Commit Graph

21 Commits

Author SHA1 Message Date
Tim Waugh
930323f835
2.7.6. 2018-02-12 12:31:42 +00:00
Tim Waugh
058b322fd9 Fixed memory leak in selinux patch. 2015-03-09 09:36:46 +00:00
Tim Waugh
ab01eb74b5 2.7.5, including an even better fix for CVE-2015-1196 that allows relative symlinks. 2015-03-08 16:05:16 +00:00
Tim Waugh
158e6d1d97 2.7.4, including a better fix for CVE-2015-1196 that still allows symlinks referencing ".." to be created. 2015-02-01 12:54:59 +00:00
Tim Waugh
fe471a96db 2.7.3 (bug #1182157, CVE-2015-1196, bug #1184491, CVE-2014-9637).
Resolves: rhbz#1182157 rhbz#1184491
2015-01-23 11:39:40 +00:00
Tim Waugh
5587b741e0 2.7.2. 2015-01-23 09:54:43 +00:00
Tim Waugh
0885656812 Include ae88d1c270df6ba685bd422f3bf2607367de7cfc from upstream. 2015-01-20 13:35:57 +00:00
Tim Waugh
e72bf6daa2 Apply upstream patch to fix directory traversal via symlinks (bug #1182157, CVE-2015-1196).
Resolves: rhbz#1182157 rhbz#1182154
2015-01-20 12:37:09 +00:00
Tim Waugh
972b7e7118 2.7.1. 2012-10-18 18:25:16 +01:00
Tim Waugh
274dc2d261 2.7. No longer need sigsegv, get-arg, CVE-2010-4651, backup-if-mismatch or coverity-leak patches. 2012-10-18 17:24:44 +01:00
Tim Waugh
13704094f0 Fixed NULL dereference in selinux patch. 2011-11-25 18:07:08 +00:00
Jiri Popelka
dd69faff4d Coverity: Check return value of getfilecon().
Error: CHECKED_RETURN:
patch-2.6.1/src/pch.c:736: check_return: Calling function "getfilecon" without checking return value (as is done elsewhere 4 out of 5 times).
patch-2.6.1/src/inp.c:158: example_checked: "getfilecon(inname, &incontext)" has its value checked in "getfilecon(inname, &incontext) == -1".
patch-2.6.1/src/patch.c:434: example_checked: "getfilecon(outname, &outcontext)" has its value checked in "getfilecon(outname, &outcontext) != -1".
patch-2.6.1/src/pch.c:292: example_checked: "getfilecon(inname, &incontext)" has its value checked in "getfilecon(inname, &incontext) == -1".
patch-2.6.1/src/util.c:603: example_checked: "getfilecon(filename, filecontext)" has its value checked in "getfilecon(filename, filecontext) == -1".
patch-2.6.1/src/pch.c:736: unchecked_value: No check of the return value of "getfilecon(inname, &incontext)".
2011-05-16 15:10:11 +01:00
Tim Waugh
68f90bed20 Applied upstream patch to fix CVE-2010-4651 (bug #667529). 2011-02-08 11:35:21 +00:00
Tim Waugh
1151a30aca Another fix for the selinux patch (bug #618215). 2010-08-16 17:44:01 +01:00
Tim Waugh
35f37f091c Fixed interpretation of return value from getfilecon(). 2010-08-06 17:14:38 +01:00
Tim Waugh
4c70b2adff - 2.6. No longer need stderr, suffix, stripcr, parse, allow-spaces, ifdef,
program_name, or posix-backup patches.
2009-11-16 17:08:44 +00:00
Tim Waugh
9389e191f1 - Fixed operation when SELinux is disabled (bug #498102). Patch from Jan
Kratochvil.
2009-04-29 16:39:13 +00:00
Tim Waugh
ffc4fff55b - Don't set SELinux file context if it is already correct. 2009-02-17 15:36:59 +00:00
Tim Waugh
b4bd8d00d9 - Don't fail if setfilecon() returns EPERM (bug #453365), although the
setfilecon man page suggests that ENOTSUP will be returned in this
    case.
2008-06-30 12:02:59 +00:00
Tim Waugh
638a40acb1 - Fix selinux patch and apply it. 2008-06-12 10:14:43 +00:00
Tim Waugh
3db410989d - Beginnings of an SELinux patch (bug #165799); not applied yet. 2007-10-04 16:05:37 +00:00