diff options
Diffstat (limited to 'meta-security/recipes-security/libgssglue/files/libgssglue-fix-CVE-2011-2709.patch')
-rw-r--r-- | meta-security/recipes-security/libgssglue/files/libgssglue-fix-CVE-2011-2709.patch | 43 |
1 files changed, 0 insertions, 43 deletions
diff --git a/meta-security/recipes-security/libgssglue/files/libgssglue-fix-CVE-2011-2709.patch b/meta-security/recipes-security/libgssglue/files/libgssglue-fix-CVE-2011-2709.patch deleted file mode 100644 index 6aa1a657a9..0000000000 --- a/meta-security/recipes-security/libgssglue/files/libgssglue-fix-CVE-2011-2709.patch +++ /dev/null @@ -1,43 +0,0 @@ -Use secure_getenv instead of getenv for setuid programs - -(bnc#694598 CVE-2011-2709 bnc#831805) - -import from: -https://build.opensuse.org/package/view_file/openSUSE:Factory/libgssglue/secure-getenv.patch - -Upstream-Status: Pending - -Signed-off-by: Jackie Huang <jackie.huang@windriver.com> - -diff --git a/src/g_initialize.c b/src/g_initialize.c -index 200f173..935a9fa 100644 ---- a/src/g_initialize.c -+++ b/src/g_initialize.c -@@ -26,6 +26,7 @@ - * This function will initialize the gssapi mechglue library - */ - -+#define _GNU_SOURCE - #include "mglueP.h" - #include <stdlib.h> - -@@ -197,8 +198,7 @@ static void solaris_initialize () - void *dl; - gss_mechanism (*sym)(void), mech; - -- if ((getuid() != geteuid()) || -- ((filename = getenv("GSSAPI_MECH_CONF")) == NULL)) -+ if ((filename = secure_getenv("GSSAPI_MECH_CONF")) == NULL) - filename = MECH_CONF; - - if ((conffile = fopen(filename, "r")) == NULL) { -@@ -274,8 +274,7 @@ static void linux_initialize () - void *dl; - gss_mechanism (*sym)(void), mech; - -- if ((getuid() != geteuid()) || -- ((filename = getenv("GSSAPI_MECH_CONF")) == NULL)) -+ if ((filename = secure_getenv("GSSAPI_MECH_CONF")) == NULL) - filename = MECH_CONF; - - if ((conffile = fopen(filename, "r")) == NULL) { |