diff options
| author | Oliver Lehmann <oliver@FreeBSD.org> | 2003-05-20 20:33:44 +0000 |
|---|---|---|
| committer | Oliver Lehmann <oliver@FreeBSD.org> | 2003-05-20 20:33:44 +0000 |
| commit | bc9ddf53fcc12b96d1f93c003db2404159583fb8 (patch) | |
| tree | bd743d2cfbe9ae62974d770f07d02258699f64bb /sysutils/cdrtools | |
| parent | Update to 1.2. (diff) | |
Fix a securety issue which may cause a local root exploit
(if the cdrecord binary is suid 0).
For more information about this, feel free to take a look at
http://marc.theaimsgroup.com/?l=bugtraq&m=105285564307225&w=2
Approved by: maintainer hasn't responded within 3 days, alex (mentor)
Notes
Notes:
svn path=/head/; revision=81561
Diffstat (limited to 'sysutils/cdrtools')
| -rw-r--r-- | sysutils/cdrtools/Makefile | 2 | ||||
| -rw-r--r-- | sysutils/cdrtools/files/patch-libscg::scsiopen.c | 11 |
2 files changed, 12 insertions, 1 deletions
diff --git a/sysutils/cdrtools/Makefile b/sysutils/cdrtools/Makefile index a30f3fa25bf1..badd3187c73b 100644 --- a/sysutils/cdrtools/Makefile +++ b/sysutils/cdrtools/Makefile @@ -7,7 +7,7 @@ PORTNAME?= cdrtools PORTVERSION?= 2.0 -PORTREVISION?= 0 +PORTREVISION?= 1 CATEGORIES?= sysutils audio MASTER_SITES= ftp://ftp.berlios.de/pub/cdrecord/ \ ftp://ftp.cs.tu-berlin.de/pub/misc/cdrecord/ \ diff --git a/sysutils/cdrtools/files/patch-libscg::scsiopen.c b/sysutils/cdrtools/files/patch-libscg::scsiopen.c new file mode 100644 index 000000000000..2a4f44176f16 --- /dev/null +++ b/sysutils/cdrtools/files/patch-libscg::scsiopen.c @@ -0,0 +1,11 @@ +--- libscg/scsiopen.c.orig Tue May 20 21:47:41 2003 ++++ libscg/scsiopen.c Tue May 20 21:48:28 2003 +@@ -270,7 +270,7 @@ + } + if (scg__open(scgp, devname) <= 0) { + if (errs && scgp->errstr) +- js_snprintf(errs, slen, scgp->errstr); ++ js_snprintf(errs, slen, "%s", scgp->errstr); + scg_sfree(scgp); + return ((SCSI *)0); + } |