[pkgsrc/trunk]: pkgsrc/x11 Fix CVE-2006-0745: Comparing the address of geteui...

[joerg <joerg%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/b7745e2a79d2
branches:  trunk
changeset: 509976:b7745e2a79d2
user:      joerg <joerg%pkgsrc.org@localhost>
date:      Mon Mar 20 21:34:59 2006 +0000

description:
Fix CVE-2006-0745: Comparing the address of geteuid and 0 to detect
whether the server was started by non-root is not likely to ever work.
This could allow a local user to override system files or run arbitrary
code.  Patch from the original advisory. Bump revision of xorg-server.

diffstat:

 x11/xorg-libs/distinfo         |   3 ++-
 x11/xorg-libs/patches/patch-bm |  20 ++++++++++++++++++++
 x11/xorg-server/Makefile       |   4 ++--
 3 files changed, 24 insertions(+), 3 deletions(-)

diffs (52 lines):

diff -r 33f16aa8d063 -r b7745e2a79d2 x11/xorg-libs/distinfo
--- a/x11/xorg-libs/distinfo    Mon Mar 20 19:59:21 2006 +0000
+++ b/x11/xorg-libs/distinfo    Mon Mar 20 21:34:59 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.37 2006/03/02 23:57:14 joerg Exp $
+$NetBSD: distinfo,v 1.38 2006/03/20 21:34:59 joerg Exp $
 
 SHA1 (X11R6.9.0-src1.tar.gz) = a6c077ed8fdeee5fe1956a427c4cb0bc266e1bef
 RMD160 (X11R6.9.0-src1.tar.gz) = d12270a4f41a3ceee4bfd5da22d387a3aa707df8
@@ -43,3 +43,4 @@
 SHA1 (patch-bf) = 753c56b84a6859fa4048d88a53f9c04400525d72
 SHA1 (patch-bg) = 3db63fcbe81d9f801ccac6353ad4a213a15c3ffe
 SHA1 (patch-bl) = ccfd290ebffc08b9cd03b7eb83a9671b0e16baec
+SHA1 (patch-bm) = f9b73b7c1bd7d6d6db6d23741d5d1125eea5f860
diff -r 33f16aa8d063 -r b7745e2a79d2 x11/xorg-libs/patches/patch-bm
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/xorg-libs/patches/patch-bm    Mon Mar 20 21:34:59 2006 +0000
@@ -0,0 +1,20 @@
+--- programs/Xserver/hw/xfree86/common/xf86Init.c.orig 2006-03-17 23:30:10.000000000 +0200
++++ programs/Xserver/hw/xfree86/common/xf86Init.c      2006-03-17 23:29:35.000000000 +0200
+@@ -1376,7 +1376,7 @@
+     }
+   
+   /* First the options that are only allowed for root */
+-  if (getuid() == 0 || geteuid != 0)
++  if (getuid() == 0 || geteuid() != 0)
+   {
+     if (!strcmp(argv[i], "-modulepath"))
+     {
+@@ -1679,7 +1679,7 @@
+   }
+   if (!strcmp(argv[i], "-configure"))
+   {
+-    if (getuid() != 0 && geteuid == 0) {
++    if (getuid() != 0 && geteuid() == 0) {
+       ErrorF("The '-configure' option can only be used by root.\n");
+       exit(1);
+     }
diff -r 33f16aa8d063 -r b7745e2a79d2 x11/xorg-server/Makefile
--- a/x11/xorg-server/Makefile  Mon Mar 20 19:59:21 2006 +0000
+++ b/x11/xorg-server/Makefile  Mon Mar 20 21:34:59 2006 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.39 2006/03/02 23:57:14 joerg Exp $
+# $NetBSD: Makefile,v 1.40 2006/03/20 21:34:59 joerg Exp $
 
 DISTNAME=      ${DISTFILES}
 PKGNAME=       xorg-server-${XORG_VER}
-PKGREVISION=   6
+PKGREVISION=   7
 CATEGORIES=    x11
 MASTER_SITES=  ${MASTER_SITE_XORG}
 DISTFILES=     X11R${XORG_VER}-src1.tar.gz \