From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- .../files/CVE-2013-4319-2.x-root-submit-fix.patch | 40 ++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 sys-cluster/torque/files/CVE-2013-4319-2.x-root-submit-fix.patch (limited to 'sys-cluster/torque/files/CVE-2013-4319-2.x-root-submit-fix.patch') diff --git a/sys-cluster/torque/files/CVE-2013-4319-2.x-root-submit-fix.patch b/sys-cluster/torque/files/CVE-2013-4319-2.x-root-submit-fix.patch new file mode 100644 index 000000000000..aa53239f157c --- /dev/null +++ b/sys-cluster/torque/files/CVE-2013-4319-2.x-root-submit-fix.patch @@ -0,0 +1,40 @@ +From 5dee0365a56dd2cc4cfd0b182bc843b4f32c086c Mon Sep 17 00:00:00 2001 +From: Justin Bronder +Date: Mon, 23 Dec 2013 12:40:27 -0500 +Subject: [PATCH] CVE-2013-4319: 2.x root submit fix + +https://bugs.gentoo.org/show_bug.cgi?id=484320 +http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4319\ +--- + src/server/process_request.c | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git a/src/server/process_request.c b/src/server/process_request.c +index d4a3c92..b06a333 100644 +--- a/src/server/process_request.c ++++ b/src/server/process_request.c +@@ -640,6 +640,21 @@ void process_request( + log_buffer); + } + ++ if (svr_conn[sfds].cn_authen != PBS_NET_CONN_FROM_PRIVIL) ++ { ++ sprintf(log_buffer, "request type %s from host %s rejected (connection not privileged)", ++ reqtype_to_txt(request->rq_type), ++ request->rq_host); ++ ++ log_record(PBSEVENT_JOB, PBS_EVENTCLASS_JOB, id, log_buffer); ++ ++ req_reject(PBSE_BADHOST, 0, request, NULL, "request not authorized"); ++ ++ close_client(sfds); ++ ++ return; ++ } ++ + if (!tfind(svr_conn[sfds].cn_addr, &okclients)) + { + sprintf(log_buffer, "request type %s from host %s rejected (host not authorized)", +-- +1.8.3.2 + -- cgit v1.2.3