fix cve-2007-3852 - sysstat insecure temporary file usage
This commit is contained in:
Ivana Varekova
parent
e48876ae34
commit
280ceea607
37
sysstat-7.0.4-cve_2007_3852.patch
Normal file
37
sysstat-7.0.4-cve_2007_3852.patch
Normal file
@ -0,0 +1,37 @@
|
||||
--- sysstat-7.0.4/sysstat.in.cve3852 2007-08-15 15:15:04.000000000 +0200
|
||||
+++ sysstat-7.0.4/sysstat.in 2007-08-15 15:17:31.000000000 +0200
|
||||
@@ -20,13 +20,11 @@
|
||||
|
||||
RETVAL=0
|
||||
HISTORY=0
|
||||
-TMPDIR=/var/run/
|
||||
-# Remove flag indicating that sadc was successfully launched
|
||||
-rm -f ${TMPDIR}sysstat.run
|
||||
|
||||
# See how we were called.
|
||||
case "$1" in
|
||||
start)
|
||||
+ exitCodeIndicator="$(mktemp /tmp/sysstat-XXXXXX)" || exit 1
|
||||
[ -r /etc/sysconfig/sysstat ] && . /etc/sysconfig/sysstat
|
||||
if [ ${HISTORY} -gt 28 ]
|
||||
then
|
||||
@@ -43,15 +41,15 @@ case "$1" in
|
||||
CHOWN ${CURRENTDIR} ${CURRENTFILE} ${CURRENTDIR}/${CURRENTFILE}
|
||||
fi
|
||||
echo -n "Calling the system activity data collector (sadc): "
|
||||
- SU SA_LIB_DIR/sadc -F -L - && touch ${TMPDIR}sysstat.run QUOTE
|
||||
+ SU SA_LIB_DIR/sadc -F -L - || rm -f ${exitCodeIndicator} QUOTE
|
||||
|
||||
# Try to guess if sadc was successfully launched. The difficulty
|
||||
# here is that the exit code is lost when the above command is
|
||||
# run via "su foo -c ..."
|
||||
- if [ ! -f ${TMPDIR}sysstat.run ]; then
|
||||
- RETVAL=1
|
||||
+ if [ -f "${exitCodeIndicator}" ]; then
|
||||
+ rm -f ${exitCodeIndicator}
|
||||
else
|
||||
- rm -f ${TMPDIR}sysstat.run
|
||||
+ RETVAL=1
|
||||
fi
|
||||
echo
|
||||
;;
|
||||
@ -1,6 +1,6 @@
|
||||
Name: sysstat
|
||||
Version: 7.0.4
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Summary: The sar and iostat system monitoring commands
|
||||
License: GPL
|
||||
Group: Applications/System
|
||||
@ -15,6 +15,7 @@ Patch6: sysstat-5.0.5-append-msg.patch
|
||||
Patch9: sysstat-7.0.4-tmp.patch
|
||||
Patch10: sysstat-7.0.3-debuginfo.patch
|
||||
Patch11: sysstat-7.0.4-links.patch
|
||||
Patch12: sysstat-7.0.4-cve_2007_3852.patch
|
||||
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
|
||||
@ -36,6 +37,7 @@ activity.
|
||||
%patch9 -p1 -b .tmp
|
||||
%patch10 -p1 -b .db
|
||||
%patch11 -p1 -b .link
|
||||
%patch12 -p1 -b .cve3852
|
||||
|
||||
%build
|
||||
# FIXME: I need to fix the upstream Makefile to use LIBDIR et al. properly and
|
||||
@ -114,6 +116,10 @@ rm -rf %{buildroot}
|
||||
/var/log/sa
|
||||
|
||||
%changelog
|
||||
* Wed Aug 15 2007 Ivana Varekova <varekova@redhat.com> - 7.0.4-3
|
||||
- fix cve-2007-3852 -
|
||||
sysstat insecure temporary file usage
|
||||
|
||||
* Fri Mar 23 2007 Ivana Varekova <varekova@redhat.com> - 7.0.4-2
|
||||
- fix sa2 problem (sa2 works wrong when the /var/log/sa file is
|
||||
a link to another directory)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user