From bc9ddf53fcc12b96d1f93c003db2404159583fb8 Mon Sep 17 00:00:00 2001 From: Oliver Lehmann Date: Tue, 20 May 2003 20:33:44 +0000 Subject: Fix a securety issue which may cause a local root exploit (if the cdrecord binary is suid 0). For more information about this, feel free to take a look at http://marc.theaimsgroup.com/?l=bugtraq&m=105285564307225&w=2 Approved by: maintainer hasn't responded within 3 days, alex (mentor) --- sysutils/cdrtools-devel/files/patch-libscg::scsiopen.c | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 sysutils/cdrtools-devel/files/patch-libscg::scsiopen.c (limited to 'sysutils/cdrtools-devel/files') diff --git a/sysutils/cdrtools-devel/files/patch-libscg::scsiopen.c b/sysutils/cdrtools-devel/files/patch-libscg::scsiopen.c new file mode 100644 index 000000000000..2a4f44176f16 --- /dev/null +++ b/sysutils/cdrtools-devel/files/patch-libscg::scsiopen.c @@ -0,0 +1,11 @@ +--- libscg/scsiopen.c.orig Tue May 20 21:47:41 2003 ++++ libscg/scsiopen.c Tue May 20 21:48:28 2003 +@@ -270,7 +270,7 @@ + } + if (scg__open(scgp, devname) <= 0) { + if (errs && scgp->errstr) +- js_snprintf(errs, slen, scgp->errstr); ++ js_snprintf(errs, slen, "%s", scgp->errstr); + scg_sfree(scgp); + return ((SCSI *)0); + } -- cgit v1.2.3