On Fri, Jan 21, 2011 at 05:20:55PM -0500, Andres Rodriguez wrote: > Greetins, > > I'm forwarding this patch for *cluster-agents*, which is included in debian > packages, and might be of your interest: > > From 5cdbbe5a5234c1bd26f7fe2a5c59abeb76e6e18c Mon Sep 17 00:00:00 2001 > From: Jari Aalto <[email protected]> > Date: Tue, 19 Oct 2010 13:32:54 +0300 > Subject: [PATCH] CVE-2010-3389 insecure library loading Bug#598549 > Organization: Private > Content-Type: text/plain; charset="utf-8" > Content-Transfer-Encoding: 8bit > > Signed-off-by: Jari Aalto <[email protected]> > --- > heartbeat/SAPDatabase | 7 +++++-- > heartbeat/SAPInstance | 7 +++++-- > 2 files changed, 10 insertions(+), 4 deletions(-) > > Index: cluster-agents-1.0.3/heartbeat/SAPDatabase
Addressed upstream, http://hg.linux-ha.org/agents/rev/2773e5850003 Dejan, Florian: we really should release a new agents someday ;-) > =================================================================== > --- cluster-agents-1.0.3.orig/heartbeat/SAPDatabase 2011-01-20 > 16:33:31.178808000 -0500 > +++ cluster-agents-1.0.3/heartbeat/SAPDatabase 2011-01-21 17:16:08.190680002 > -0500 > @@ -966,8 +966,11 @@ > fi > > # as root user we need the library path to the SAP kernel to be able to > call executables > -if [ `echo $LD_LIBRARY_PATH | grep -c "^$DIR_EXECUTABLE\>"` -eq 0 ]; then > - LD_LIBRARY_PATH=$DIR_EXECUTABLE:$LD_LIBRARY_PATH; export LD_LIBRARY_PATH > +if [ "$DIR_EXECUTABLE" ]; then > + if [ `echo $LD_LIBRARY_PATH | grep -c "^$DIR_EXECUTABLE\>"` -eq 0 ]; then > + > LD_LIBRARY_PATH="$DIR_EXECUTABLE${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}" > + export LD_LIBRARY_PATH > + fi > fi > sidadm="`echo $SID | tr [:upper:] [:lower:]`adm" > > Index: cluster-agents-1.0.3/heartbeat/SAPInstance > =================================================================== > --- cluster-agents-1.0.3.orig/heartbeat/SAPInstance 2011-01-20 > 16:33:31.178808000 -0500 > +++ cluster-agents-1.0.3/heartbeat/SAPInstance 2011-01-21 17:16:08.200680002 > -0500 > @@ -296,8 +296,11 @@ > fi > > # as root user we need the library path to the SAP kernel to be able to > call sapcontrol > - if [ `echo $LD_LIBRARY_PATH | grep -c "^$DIR_EXECUTABLE\>"` -eq 0 ]; then > - LD_LIBRARY_PATH=$DIR_EXECUTABLE:$LD_LIBRARY_PATH; export > LD_LIBRARY_PATH > + if [ "$DIR_EXECUTABLE" ]; then > + if [ `echo $LD_LIBRARY_PATH | grep -c "^$DIR_EXECUTABLE\>"` -eq 0 ]; > then > + LD_LIBRARY_PATH="$DIR_EXECUTABLE${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}" > + export LD_LIBRARY_PATH > + fi > fi > > sidadm="`echo $SID | tr [:upper:] [:lower:]`adm" > > > -- > Andres Rodriguez (RoAkSoAx) > Ubuntu MOTU Developer > Systems Engineer -- : Lars Ellenberg : LINBIT | Your Way to High Availability : DRBD/HA support and consulting http://www.linbit.com DRBD® and LINBIT® are registered trademarks of LINBIT, Austria. _______________________________________________________ Linux-HA-Dev: [email protected] http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev Home Page: http://linux-ha.org/
