Git-Url: http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=f92924d17dadd7a563d5c4caec2d0f5e915ee264
commit f92924d17dadd7a563d5c4caec2d0f5e915ee264 Author: Miklos Vajna <vmik...@frugalware.org> Date: Mon Mar 29 23:46:21 2010 +0200 pulseaudio-0.9.21-3-i686 - add CVE-2009-1299.patch diff --git a/source/multimedia-extra/pulseaudio/CVE-2009-1299.patch b/source/multimedia-extra/pulseaudio/CVE-2009-1299.patch new file mode 100644 index 0000000..dc7f822 --- /dev/null +++ b/source/multimedia-extra/pulseaudio/CVE-2009-1299.patch @@ -0,0 +1,57 @@ +diff -uNrp pulseaudio-0.9.22~0.9.21+stable-queue-32-g8478~/configure.ac pulseaudio-0.9.22~0.9.21+stable-queue-32-g8478/configure.ac +--- pulseaudio-0.9.22~0.9.21+stable-queue-32-g8478~/configure.ac 2010-01-17 15:54:19.000000000 -0800 ++++ pulseaudio-0.9.22~0.9.21+stable-queue-32-g8478/configure.ac 2010-03-02 21:19:12.163057106 -0800 +@@ -424,7 +424,7 @@ AC_CHECK_FUNCS_ONCE([lrintf strtof]) + AC_FUNC_FORK + AC_FUNC_GETGROUPS + AC_FUNC_SELECT_ARGTYPES +-AC_CHECK_FUNCS_ONCE([chmod chown clock_gettime getaddrinfo getgrgid_r getgrnam_r \ ++AC_CHECK_FUNCS_ONCE([chmod chown fstat fchown fchmod clock_gettime getaddrinfo getgrgid_r getgrnam_r \ + getpwnam_r getpwuid_r gettimeofday getuid inet_ntop inet_pton mlock nanosleep \ + pipe posix_fadvise posix_madvise posix_memalign setpgid setsid shm_open \ + sigaction sleep sysconf pthread_setaffinity_np]) +diff -uNrp pulseaudio-0.9.22~0.9.21+stable-queue-32-g8478~/src/pulsecore/core-util.c pulseaudio-0.9.22~0.9.21+stable-queue-32-g8478/src/pulsecore/core-util.c +--- pulseaudio-0.9.22~0.9.21+stable-queue-32-g8478~/src/pulsecore/core-util.c 2010-01-17 15:54:20.000000000 -0800 ++++ pulseaudio-0.9.22~0.9.21+stable-queue-32-g8478/src/pulsecore/core-util.c 2010-03-02 21:18:19.573062096 -0800 +@@ -214,16 +214,37 @@ int pa_make_secure_dir(const char* dir, + if (r < 0 && errno != EEXIST) + return -1; + +-#ifdef HAVE_CHOWN ++#ifdef HAVE_FSTAT ++ int fd = open(dir, O_RDONLY); ++ ++ if (fd < 0) ++ goto fail; ++ ++ if (fstat(fd, &st) < 0) { ++ close(fd); ++ goto fail; ++ } ++ ++ if(!S_ISDIR(st.st_mode)) { ++ close(fd); ++ errno = EACCES; ++ goto fail; ++ } ++ ++#ifdef HAVE_FCHOWN + if (uid == (uid_t)-1) + uid = getuid(); + if (gid == (gid_t)-1) + gid = getgid(); +- (void) chown(dir, uid, gid); ++ (void) fchown(fd, uid, gid); ++#endif ++ ++#ifdef HAVE_FCHMOD ++ fchmod(fd, m); + #endif + +-#ifdef HAVE_CHMOD +- chmod(dir, m); ++ close(fd); ++ + #endif + + #ifdef HAVE_LSTAT diff --git a/source/multimedia-extra/pulseaudio/FrugalBuild b/source/multimedia-extra/pulseaudio/FrugalBuild index 0040276..0052c02 100644 --- a/source/multimedia-extra/pulseaudio/FrugalBuild +++ b/source/multimedia-extra/pulseaudio/FrugalBuild @@ -3,7 +3,7 @@ pkgname=pulseaudio pkgver=0.9.21 -pkgrel=2 +pkgrel=3 pkgdesc="PulseAudio is a sound server with an advanced plugin system" url="http://pulseaudio.org/" depends=('speex' 'liboil' 'audiofile' 'libsndfile' 'libtool' 'libatomic_ops' 'libsamplerate' 'flac' 'glib2' \ @@ -14,11 +14,12 @@ groups=('multimedia-extra') archs=('i686' 'x86_64' 'ppc') up2date="Flasttar http://pulseaudio.org/wiki/DownloadPulseAudio#Sourcecode" source=(http://0pointer.de/lennart/projects/$pkgname/$pkgname-$pkgver.tar.gz \ - rc.pulseaudio pulseaudio.sysconfig README.Frugalware) + rc.pulseaudio pulseaudio.sysconfig README.Frugalware CVE-2009-1299.patch) sha1sums=('0309c97f7e0812e243c1bb80a4b74dc26369ac22' \ '484a26a79dc9c66807fcd3edb91ea98513cc95cb' \ 'e95d0cd97ae6b68029487080ba460c412afa0ca0' \ - 'e05930aab23ef8d615dffa9ec818c84c4ee67edf') + 'e05930aab23ef8d615dffa9ec818c84c4ee67edf' \ + '7f694620fed97ee8190fe88956cbaf6023c36005') subpkgs=("pulseaudio-hal" "pulseaudio-esd" "pulseaudio-bluetooth" "pulseaudio-x11" \ "pulseaudio-avahi" "pulseaudio-jack" "pulseaudio-gconf") _______________________________________________ Frugalware-git mailing list Frugalware-git@frugalware.org http://frugalware.org/mailman/listinfo/frugalware-git