rpms / ipmitool

Clone
Source Code
GIT

Blame SOURCES/0001-CVE-2011-4339-OpenIPMI.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   c9-beta
  2.   SOURCES
  3.   0001-CVE-2011-4339-OpenIPMI.patch
Blob History Raw
e20f4c 
From 152efd46931a70ab4e3d81e99d312df7dcd666e6 Mon Sep 17 00:00:00 2001
e20f4c 
From: Boris Ranto <branto@redhat.com>
e20f4c 
Date: Tue, 10 May 2016 19:12:08 +0200
e20f4c 
Subject: [PATCH] CVE-2011-4339 OpenIPMI
e20f4c
e20f4c 
IPMI event daemon creates PID file with world writeable permissions
e20f4c 
---
e20f4c 
 lib/helper.c | 1 -
e20f4c 
 1 file changed, 1 deletion(-)
e20f4c
e20f4c 
diff --git a/lib/helper.c b/lib/helper.c
e20f4c 
index de91438..c3a1c80 100644
e20f4c 
--- a/lib/helper.c
e20f4c 
+++ b/lib/helper.c
e20f4c 
@@ -829,7 +829,6 @@ ipmi_start_daemon(struct ipmi_intf *intf)
e20f4c 
 #endif
e20f4c
e20f4c 
 	chdir("/");
e20f4c 
-	umask(0);
e20f4c
e20f4c 
 	for (fd=0; fd<64; fd++) {
e20f4c 
 		if (fd != intf->fd)
e20f4c 
--
e20f4c 
2.7.4
e20f4c

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation