summaryrefslogtreecommitdiff
path: root/debian/patches/112_fix_CVE-2011-4339.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/112_fix_CVE-2011-4339.patch')
-rw-r--r--debian/patches/112_fix_CVE-2011-4339.patch21
1 files changed, 21 insertions, 0 deletions
diff --git a/debian/patches/112_fix_CVE-2011-4339.patch b/debian/patches/112_fix_CVE-2011-4339.patch
new file mode 100644
index 0000000..f67b845
--- /dev/null
+++ b/debian/patches/112_fix_CVE-2011-4339.patch
@@ -0,0 +1,21 @@
+Description: CVE-2011-4339
+ insecure file permission when creating PID files
+ based on 112_fix_CVE-2011-4339
+Author: Jörg Frings-Fürst <debian@jff-webhosting.net>
+Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651917
+Forwarded: https://sourceforge.net/p/ipmitool/patches/99/
+Last-Update: 2014-05-18
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+Index: trunk/lib/helper.c
+===================================================================
+--- trunk.orig/lib/helper.c 2014-05-18 18:50:55.000000000 +0200
++++ trunk/lib/helper.c 2014-05-18 19:30:41.275908129 +0200
+@@ -657,7 +657,6 @@
+ #endif
+
+ chdir("/");
+- umask(0);
+
+ for (fd=0; fd<64; fd++) {
+ if (fd != intf->fd)
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-14 18:57:17 +0000