diff options
Diffstat (limited to 'debian/patches/0500-fix_CVE-2011-4339.patch')
-rw-r--r-- | debian/patches/0500-fix_CVE-2011-4339.patch | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/debian/patches/0500-fix_CVE-2011-4339.patch b/debian/patches/0500-fix_CVE-2011-4339.patch new file mode 100644 index 0000000..8360417 --- /dev/null +++ b/debian/patches/0500-fix_CVE-2011-4339.patch @@ -0,0 +1,21 @@ +Description: CVE-2011-4339 + insecure file permission when creating PID files + based on 112_fix_CVE-2011-4339 +Author: Jörg Frings-Fürst <debian@jff-webhosting.net> +Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651917 +Forwarded: https://sourceforge.net/p/ipmitool/patches/99/ +Last-Update: 2014-12-01 +--- +This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ +Index: trunk/lib/helper.c +=================================================================== +--- trunk.orig/lib/helper.c ++++ trunk/lib/helper.c +@@ -664,7 +664,6 @@ ipmi_start_daemon(struct ipmi_intf *intf + #endif + + chdir("/"); +- umask(0); + + for (fd=0; fd<64; fd++) { + if (fd != intf->fd) |