summaryrefslogtreecommitdiff
path: root/sys-apps/ipmitool/files/ipmitool-1.8.19-CVE-2011-4339.patch
diff options
context:
space:
mode:
Diffstat (limited to 'sys-apps/ipmitool/files/ipmitool-1.8.19-CVE-2011-4339.patch')
-rw-r--r--sys-apps/ipmitool/files/ipmitool-1.8.19-CVE-2011-4339.patch20
1 files changed, 20 insertions, 0 deletions
diff --git a/sys-apps/ipmitool/files/ipmitool-1.8.19-CVE-2011-4339.patch b/sys-apps/ipmitool/files/ipmitool-1.8.19-CVE-2011-4339.patch
new file mode 100644
index 000000000000..4a25280662b5
--- /dev/null
+++ b/sys-apps/ipmitool/files/ipmitool-1.8.19-CVE-2011-4339.patch
@@ -0,0 +1,20 @@
+Description: CVE-2011-4339
+ insecure file permission when creating PID files
+ based on 112_fix_CVE-2011-4339
+Author: Jörg Frings-Fürst <debian@jff-webhosting.net>
+Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651917
+Forwarded: https://sourceforge.net/p/ipmitool/patches/99/
+Last-Update: 2020-10-21
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+diff -Nuar --exclude '*.orig' ipmitool-50d8c36edf9657720e25445a435dabc44572cf5f.orig/lib/helper.c ipmitool-50d8c36edf9657720e25445a435dabc44572cf5f/lib/helper.c
+--- ipmitool-50d8c36edf9657720e25445a435dabc44572cf5f.orig/lib/helper.c 2020-08-07 00:53:06.000000000 -0700
++++ ipmitool-50d8c36edf9657720e25445a435dabc44572cf5f/lib/helper.c 2020-10-21 13:59:02.335206233 -0700
+@@ -917,7 +917,6 @@
+ lprintf(LOG_ERR, "chdir failed: %s (%d)", strerror(errno), errno);
+ exit(1);
+ }
+- umask(0);
+
+ for (fd=0; fd<64; fd++) {
+ if (fd != intf->fd)
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-06 22:14:19 +0000