diff options
| author | Vlad Glagolev | 2012-01-10 00:07:17 +0400 |
|---|---|---|
| committer | Vlad Glagolev | 2012-01-10 02:01:14 +0400 |
| commit | 21f0458002d31d0db0aaba5a7c9e79a6b12f51fd (patch) | |
| tree | 3eec8a765e7d30258abbd72b38dbd2d9459916ab | |
| parent | b6062019972e240f6ee1d2b23f461e81bf041afe (diff) | |
ipmitool: security update
(cherry picked from commit 9c93b19663b0d4d1cff249cd3d244b8ffc7fd95d)
| -rwxr-xr-x | utils/ipmitool/DETAILS | 9 | ||||
| -rw-r--r-- | utils/ipmitool/HISTORY | 5 | ||||
| -rwxr-xr-x | utils/ipmitool/PRE_BUILD | 4 | ||||
| -rw-r--r-- | utils/ipmitool/umask.patch | 10 |
4 files changed, 23 insertions, 5 deletions
diff --git a/utils/ipmitool/DETAILS b/utils/ipmitool/DETAILS index 26d4d888ae..e1d9930517 100755 --- a/utils/ipmitool/DETAILS +++ b/utils/ipmitool/DETAILS @@ -1,15 +1,14 @@ SPELL=ipmitool VERSION=1.8.11 + SECURITY_PATCH=1 SOURCE_HASH=sha512:48093790baf2532887ac87de9b55fbe38f46f271b84e6152e6b0ba11170b29aad78dfcd42036389750edbedff325476b8366b3ea1401b97148b8bc8c1bd71e4b SOURCE="$SPELL-$VERSION.tar.gz" SOURCE_URL[0]="$SOURCEFORGE_URL/$SPELL/$SOURCE" SOURCE_DIRECTORY="$BUILD_DIRECTORY/$SPELL-$VERSION" - WEB_SITE="http://$SPELL.sourceforge.net" - FRESHMEAT_URL="http://freshmeat.net/projects/$SPELL/" + WEB_SITE=http://ipmitool.sourceforge.net LICENSE[0]='BSD' - UPDATED=20060214 - SHORT='A command-line utility to control IPMI-enabled devices' -## Auto-generated from Freshmeat.net's project descriptor + ENTERED=20060214 + SHORT="command-line utility to control IPMI-enabled devices" cat << EOF IPMItool is a simple command-line interface to systems that support the Intelligent Platform Management Interface (IPMI) specification. It provides diff --git a/utils/ipmitool/HISTORY b/utils/ipmitool/HISTORY index fc76260f1f..2135e79b9f 100644 --- a/utils/ipmitool/HISTORY +++ b/utils/ipmitool/HISTORY @@ -1,3 +1,8 @@ +2012-01-10 Vlad Glagolev <stealth@sourcemage.org> + * DETAILS: SECURITY_PATCH=1; UPDATED -> ENTERED; cleaned up + * PRE_BUILD: added, to apply the patch + * umask.patch: added, to fix security issue (CVE-2011-4339) + 2011-10-14 Bor Kraljič <pyrobor@ver.si> * DETAILS: fixed long description wrap (scripted) diff --git a/utils/ipmitool/PRE_BUILD b/utils/ipmitool/PRE_BUILD new file mode 100755 index 0000000000..06fbbe0723 --- /dev/null +++ b/utils/ipmitool/PRE_BUILD @@ -0,0 +1,4 @@ +default_pre_build && +cd "$SOURCE_DIRECTORY" && + +patch -p0 < "$SPELL_DIRECTORY/umask.patch" diff --git a/utils/ipmitool/umask.patch b/utils/ipmitool/umask.patch new file mode 100644 index 0000000000..58b9898099 --- /dev/null +++ b/utils/ipmitool/umask.patch @@ -0,0 +1,10 @@ +--- lib/helper.c.orig ++++ lib/helper.c +@@ -427,7 +427,6 @@ ipmi_start_daemon(struct ipmi_intf *intf + #endif + + chdir("/"); +- umask(0); + + for (fd=0; fd<64; fd++) { + if (fd != intf->fd) |