[arch-commits] Commit in screen/trunk (2 files)

Gaëtan Bisson bisson at archlinux.org
Wed Jan 25 08:49:55 UTC 2017


    Date: Wednesday, January 25, 2017 @ 08:49:54
  Author: bisson
Revision: 287403

fix FS#52702

Added:
  screen/trunk/reverse-cherry-pick-5460f5d2-to-fix-privilege-escalation.patch
Modified:
  screen/trunk/PKGBUILD

----------------------------------------------------------------+
 PKGBUILD                                                       |    9 +++-
 reverse-cherry-pick-5460f5d2-to-fix-privilege-escalation.patch |   22 ++++++++++
 2 files changed, 30 insertions(+), 1 deletion(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2017-01-25 07:39:59 UTC (rev 287402)
+++ PKGBUILD	2017-01-25 08:49:54 UTC (rev 287403)
@@ -5,7 +5,7 @@
 
 pkgname=screen
 pkgver=4.5.0
-pkgrel=1
+pkgrel=2
 pkgdesc='Full-screen window manager that multiplexes a physical terminal'
 url='https://www.gnu.org/software/screen/'
 arch=('i686' 'x86_64')
@@ -14,9 +14,11 @@
 validpgpkeys=('2EE59A5D0C50167B5535BBF1B708A383C53EF3A4'
               '71AA09D9E8870FDB0AA7B61E21F968DEF747ABD7')
 source=("https://ftp.gnu.org/gnu/screen/screen-${pkgver}.tar.gz"{,.sig}
+        'reverse-cherry-pick-5460f5d2-to-fix-privilege-escalation.patch'
         'tmpfiles.d'
         'pam.d')
 sha1sums=('b329f538e7265405a5c14e13520e95ced9d2cb17' 'SKIP'
+          '641bf674b8d279475f474e9fb1fe41c7b635b9e3'
           '76b9c70b77940eb1214fe65739f9f932dc57fb66'
           '1ab4b512d2ac840d16db6986d7c98d7ce2f6383f')
 
@@ -25,6 +27,11 @@
 
 _ptygroup=5 #the UID of our PTY/TTY group
 
+prepare() {
+	cd "${srcdir}/${pkgname}-${pkgver}"
+	patch -p1 -i ../reverse-cherry-pick-5460f5d2-to-fix-privilege-escalation.patch
+}
+
 build() {
 	cd "${srcdir}/${pkgname}-${pkgver}"
 

Added: reverse-cherry-pick-5460f5d2-to-fix-privilege-escalation.patch
===================================================================
--- reverse-cherry-pick-5460f5d2-to-fix-privilege-escalation.patch	                        (rev 0)
+++ reverse-cherry-pick-5460f5d2-to-fix-privilege-escalation.patch	2017-01-25 08:49:54 UTC (rev 287403)
@@ -0,0 +1,22 @@
+Description: Fix privilege escalation by reverting upstream commit 5460f5d2
+Author: Axel Beckert <abe at debian.org>
+Bug-Debian: https://bugs.debian.org/852484
+Bug-CVE: http://www.openwall.com/lists/oss-security/2017/01/24/10
+Bug: https://savannah.gnu.org/bugs/?50142
+     https://lists.gnu.org/archive/html/screen-devel/2017-01/msg00025.html
+
+--- a/screen.c
++++ b/screen.c
+@@ -673,12 +673,6 @@
+                 Panic(0, "-L: logfile name can not start with \"-\" symbol");
+               if (strlen(screenlogfile) > PATH_MAX)
+                 Panic(0, "-L: logfile name too long. (max. %d char)", PATH_MAX);
+-
+-              FILE *w_check;
+-              if ((w_check = fopen(screenlogfile, "w")) == NULL)
+-                Panic(0, "-L: logfile name access problem");
+-              else
+-                fclose(w_check);
+             }
+             nwin_options.Lflag = 1;
+             break;



More information about the arch-commits mailing list