rpms/device-mapper-multipath/F-9 multipath-fix-umask.patch, NONE, 1.1 device-mapper-multipath.spec, 1.45, 1.46
Milan Broz
mbroz at fedoraproject.org
Tue Apr 7 19:46:37 UTC 2009
- Previous message: rpms/ikiwiki/devel .cvsignore, 1.19, 1.20 ikiwiki.spec, 1.21, 1.22 import.log, 1.19, 1.20 sources, 1.19, 1.20
- Next message: rpms/revisor/F-10 .cvsignore, 1.23, 1.24 import.log, 1.6, 1.7 revisor.spec, 1.45, 1.46 sources, 1.48, 1.49
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mbroz
Update of /cvs/pkgs/rpms/device-mapper-multipath/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv10106
Modified Files:
device-mapper-multipath.spec
Added Files:
multipath-fix-umask.patch
Log Message:
Fix insecure permissions on multipathd.sock (CVE-2009-0115)
multipath-fix-umask.patch:
--- NEW FILE multipath-fix-umask.patch ---
--- multipath-tools.old/multipathd/main.c 2009-04-02 12:22:37.000000000 +0200
+++ multipath-tools/multipathd/main.c 2009-04-02 12:25:13.000000000 +0200
@@ -718,6 +718,7 @@ uxlsnrloop (void * ap)
set_handler_callback(REINSTATE+PATH, cli_reinstate);
set_handler_callback(FAIL+PATH, cli_fail);
+ umask(077);
uxsock_listen(&uxsock_trigger, ap);
return NULL;
@@ -1436,7 +1437,6 @@ daemonize(void)
close(in_fd);
close(out_fd);
chdir("/");
- umask(0);
return 0;
}
Index: device-mapper-multipath.spec
===================================================================
RCS file: /cvs/pkgs/rpms/device-mapper-multipath/F-9/device-mapper-multipath.spec,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -r1.45 -r1.46
--- device-mapper-multipath.spec 23 Jun 2008 21:36:57 -0000 1.45
+++ device-mapper-multipath.spec 7 Apr 2009 19:46:07 -0000 1.46
@@ -1,7 +1,7 @@
Summary: Tools to manage multipath devices using device-mapper
Name: device-mapper-multipath
Version: 0.4.7
-Release: 16%{?dist}
+Release: 17%{?dist}
License: GPL+
Group: System Environment/Base
URL: http://christophe.varoqui.free.fr/
@@ -9,6 +9,7 @@
Patch0: multipath-tools-0.4.7.head2-sparc64fix.patch
Patch1: multipath-bustosubsystem.patch
Patch2: multipath-tools-0.4.7.head2-nostatic.patch
+Patch3: multipath-fix-umask.patch
Requires: kpartx = %{version}-%{release}
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires(post): chkconfig
@@ -38,6 +39,7 @@
%patch0 -p1 -b .sparc64
%patch1 -p1 -b .bustosubsystem
%patch2 -p1 -b .nostatic
+%patch3 -p1 -b .umask
%build
make DESTDIR=$RPM_BUILD_ROOT
@@ -85,6 +87,9 @@
%{_mandir}/man8/kpartx.8.gz
%changelog
+* Thu Apr 7 2009 Milan Broz <mbroz at redhat.com> - 0.4.8-17
+- Fix insecure permissions on multipathd.sock (CVE-2009-0115)
+
* Mon Jun 23 2008 Benjamin Marzinski <bmarzins at redhat.com> -0.4.7-16
- Fix for bz #451415
- /sbin/multipath.static in no longer a symlink to the non-static version.
- Previous message: rpms/ikiwiki/devel .cvsignore, 1.19, 1.20 ikiwiki.spec, 1.21, 1.22 import.log, 1.19, 1.20 sources, 1.19, 1.20
- Next message: rpms/revisor/F-10 .cvsignore, 1.23, 1.24 import.log, 1.6, 1.7 revisor.spec, 1.45, 1.46 sources, 1.48, 1.49
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list