diff options
author | Cy Schubert <cy@FreeBSD.org> | 2017-01-25 01:36:42 +0000 |
---|---|---|
committer | Cy Schubert <cy@FreeBSD.org> | 2017-01-25 01:36:42 +0000 |
commit | 1cbcdcecea47b92331e2f0381878d2d73477b969 (patch) | |
tree | 3818801074f23f0d147c952f7df1f13b858fff7a /sysutils/screen | |
parent | 34784a3c1d23b07fb51e9ba1133992f8cb9ecf27 (diff) | |
download | ports-1cbcdcecea47b92331e2f0381878d2d73477b969.tar.gz ports-1cbcdcecea47b92331e2f0381878d2d73477b969.zip |
Circumvent a trivial root privilege escalation.
See:
https://lists.gnu.org/archive/html/screen-devel/2017-01/msg00025.html
Reported by: Tim Zingelman <tez@pkgsrc.org>
Security: CVE not assigned yet
Notes
Notes:
svn path=/head/; revision=432410
Diffstat (limited to 'sysutils/screen')
-rw-r--r-- | sysutils/screen/Makefile | 1 | ||||
-rw-r--r-- | sysutils/screen/files/patch-screen.c | 19 |
2 files changed, 18 insertions, 2 deletions
diff --git a/sysutils/screen/Makefile b/sysutils/screen/Makefile index c5aab2594cba..423ee5cb9ee9 100644 --- a/sysutils/screen/Makefile +++ b/sysutils/screen/Makefile @@ -3,6 +3,7 @@ PORTNAME= screen PORTVERSION= 4.5.0 +PORTREVISION= 1 CATEGORIES= sysutils MASTER_SITES= http://ftp.gnu.org/gnu/screen/ \ ftp://ftp.gnu.org/gnu/screen/ \ diff --git a/sysutils/screen/files/patch-screen.c b/sysutils/screen/files/patch-screen.c index b374c0985f3d..141285c558cf 100644 --- a/sysutils/screen/files/patch-screen.c +++ b/sysutils/screen/files/patch-screen.c @@ -1,6 +1,21 @@ --- screen.c.orig 2017-01-17 11:28:29.397404660 -0800 -+++ screen.c 2017-01-18 04:54:50.874421000 -0800 -@@ -2222,7 +2222,7 @@ ++++ screen.c 2017-01-24 17:31:24.342944000 -0800 +@@ -674,11 +674,14 @@ + if (strlen(screenlogfile) > PATH_MAX) + Panic(0, "-L: logfile name too long. (max. %d char)", PATH_MAX); + ++#if 0 ++/* see https://lists.gnu.org/archive/html/screen-devel/2017-01/msg00025.html */ + FILE *w_check; + if ((w_check = fopen(screenlogfile, "w")) == NULL) + Panic(0, "-L: logfile name access problem"); + else + fclose(w_check); ++#endif + } + nwin_options.Lflag = 1; + break; +@@ -2222,7 +2225,7 @@ pn2 = pn = p + padlen; r = winmsg_numrend; while (p >= buf) { |