Hello community, here is the log from the commit of package thttpd for openSUSE:Factory checked in at 2013-12-04 12:32:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/thttpd (Old) and /work/SRC/openSUSE:Factory/.thttpd.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "thttpd" Changes: -------- --- /work/SRC/openSUSE:Factory/thttpd/thttpd.changes 2013-06-28 19:28:56.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.thttpd.new/thttpd.changes 2013-12-04 12:32:08.000000000 +0100 @@ -1,0 +2,6 @@ +Tue Dec 3 14:31:18 UTC 2013 - [email protected] + +- fix CVE-2013-0348 (bnc#853381) + * don't create a world readable logfile + +------------------------------------------------------------------- New: ---- thttpd-CVE-2013-0348.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ thttpd.spec ++++++ --- /var/tmp/diff_new_pack.BthcGc/_old 2013-12-04 12:32:08.000000000 +0100 +++ /var/tmp/diff_new_pack.BthcGc/_new 2013-12-04 12:32:08.000000000 +0100 @@ -38,6 +38,7 @@ Patch12: thttpd-2.25b-getline.patch # PATCH-FIX-SUSE CVE-2012-5640 Patch13: thttpd-2.25b-CVE-2012-5640-check_crypt_return_value.patch +Patch14: thttpd-CVE-2013-0348.patch Url: http://www.acme.com/software/thttpd/ BuildRoot: %{_tmppath}/%{name}-%{version}-build Summary: Small and very simple webserver @@ -78,6 +79,7 @@ %patch11 %patch12 %patch13 -p1 +%patch14 -p1 %build cp /usr/share/automake-1.*/config.* . ++++++ thttpd-CVE-2013-0348.patch ++++++ >From d2e186dbd58d274a0dea9b59357edc8498b5388d Mon Sep 17 00:00:00 2001 From: "Anthony G. Basile" <[email protected]> Date: Tue, 26 Feb 2013 14:28:26 -0500 Subject: [PATCH] src/thttpd.c: Fix world readable log, CVE-2013-0348. Make sure that the logfile is created or reopened as read/write by thttpd user only. X-gentoo-Bug: 458896 X-gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=458896 Reported-by: Agostino Sarubbo <[email protected]> Signed-off-by: Anthony G. Basile <[email protected]> --- src/thttpd.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) Index: thttpd-2.25b/thttpd.c =================================================================== --- thttpd-2.25b.orig/thttpd.c 2013-12-03 15:38:31.719334530 +0100 +++ thttpd-2.25b/thttpd.c 2013-12-03 15:38:31.754334893 +0100 @@ -331,6 +331,7 @@ static void re_open_logfile( void ) { FILE* logfp; + int retchmod; if ( no_log || hs == (httpd_server*) 0 ) return; @@ -340,7 +341,8 @@ re_open_logfile( void ) { syslog( LOG_NOTICE, "re-opening logfile" ); logfp = fopen( logfile, "a" ); - if ( logfp == (FILE*) 0 ) + retchmod = chmod( logfile, S_IRUSR|S_IWUSR ); + if ( logfp == (FILE*) 0 || retchmod != 0 ) { syslog( LOG_CRIT, "re-opening %.80s - %m", logfile ); return; @@ -360,6 +362,7 @@ main( int argc, char** argv ) gid_t gid = 32767; char cwd[MAXPATHLEN+1]; FILE* logfp; + int retchmod; int num_ready; int cnum; connecttab* c; @@ -429,7 +432,8 @@ main( int argc, char** argv ) else { logfp = fopen( logfile, "a" ); - if ( logfp == (FILE*) 0 ) + retchmod = chmod( logfile, S_IRUSR|S_IWUSR ); + if ( logfp == (FILE*) 0 || retchmod != 0 ) { syslog( LOG_CRIT, "%.80s - %m", logfile ); perror( logfile ); -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
