rpms/pulseaudio
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Sync with F-8, add fix for CVE-2008-0008

Browse Source
This commit is contained in:
Lubomir Rintel 2008-01-23 15:42:03 +00:00
parent d457c563dd
commit b8cfec946d
4 changed files with 145 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
pulseaudio-0.9.6-nochown.patch
View File

@ -1,20 +0,0 @@
--- pulseaudio-0.9.6/src/Makefile.in.orig 2007-05-27 22:59:32.000000000 +0200
+++ pulseaudio-0.9.6/src/Makefile.in 2007-05-29 11:30:19.000000000 +0200
@@ -5028,7 +5028,7 @@
suid: pulseaudio .libs/lt-pulseaudio
chown root $^
- chmod u+s $^
+# chmod u+s $^
esdcompat: daemon/esdcompat.in Makefile
sed -e 's,@PACKAGE_VERSION\@,$(PACKAGE_VERSION),g' \
@@ -5052,7 +5052,7 @@
install-exec-hook:
chown root $(DESTDIR)$(bindir)/pulseaudio ; true
- chmod u+s $(DESTDIR)$(bindir)/pulseaudio
+# chmod u+s $(DESTDIR)$(bindir)/pulseaudio
ln -sf pacat $(DESTDIR)$(bindir)/parec
rm -f $(DESTDIR)$(modlibexecdir)/*.a
rm -f $(DESTDIR)$(libdir)/libpulsedsp.a

21
pulseaudio-0.9.8-create-dot-pulse.patch
View File

@ -0,0 +1,21 @@
Index: src/pulsecore/core-util.c
===================================================================
--- src/pulsecore/core-util.c (revision 2077)
+++ src/pulsecore/core-util.c (revision 2078)
@@ -1129,8 +1129,15 @@
if ((e = getenv("PULSE_CONFIG_PATH")))
fn = lfn = pa_sprintf_malloc("%s/%s", e, local);
- else if (pa_get_home_dir(h, sizeof(h)))
+ else if (pa_get_home_dir(h, sizeof(h))) {
+ char *d;
+
+ d = pa_sprintf_malloc("%s/.pulse", h);
+ mkdir(d, 0755);
+ pa_xfree(d);
+
fn = lfn = pa_sprintf_malloc("%s/.pulse/%s", h, local);
+ }
if (lfn) {
FILE *f;

112
pulseaudio-0.9.8-droproot.patch Normal file
View File

@ -0,0 +1,112 @@
Fail when dropping root privileges is not successful.
https://bugzilla.novell.com/show_bug.cgi?id=347822
https://bugzilla.redhat.com/show_bug.cgi?id=425481
Lubomir Kundrak <lkundrak@redhat.com>
Index: src/daemon/main.c
===================================================================
--- src/daemon/main.c (revision 2098)
+++ src/daemon/main.c (working copy)
@@ -372,7 +372,8 @@
pa_limit_caps();
/* Drop priviliges, but keep CAP_SYS_NICE */
- pa_drop_root();
+ if (pa_drop_root() < 0)
+ goto finish;
/* After dropping root, the effective set is reset, hence,
* let's raise it again */
@@ -443,7 +444,8 @@
* let's give it up early */
pa_drop_caps();
- pa_drop_root();
+ if (pa_drop_root() < 0)
+ goto finish;
suid_root = real_root = FALSE;
if (conf->high_priority || conf->realtime_scheduling)
@@ -497,7 +499,8 @@
if (drop) {
pa_drop_caps();
- pa_drop_root();
+ if (pa_drop_root() < 0)
+ goto finish;
suid_root = real_root = FALSE;
}
}
Index: src/daemon/caps.c
===================================================================
--- src/daemon/caps.c (revision 2098)
+++ src/daemon/caps.c (working copy)
@@ -54,27 +54,36 @@
#ifdef HAVE_GETUID
/* Drop root rights when called SUID root */
-void pa_drop_root(void) {
+int pa_drop_root(void) {
uid_t uid = getuid();
+ int error = 0;
if (uid == 0 || geteuid() != 0)
- return;
+ return 0;
pa_log_info("Dropping root priviliges.");
#if defined(HAVE_SETRESUID)
- setresuid(uid, uid, uid);
+ error += setresuid(uid, uid, uid);
#elif defined(HAVE_SETREUID)
- setreuid(uid, uid);
+ error += setreuid(uid, uid);
#else
- setuid(uid);
- seteuid(uid);
+ error += setuid(uid);
+ error += seteuid(uid);
#endif
+
+ if (error != 0) {
+ pa_log_error("Could not drop root priviliges.");
+ return -1;
+ }
+
+ return 0;
}
#else
-void pa_drop_root(void) {
+int pa_drop_root(void) {
+ return 0;
}
#endif
@@ -142,8 +151,7 @@
}
int pa_drop_caps(void) {
- pa_drop_root();
- return 0;
+ return pa_drop_root();
}
#endif
Index: src/daemon/caps.h
===================================================================
--- src/daemon/caps.h (revision 2098)
+++ src/daemon/caps.h (working copy)
@@ -24,7 +24,7 @@
USA.
***/
-void pa_drop_root(void);
+int pa_drop_root(void);
int pa_limit_caps(void);
int pa_drop_caps(void);

16
pulseaudio.spec
View File

@ -3,11 +3,10 @@
Name: pulseaudio
Summary: Improved Linux sound server
Version: 0.9.8
Release: 4%{?dist}
Release: 5%{?dist}
License: GPLv2+
Group: System Environment/Daemons
#Source0: http://0pointer.de/lennart/projects/pulseaudio/pulseaudio-%{version}.tar.gz
Source0: pulseaudio-0.9.8.tar.gz
Source0: http://0pointer.de/lennart/projects/pulseaudio/pulseaudio-%{version}.tar.gz
URL: http://pulseaudio.org
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: tcp_wrappers-devel, libsamplerate-devel, libsndfile-devel
@ -23,10 +22,10 @@ BuildRequires: libXt-devel, xorg-x11-proto-devel
BuildRequires: openssl-devel
Requires: %{name}-core-libs = %{version}-%{release}
Obsoletes: pulseaudio-devel
Patch1: pulseaudio-0.9.6-nochown.patch
Patch2: pulseaudio-0.9.8-fix-sample-upload.patch
Patch3: pulseaudio-0.9.8-unbreak-tunnels.patch
Patch4: pulseaudio-0.9.8-create-dot-pulse.patch
Patch5: pulseaudio-0.9.8-droproot.patch
%description
PulseAudio is a sound server for Linux and other Unix like operating
@ -166,6 +165,7 @@ This package contains command line utilities for the PulseAudio sound server.
%patch2 -p2
%patch3 -p1
%patch4 -p0
%patch5 -p0
%build
%configure --disable-ltdl-install --disable-static --disable-rpath --with-system-user=pulse --with-system-group=pulse --with-realtime-group=pulse-rt --with-access-group=pulse-access
@ -381,6 +381,14 @@ fi
%{_mandir}/man1/pax11publish.1.gz
%changelog
* Wed Jan 23 2008 Lubomir Kundrak <lkundrak@redhat.com> 0.9.8-5
- Fix CVE-2008-0008 security issue (#425481)
* Sun Jan 13 2008 Lubomir Kundrak <lkundrak@redhat.com> 0.9.8-4.1
- Actually add content to pulseaudio-0.9.8-create-dot-pulse.patch
- Make the Source0 tag point to URL instead of a local file
- Drop the nochown patch; it's not applied at all and no longer needed
* Thu Nov 29 2007 Lennart Poettering <lpoetter@redhat.com> 0.9.8-4
- add missing dependency on pulseaudio-utils for pulseaudio-module-x11