← Back to branch summary

~ubuntu-branches/debian/jessie/autofs/jessie

« back to all changes in this revision

Viewing changes to debian/patches/14avoid_sock_cloexec.patch

  • Committer: Package Import Robot
  • Author(s): Dmitry Smirnov, Salvatore Bonaccorso, Dmitry Smirnov
  • Date: 2015-03-19 18:38:23 UTC
  • Revision ID: package-import@ubuntu.com-20150319183823-vdr6c21nwgu4aop5
Tags: 5.0.8-2
http://bugs.debian.org/779591
[ Salvatore Bonaccorso <carnil@debian.org> ]
* Add patches for CVE-2014-8169 (Closes: #779591).
  When a program map uses an interpreted languages like python it is
  possible to load and execute arbitray code from a user home directory.
  This is because the standard environment variables are used to locate
  and load modules when using these languages. To avoid that, a prefix to
  these environment names is added so that they aren't used for this
  purpose. The prefix used is "AUTOFS_" and is not configurable.
  Additionally a configuration option to force the use of program map
  standard environment variables is added (FORCE_STANDARD_PROGRAM_MAP_ENV).

[ Dmitry Smirnov <onlyjob@debian.org> ]
* Refreshed other patches as needed.

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/14avoid_sock_cloexec.patch
6
6
 
7
7
--- a/include/automount.h
8
8
+++ b/include/automount.h
9
 
@@ -39,6 +39,11 @@
 
9
@@ -38,8 +38,13 @@
 
10
 #ifdef WITH_DMALLOC
10
11
 #include <dmalloc.h>
11
12
 #endif
12
13
 
18
19
 #define ENABLE_CORES   1
19
20
 
20
21
 /* We MUST have the paths to mount(8) and umount(8) */
 
22
 #ifndef HAVE_MOUNT