diff --git a/Xsession b/Xsession
index 6ba7f7f..80c26d3 100644
--- a/Xsession
+++ b/Xsession
@@ -12,7 +12,7 @@
 if [ -z "$GDMSESSION" ]; then
     # GDM redirect output itself in a smarter fashion
     errfile="$HOME/.xsession-errors"
-    if cp /dev/null "$errfile" 2> /dev/null ; then
+    if ( unask 077 && cp /dev/null "$errfile" 2> /dev/null ); then
         chmod 600 "$errfile"
         exec > "$errfile" 2>&1
     else
diff --git a/xorg-x11-xinit.spec b/xorg-x11-xinit.spec
index 80f190d..b502daa 100644
--- a/xorg-x11-xinit.spec
+++ b/xorg-x11-xinit.spec
@@ -3,7 +3,7 @@
 Summary:   X.Org X11 X Window System xinit startup scripts
 Name:      xorg-x11-%{pkgname}
 Version:   1.0.2
-Release:   23%{?dist}
+Release:   24%{?dist}
 License:   MIT/X11
 Group:     User Interface/X
 URL:       http://www.x.org
@@ -110,6 +110,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_mandir}/man1/xinit.1*
 
 %changelog
+* Thu Aug 2 2007 Soren Sandmann <sandmann@redhat.com> 1.0.2-24
+- Fix bug 212167, CVE-2006-5214
+
 * Sun Jul 29 2007 Soren Sandmann <sandmann@redhat.com> 1.0.2-23
 - Fix Xsession to run the login shell inside the setgid ssh-agent, rather
   than the other way around. This preserves LD_LIBRARY_PRELOAD.