rpms/device-mapper-multipath/devel fix_umask.patch, NONE, 1.1 device-mapper-multipath.spec, 1.54, 1.55
Milan Broz
mbroz at fedoraproject.org
Tue Apr 7 19:39:57 UTC 2009
- Previous message: rpms/waf/devel waf-1.5.4-libdir.patch, NONE, 1.1 .cvsignore, 1.10, 1.11 import.log, 1.5, 1.6 sources, 1.10, 1.11 waf.spec, 1.13, 1.14 waf-1.5.2-libdir.patch, 1.1, NONE
- Next message: rpms/device-mapper-multipath/F-10 fix_umask.patch, NONE, 1.1 device-mapper-multipath.spec, 1.53, 1.54
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mbroz
Update of /cvs/pkgs/rpms/device-mapper-multipath/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv8218
Modified Files:
device-mapper-multipath.spec
Added Files:
fix_umask.patch
Log Message:
Fix insecure permissions on multipathd.sock (CVE-2009-0115)
fix_umask.patch:
--- NEW FILE fix_umask.patch ---
--- multipath-tools.old/multipathd/main.c 2009-04-02 12:22:37.000000000 +0200
+++ multipath-tools/multipathd/main.c 2009-04-02 12:25:13.000000000 +0200
@@ -718,6 +718,7 @@ uxlsnrloop (void * ap)
set_handler_callback(REINSTATE+PATH, cli_reinstate);
set_handler_callback(FAIL+PATH, cli_fail);
+ umask(077);
uxsock_listen(&uxsock_trigger, ap);
return NULL;
@@ -1436,7 +1437,6 @@ daemonize(void)
close(in_fd);
close(out_fd);
chdir("/");
- umask(0);
return 0;
}
Index: device-mapper-multipath.spec
===================================================================
RCS file: /cvs/pkgs/rpms/device-mapper-multipath/devel/device-mapper-multipath.spec,v
retrieving revision 1.54
retrieving revision 1.55
diff -u -r1.54 -r1.55
--- device-mapper-multipath.spec 6 Mar 2009 12:53:14 -0000 1.54
+++ device-mapper-multipath.spec 7 Apr 2009 19:39:27 -0000 1.55
@@ -1,7 +1,7 @@
Summary: Tools to manage multipath devices using device-mapper
Name: device-mapper-multipath
Version: 0.4.8
-Release: 9%{?dist}
+Release: 10%{?dist}
License: GPL+
Group: System Environment/Base
URL: http://christophe.varoqui.free.fr/
@@ -20,6 +20,7 @@
Patch11: directio_message_cleanup.patch
Patch12: binding_error.patch
Patch13: fix_kpartx.patch
+Patch14: fix_umask.patch
Requires: kpartx = %{version}-%{release}
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires(post): chkconfig
@@ -60,6 +61,7 @@
%patch11 -p1 -b .directio_message
%patch12 -p1 -b .binding_error
%patch13 -p1 -b .ext_part
+%patch14 -p1 -b .umask
%build
make %{?_smp_mflags} DESTDIR=$RPM_BUILD_ROOT
@@ -111,6 +113,9 @@
%{_mandir}/man8/kpartx.8.gz
%changelog
+* Thu Apr 7 2009 Milan Broz <mbroz at redhat.com> - 0.4.8-10
+- Fix insecure permissions on multipathd.sock (CVE-2009-0115)
+
* Fri Mar 6 2009 Milan Broz <mbroz at redhat.com> - 0.4.8-9
- Fix kpartx extended partition handling (475283)
- Previous message: rpms/waf/devel waf-1.5.4-libdir.patch, NONE, 1.1 .cvsignore, 1.10, 1.11 import.log, 1.5, 1.6 sources, 1.10, 1.11 waf.spec, 1.13, 1.14 waf-1.5.2-libdir.patch, 1.1, NONE
- Next message: rpms/device-mapper-multipath/F-10 fix_umask.patch, NONE, 1.1 device-mapper-multipath.spec, 1.53, 1.54
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list