[pkgsrc/trunk]: pkgsrc/x11/eterm Fix eterm default X11 display vulnerability ...

[tonnerre <tonnerre%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/e53edda58623
branches:  trunk
changeset: 540242:e53edda58623
user:      tonnerre <tonnerre%pkgsrc.org@localhost>
date:      Thu Apr 03 22:42:33 2008 +0000

description:
Fix eterm default X11 display vulnerability (CVE-2008-1142).
Approved-by: jlam

diffstat:

 x11/eterm/Makefile         |   3 ++-
 x11/eterm/distinfo         |   3 ++-
 x11/eterm/patches/patch-ac |  30 ++++++++++++++++++++++++++++++
 3 files changed, 34 insertions(+), 2 deletions(-)

diffs (64 lines):

diff -r 8ad7497029c7 -r e53edda58623 x11/eterm/Makefile
--- a/x11/eterm/Makefile        Thu Apr 03 22:37:36 2008 +0000
+++ b/x11/eterm/Makefile        Thu Apr 03 22:42:33 2008 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.51 2007/01/14 11:07:34 joerg Exp $
+# $NetBSD: Makefile,v 1.52 2008/04/03 22:42:33 tonnerre Exp $
 
 DISTNAME=      Eterm-0.9.4
 PKGNAME=       ${DISTNAME:S/^E/e/}
+PKGREVISION=   1
 CATEGORIES=    x11
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=eterm/} \
                ftp://ftp.dti.ad.jp/pub/X/Eterm/
diff -r 8ad7497029c7 -r e53edda58623 x11/eterm/distinfo
--- a/x11/eterm/distinfo        Thu Apr 03 22:37:36 2008 +0000
+++ b/x11/eterm/distinfo        Thu Apr 03 22:42:33 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.15 2006/11/25 14:01:18 sketch Exp $
+$NetBSD: distinfo,v 1.16 2008/04/03 22:42:33 tonnerre Exp $
 
 SHA1 (Eterm-0.9.4.tar.gz) = d63628098b3aa08c8f2bc1bd756683e5fd227995
 RMD160 (Eterm-0.9.4.tar.gz) = ce5d7ba74b19e3c8992d104d00f10302c3e8150e
@@ -14,6 +14,7 @@
 Size (Eterm-bg-tile.tar.gz) = 1568166 bytes
 SHA1 (patch-aa) = 19da5e05392994a60fdf47e9d52c82fc41cefa4c
 SHA1 (patch-ab) = d019a18bb32f890d6de7c5bb0cdb43e7715a7d4d
+SHA1 (patch-ac) = eaeed9066b546d563f7b0404afbdb9e9737d8f63
 SHA1 (patch-ad) = f70a92e4eb84466e379653cbd3a9188db6d408c8
 SHA1 (patch-ah) = e9a924abff857448a6d7c9281915bcf001b7451c
 SHA1 (patch-ai) = 94d684a490752831de2fb2aba92c0b9f461ddb5a
diff -r 8ad7497029c7 -r e53edda58623 x11/eterm/patches/patch-ac
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/eterm/patches/patch-ac        Thu Apr 03 22:42:33 2008 +0000
@@ -0,0 +1,30 @@
+$NetBSD: patch-ac,v 1.6 2008/04/03 22:42:33 tonnerre Exp $
+
+Fix X11 privilege escalation vulnerability (CVE-2008-1142).
+
+--- src/startup.c.orig 2008-03-31 19:27:46.000000000 +0200
++++ src/startup.c
+@@ -95,11 +95,7 @@ eterm_bootstrap(int argc, char *argv[])
+     init_libast();
+ 
+     /* Open display, get options/resources and create the window */
+-    if (getenv("DISPLAY") == NULL) {
+-        display_name = STRDUP(":0");
+-    } else {
+-        display_name = STRDUP(getenv("DISPLAY"));
+-    }
++    display_name = NULL;
+ 
+     /* This MUST be called before any other Xlib functions */
+ #ifdef SPIFOPT_SETTING_PREPARSE
+@@ -116,7 +112,9 @@ eterm_bootstrap(int argc, char *argv[])
+     privileges(REVERT);
+ #endif
+     if (!Xdisplay && !(Xdisplay = XOpenDisplay(display_name))) {
+-        libast_print_error("can't open display %s\n", display_name);
++        libast_print_error("can't open display %s\n", display_name?display_name:
++                      getenv("DISPLAY")?getenv("DISPLAY"):
++                      "as no -display given and DISPLAY not set");
+         exit(EXIT_FAILURE);
+     }
+     XSetErrorHandler((XErrorHandler) xerror_handler);