Author: ag
Date: 2008-05-12 12:58:01 -0600 (Mon, 12 May 2008)
New Revision: 1948
Added:
trunk/rxvt-unicode/
trunk/rxvt-unicode/rxvt-unicode-9.02-CVE-2008-1142-DISPLAY.patch
Log:
Add CVE-2008-1142 rxvt-unicode patch
Added: trunk/rxvt-unicode/rxvt-unicode-9.02-CVE-2008-1142-DISPLAY.patch
===================================================================
--- trunk/rxvt-unicode/rxvt-unicode-9.02-CVE-2008-1142-DISPLAY.patch
(rev 0)
+++ trunk/rxvt-unicode/rxvt-unicode-9.02-CVE-2008-1142-DISPLAY.patch
2008-05-12 18:58:01 UTC (rev 1948)
@@ -0,0 +1,31 @@
+Submitted By: Agathoklis Hatzimanikas (ag at linuxfromscratch dot org)
+Date: 2008-05-12
+Initial Package Version: 9.02
+Origin: Gentoo
+Upstream Status: Unknown
+Description: Fixes http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1142
+
+diff -urN rxvt-unicode-9.02.orig/src/init.C rxvt-unicode-9.02/src/init.C
+--- rxvt-unicode-9.02.orig/src/init.C 2008-05-04 20:16:26.000000000 +0200
++++ rxvt-unicode-9.02/src/init.C 2008-05-04 20:24:14.000000000 +0200
+@@ -372,15 +372,16 @@
+ * Open display, get options/resources and create the window
+ */
+
+- if ((rs[Rs_display_name] = getenv ("DISPLAY")) == NULL)
+- rs[Rs_display_name] = ":0";
++ rs[Rs_display_name] = getenv ("DISPLAY");
+
+ get_options (r_argc, r_argv);
+
+- if (!(display = displays.get (rs[Rs_display_name])))
++ if (!rs[Rs_display_name] || !(display = displays.get (rs[Rs_display_name])))
+ {
+ free (r_argv);
+- rxvt_fatal ("can't open display %s, aborting.\n", rs[Rs_display_name]);
++ rxvt_fatal ("can't open display %s, aborting.\n",
++ (rs[Rs_display_name] ? rs[Rs_display_name] :
++ "as no -display option given and DISPLAY not set"));
+ }
+
+ // using a local pointer decreases code size a lot
--
http://linuxfromscratch.org/mailman/listinfo/patches
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
