debian/patches/0500-fix_CVE-2011-4339.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

Description: CVE-2011-4339
 insecure file permission when creating PID files
 based on 112_fix_CVE-2011-4339
Author: Jörg Frings-Fürst <debian@jff-webhosting.net>
Bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651917
Forwarded: https://sourceforge.net/p/ipmitool/patches/99/
Last-Update: 2014-12-01
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
Index: trunk/lib/helper.c
===================================================================
--- trunk.orig/lib/helper.c
+++ trunk/lib/helper.c
@@ -659,7 +659,6 @@ ipmi_start_daemon(struct ipmi_intf *intf
 #endif
 
 	chdir("/");
-	umask(0);
 
 	for (fd=0; fd<64; fd++) {
 		if (fd != intf->fd)