diff options
author | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2014-07-23 15:07:04 +0200 |
---|---|---|
committer | Jörg Frings-Fürst <debian@jff-webhosting.net> | 2014-07-23 15:07:04 +0200 |
commit | 1acb8ee5140d8a2d474700987435bc0630cb24f2 (patch) | |
tree | ee04e68e7699b21b235a16c667d27348a71b1d03 /debian/patches/112_fix_CVE-2011-4339.patch | |
parent | 777af8a8761d05c30588abec7444b143fe7393f0 (diff) |
New maintainerdebian/1.8.14-3
Diffstat (limited to 'debian/patches/112_fix_CVE-2011-4339.patch')
-rw-r--r-- | debian/patches/112_fix_CVE-2011-4339.patch | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/debian/patches/112_fix_CVE-2011-4339.patch b/debian/patches/112_fix_CVE-2011-4339.patch new file mode 100644 index 0000000..f67b845 --- /dev/null +++ b/debian/patches/112_fix_CVE-2011-4339.patch @@ -0,0 +1,21 @@ +Description: CVE-2011-4339 + insecure file permission when creating PID files + based on 112_fix_CVE-2011-4339 +Author: Jörg Frings-Fürst <debian@jff-webhosting.net> +Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651917 +Forwarded: https://sourceforge.net/p/ipmitool/patches/99/ +Last-Update: 2014-05-18 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/lib/helper.c +=================================================================== +--- trunk.orig/lib/helper.c 2014-05-18 18:50:55.000000000 +0200 ++++ trunk/lib/helper.c 2014-05-18 19:30:41.275908129 +0200 +@@ -657,7 +657,6 @@ + #endif + + chdir("/"); +- umask(0); + + for (fd=0; fd<64; fd++) { + if (fd != intf->fd) |