Add patch from X.Org, fixing privilege escalation.

Security: http://www.vuxml.org/61534682-b8f4-11da-8e62-000e0c33c2dc Security: CVE-2006-0745
author: Dejan Lesjak <lesi@FreeBSD.org> 2006-03-21 17:06:39 +0000
committer: Dejan Lesjak <lesi@FreeBSD.org> 2006-03-21 17:06:39 +0000
commit: 6f9bc91b6d3fcc9e917038989a071b7b3615ddc4 (patch)
tree: 0ab8fe7967b313636a101f0c7d7b8a9f9df01205 /x11-servers/xorg-server/files/patch-CVE-2006-0745
parent: xorg-server -- privilege escalation (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/x11-servers/xorg-server/files/patch-CVE-2006-0745 b/x11-servers/xorg-server/files/patch-CVE-2006-0745
new file mode 100644
index 000000000000..afb7d4de763d
--- /dev/null
+++ b/x11-servers/xorg-server/files/patch-CVE-2006-0745
@@ -0,0 +1,20 @@
+--- programs/Xserver/hw/xfree86/common/xf86Init.c.orig	2006-03-17 23:30:10.000000000 +0200
++++ programs/Xserver/hw/xfree86/common/xf86Init.c	2006-03-17 23:29:35.000000000 +0200
+@@ -1376,7 +1376,7 @@
+     }
+   
+   /* First the options that are only allowed for root */
+-  if (getuid() == 0 || geteuid != 0)
++  if (getuid() == 0 || geteuid() != 0)
+   {
+     if (!strcmp(argv[i], "-modulepath"))
+     {
+@@ -1679,7 +1679,7 @@
+   }
+   if (!strcmp(argv[i], "-configure"))
+   {
+-    if (getuid() != 0 && geteuid == 0) {
++    if (getuid() != 0 && geteuid() == 0) {
+ 	ErrorF("The '-configure' option can only be used by root.\n");
+ 	exit(1);
+     }
author	Dejan Lesjak <lesi@FreeBSD.org>	2006-03-21 17:06:39 +0000
committer	Dejan Lesjak <lesi@FreeBSD.org>	2006-03-21 17:06:39 +0000
commit	6f9bc91b6d3fcc9e917038989a071b7b3615ddc4 (patch)
tree	0ab8fe7967b313636a101f0c7d7b8a9f9df01205 /x11-servers/xorg-server/files/patch-CVE-2006-0745
parent	xorg-server -- privilege escalation (diff)