Sophie

Sophie

distrib > Mageia > 1 > i586 > media > core-updates-src > by-pkgid > df524f73c71c55c575efad0cd3a37ad7 > files > 24

krb5-appl-1.0.1-2.3.2.mga1.src.rpm

diff -Naur -x '*~' -x '*.orig' krb5-appl-1.0.1/configure.ac krb5-appl-1.0.1-CVE-2011-1526/configure.ac
--- krb5-appl-1.0.1/configure.ac	2011-11-01 16:31:30.669419260 +0100
+++ krb5-appl-1.0.1-CVE-2011-1526/configure.ac	2011-11-01 16:32:01.554033144 +0100
@@ -111,6 +111,7 @@
 AC_CHECK_FUNCS(getutmpx grantpt inet_aton initgroups isatty killpg killpg)
 AC_CHECK_FUNCS(line_push ptsname revoke rmufile rresvport_af)
 AC_CHECK_FUNCS(seteuid setlogin setpgid setpriority setresuid setreuid)
+AC_CHECK_FUNCS(setegid setregid setresgid)
 AC_CHECK_FUNCS(setutent setutsent setutxent strsave tcgetpgrp tcsetpgrp)
 AC_CHECK_FUNCS(ttyname unsetenv updwtmp updwtmpx utimes utmpname utmpxname)
 AC_CHECK_FUNCS(vhangup vsnprintf waitpid)
diff -Naur -x '*~' -x '*.orig' krb5-appl-1.0.1/gssftp/ftpd/ftpd.c krb5-appl-1.0.1-CVE-2011-1526/gssftp/ftpd/ftpd.c
--- krb5-appl-1.0.1/gssftp/ftpd/ftpd.c	2011-11-01 16:31:30.673419208 +0100
+++ krb5-appl-1.0.1-CVE-2011-1526/gssftp/ftpd/ftpd.c	2011-11-01 16:32:01.556033120 +0100
@@ -1048,9 +1048,14 @@
 	}
 #endif
 
-	(void) krb5_setegid((gid_t)pw->pw_gid);
-	(void) initgroups(pw->pw_name, pw->pw_gid);
-
+	if (krb5_setegid((gid_t)pw->pw_gid) < 0) {
+		reply(550, "Can't set egid.");
+		goto bad;
+	}
+	if (geteuid() == 0 && initgroups(pw->pw_name, pw->pw_gid) < 0) {
+		reply(550, "Can't initgroups");
+		goto bad;
+	}
 	/* open wtmp before chroot */
 	(void) snprintf(ttyline, sizeof(ttyline), "ftp%ld", (long) getpid());
 	pty_logwtmp(ttyline, pw->pw_name, rhost_sane);
diff -Naur -x '*~' -x '*.orig' krb5-appl-1.0.1/k5-util.h krb5-appl-1.0.1-CVE-2011-1526/k5-util.h
--- krb5-appl-1.0.1/k5-util.h	2009-07-08 23:22:07.000000000 +0200
+++ krb5-appl-1.0.1-CVE-2011-1526/k5-util.h	2011-11-01 16:32:01.556033120 +0100
@@ -69,8 +69,7 @@
 #elif defined(HAVE_SETREUID)
 #  define krb5_seteuid(EUID)	setreuid(geteuid(), (uid_t)(EUID))
 #else
-   /* You need to add a case to deal with this operating system.*/
-#  define krb5_seteuid(EUID)	(errno = EPERM, -1)
+#  error "You need to add a case to deal with this operating system."
 #endif
 
 #ifdef HAVE_SETEGID
@@ -80,8 +79,7 @@
 #elif defined(HAVE_SETREGID)
 #  define krb5_setegid(EGID)	(setregid(getegid(), (gid_t)(EGID)))
 #else
-   /* You need to add a case to deal with this operating system.*/
-#  define krb5_setegid(EGID)	(errno = EPERM, -1)
+#  error "You need to add a case to deal with this operating system."
 #endif
 
 #endif

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional