diff options
author | Hajimu UMEMOTO <ume@FreeBSD.org> | 2004-11-15 09:50:05 +0000 |
---|---|---|
committer | Hajimu UMEMOTO <ume@FreeBSD.org> | 2004-11-15 09:50:05 +0000 |
commit | 73812a559bc64317ef7b7c5c6f820b6c075b23f6 (patch) | |
tree | efd733efe1f8fb8da7fc11b16687e080ec6520aa /security/cyrus-sasl | |
parent | Minor Makefile-twiddle: Balance quotes (diff) |
fix CAN-2004-0884.
Obtained from: security/cyrus-sasl2
Notes
Notes:
svn path=/head/; revision=121648
Diffstat (limited to 'security/cyrus-sasl')
-rw-r--r-- | security/cyrus-sasl/Makefile | 2 | ||||
-rw-r--r-- | security/cyrus-sasl/files/patch-lib::common.c | 19 |
2 files changed, 20 insertions, 1 deletions
diff --git a/security/cyrus-sasl/Makefile b/security/cyrus-sasl/Makefile index 64512159ed79..75ff8229a9ea 100644 --- a/security/cyrus-sasl/Makefile +++ b/security/cyrus-sasl/Makefile @@ -7,7 +7,7 @@ PORTNAME= cyrus-sasl PORTVERSION= 1.5.28 -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= security ipv6 MAINTAINER= ports@FreeBSD.org diff --git a/security/cyrus-sasl/files/patch-lib::common.c b/security/cyrus-sasl/files/patch-lib::common.c new file mode 100644 index 000000000000..8de08cfc3b26 --- /dev/null +++ b/security/cyrus-sasl/files/patch-lib::common.c @@ -0,0 +1,19 @@ +Index: lib/common.c +diff -u lib/common.c.orig lib/common.c +--- lib/common.c.orig Mon Nov 15 18:23:04 2004 ++++ lib/common.c Mon Nov 15 18:24:43 2004 +@@ -684,7 +684,13 @@ + + if (! path_dest) + return SASL_BADPARAM; +- path = getenv(SASL_PATH_ENV_VAR); ++ ++ path = NULL; ++ ++ /* Honor external variable only in a safe environment */ ++ if (getuid() == geteuid() && getgid() == getegid()) ++ path = getenv(SASL_PATH_ENV_VAR); ++ + if (! path) + path = PLUGINDIR; + return _sasl_strdup(path, path_dest, NULL); |