Security bump. Failure to check the return value of setuid() in a privileged process could be used by a local user for file overwriting and possible privilege escalation in corner cases. See http://lists.freedesktop.org/archives/xorg/2006-June/016146.html for more information.

Package-Manager: portage-2.1.1_pre1-r1

2 files changed, 30 insertions, 0 deletions

diff --git a/x11-apps/xf86dga/files/digest-xf86dga-1.0.1-r1 b/x11-apps/xf86dga/files/digest-xf86dga-1.0.1-r1
new file mode 100644
index 000000000000..a1da0aab41b7
--- /dev/null
+++ b/x11-apps/xf86dga/files/digest-xf86dga-1.0.1-r1
@@ -0,0 +1,3 @@
+MD5 0ee496f720bc98fee43108c88bb7f398 xf86dga-1.0.1.tar.bz2 75183
+RMD160 0689834c32f3bc20dafca299f135a3658bb79614 xf86dga-1.0.1.tar.bz2 75183
+SHA256 eded486132f243a7eed82859895bc23190e462b90d456d9580d649b771837245 xf86dga-1.0.1.tar.bz2 75183
diff --git a/x11-apps/xf86dga/files/xf86dga-1.0.1-setuid.diff b/x11-apps/xf86dga/files/xf86dga-1.0.1-setuid.diff
new file mode 100644
index 000000000000..f923cd92a5b9
--- /dev/null
+++ b/x11-apps/xf86dga/files/xf86dga-1.0.1-setuid.diff
@@ -0,0 +1,27 @@
+Index: dga.c
+===================================================================
+RCS file: /cvs/xorg/app/xf86dga/dga.c,v
+retrieving revision 1.2
+diff -u -r1.2 dga.c
+--- dga.c	23 Apr 2004 19:54:47 -0000	1.2
++++ dga.c	19 Jun 2006 21:31:33 -0000
+@@ -16,6 +16,7 @@
+ #include <X11/Xmd.h>
+ #include <X11/extensions/xf86dga.h>
+ #include <ctype.h>
++#include <errno.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <signal.h>
+@@ -141,7 +142,10 @@
+ 
+ #ifndef __UNIXOS2__
+    /* Give up root privs */
+-   setuid(getuid());
++   if (setuid(getuid()) == -1) {
++      fprintf(stderr, "Unable to change uid: %s\n", strerror(errno));
++      exit(2);
++   }
+ #endif
+ 
+    XF86DGASetViewPort(dis, DefaultScreen(dis), 0, 0);