summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDonnie Berkholz <dberkholz@gentoo.org>2007-09-30 08:21:18 +0000
committerDonnie Berkholz <dberkholz@gentoo.org>2007-09-30 08:21:18 +0000
commit568a40742692a210b698af81617dcbd705fa8f1e (patch)
treec3787dc46516d2fd96b27261c2a75538dbaa6fc6 /x11-apps/xfs
parentadded 2.2.7 rc1 and rc2 (diff)
downloadgentoo-2-568a40742692a210b698af81617dcbd705fa8f1e.tar.gz
gentoo-2-568a40742692a210b698af81617dcbd705fa8f1e.tar.bz2
gentoo-2-568a40742692a210b698af81617dcbd705fa8f1e.zip
(#185660) Security: Weak but possible locally exploitable race condition at xfs startup time (generally only at reboot, or if manually restarted following new font installation).
(Portage version: 2.1.3.9)
Diffstat (limited to 'x11-apps/xfs')
-rw-r--r--x11-apps/xfs/ChangeLog10
-rw-r--r--x11-apps/xfs/files/digest-xfs-1.0.4-r13
-rwxr-xr-xx11-apps/xfs/files/xfs.start14
-rw-r--r--x11-apps/xfs/xfs-1.0.4-r1.ebuild45
4 files changed, 65 insertions, 7 deletions
diff --git a/x11-apps/xfs/ChangeLog b/x11-apps/xfs/ChangeLog
index 0e141753398d..667f3c519368 100644
--- a/x11-apps/xfs/ChangeLog
+++ b/x11-apps/xfs/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for x11-apps/xfs
# Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/x11-apps/xfs/ChangeLog,v 1.32 2007/08/07 13:28:56 gustavoz Exp $
+# $Header: /var/cvsroot/gentoo-x86/x11-apps/xfs/ChangeLog,v 1.33 2007/09/30 08:21:17 dberkholz Exp $
+
+*xfs-1.0.4-r1 (30 Sep 2007)
+
+ 30 Sep 2007; Donnie Berkholz <dberkholz@gentoo.org>; files/xfs.start,
+ +xfs-1.0.4-r1.ebuild:
+ (#185660) Security: Weak but possible locally exploitable race condition at
+ xfs startup time (generally only at reboot, or if manually restarted
+ following new font installation).
07 Aug 2007; Gustavo Zacarias <gustavoz@gentoo.org> xfs-1.0.4.ebuild:
Stable on sparc wrt #175465
diff --git a/x11-apps/xfs/files/digest-xfs-1.0.4-r1 b/x11-apps/xfs/files/digest-xfs-1.0.4-r1
new file mode 100644
index 000000000000..60d6bd79234a
--- /dev/null
+++ b/x11-apps/xfs/files/digest-xfs-1.0.4-r1
@@ -0,0 +1,3 @@
+MD5 f43cb64d623b748208dfd9012d17b654 xfs-1.0.4.tar.bz2 149414
+RMD160 389c4c9ebd5242c76585ffefe2fd507e1d7fb09d xfs-1.0.4.tar.bz2 149414
+SHA256 452dde2923c7ae5a2b8cb4b9735507c579c1c55a0e5e45a34210e52574ee641b xfs-1.0.4.tar.bz2 149414
diff --git a/x11-apps/xfs/files/xfs.start b/x11-apps/xfs/files/xfs.start
index d7f1fa177417..9290a0ec60f9 100755
--- a/x11-apps/xfs/files/xfs.start
+++ b/x11-apps/xfs/files/xfs.start
@@ -2,7 +2,7 @@
# Copyright 1999-2004 Gentoo Foundation
# Distributed under the terms of the GNU General Public License, v2
# Author: Martin Schlemmer <azarah@gentoo.org>
-# $Header: /var/cvsroot/gentoo-x86/x11-apps/xfs/files/xfs.start,v 1.2 2005/08/16 20:13:43 spyderous Exp $
+# $Header: /var/cvsroot/gentoo-x86/x11-apps/xfs/files/xfs.start,v 1.3 2007/09/30 08:21:18 dberkholz Exp $
#NB: Config is in /etc/conf.d/xfs
@@ -306,11 +306,13 @@ start() {
ebegin "Starting X Font Server"
if [ "`grep -e "^xfs:" /etc/passwd`" ] ; then
- # Fix possible security problem, turned to hard failure in 6.8.0
- # See discussion at http://freedesktop.org/bugzilla/show_bug.cgi?id=306
- rm -rf /tmp/.font-unix
- mkdir /tmp/.font-unix
- chmod 1777 /tmp/.font-unix
+ # Fix possible race condition, bug #185660
+ while ! [ -d /tmp/.font-unix ]; do
+ # Fix possible security problem, turned to hard failure in 6.8.0
+ # See discussion at http://freedesktop.org/bugzilla/show_bug.cgi?id=306
+ rm -rf /tmp/.font-unix
+ mkdir -m 1777 /tmp/.font-unix
+ done
start-stop-daemon --start --quiet --exec /usr/bin/xfs \
-- -daemon -config /etc/X11/fs/config \
diff --git a/x11-apps/xfs/xfs-1.0.4-r1.ebuild b/x11-apps/xfs/xfs-1.0.4-r1.ebuild
new file mode 100644
index 000000000000..a0c3fefd5bcb
--- /dev/null
+++ b/x11-apps/xfs/xfs-1.0.4-r1.ebuild
@@ -0,0 +1,45 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/x11-apps/xfs/xfs-1.0.4-r1.ebuild,v 1.1 2007/09/30 08:21:17 dberkholz Exp $
+
+# Must be before x-modular eclass is inherited
+#SNAPSHOT="yes"
+
+inherit x-modular
+
+DESCRIPTION="X font server"
+
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="ipv6"
+
+RDEPEND="x11-apps/ttmkfdir
+ x11-libs/libFS
+ x11-libs/libXfont"
+DEPEND="${RDEPEND}
+ x11-proto/fontsproto"
+
+CONFIGURE_OPTIONS="$(use_enable ipv6) --libdir=/etc"
+
+pkg_setup() {
+ enewgroup xfs 33
+ enewuser xfs 33 -1 /etc/X11/fs xfs
+}
+
+src_unpack() {
+ x-modular_unpack_source
+ x-modular_patch_source
+
+ sed -i -e "s:^configdir =.*:configdir = \$(sysconfdir)/X11/fs:g" \
+ "${S}"/Makefile.am
+
+ x-modular_reconf_source
+}
+
+src_install() {
+ x-modular_src_install
+
+ insinto /etc/X11/fs
+ newins "${FILESDIR}"/xfs.config config
+ newinitd "${FILESDIR}"/xfs.start xfs
+ newconfd "${FILESDIR}"/xfs.conf.d xfs
+}