /cvs/dist/rpms/xorg-x11-xinit/FC-5/xorg-x11-xinit.spec,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- xorg-x11-xinit.spec 1 Mar 2006 07:09:45 -0000 1.17
+++ xorg-x11-xinit.spec 28 Jun 2006 08:51:47 -0000 1.18
@@ -1,15 +1,16 @@
%define pkgname xinit
+%define xinitver 1.0.1
Summary: X.Org X11 X Window System xinit startup scripts
Name: xorg-x11-%{pkgname}
-Version: 1.0.1
-Release: 2
+Version: %{xinitver}
+Release: 2.FC5.0
License: MIT/X11
Group: User Interface/X
URL: http://www.x.org
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
-Source0: http://xorg.freedesktop.org/releases/X11R7.0/src/everything/%{pkgname}-%{version}.tar.bz2
+Source0: http://xorg.freedesktop.org/releases/individual/app/%{pkgname}-%{version}.tar.bz2
Source10: xinitrc-common
Source11: xinitrc
Source12: Xclients
@@ -20,6 +21,9 @@
# here instead of the xdm package.
Source16: Xsession
+Patch0: xinit-1.0.1-setuid.patch
+
+BuildRequires: pkgconfig
BuildRequires: libX11-devel
# NOTE: startx needs xauth in order to run, but that is not picked up
# automatically by rpm. (Bug #173684)
@@ -39,6 +43,7 @@
%prep
%setup -q -n %{pkgname}-%{version}
+%patch0 -p0 -b .setuid
%build
%configure
@@ -72,7 +77,7 @@
%files
%defattr(-,root,root,-)
-%doc
+%doc AUTHORS COPYING INSTALL README NEWS ChangeLog
%{_bindir}/startx
%{_bindir}/xinit
%dir %{_sysconfdir}/X11
@@ -91,6 +96,12 @@
%{_mandir}/man1/xinit.1x*
%changelog
+* Wed Jun 28 2006 Mike A. Harris <mharris at redhat.com> 1.0.1-2.FC5.0
+- Added xinit-1.0.1-setuid.patch to fix potential security issue (#196126)
+- Added "BuildRequires: pkgconfig" for bug (#194187)
+- Added documentation to doc macro.
+- Build new package for official FC5 update.
+
* Thu Feb 16 2006 Mike A. Harris <mharris at redhat.com> 1.0.1-2
- Change Conflicts to Obsoletes for xorg-x11 and XFree86 (#181414)
More information about the fedora-cvs-commits
mailing list