summaryrefslogtreecommitdiff
path: root/source/xap/rdesktop
diff options
context:
space:
mode:
authorPatrick J Volkerding <volkerdi@slackware.com>2011-04-25 13:37:00 +0000
committerEric Hameleers <alien@slackware.com>2018-05-31 22:45:18 +0200
commit75a4a592e5ccda30715f93563d741b83e0dcf39e (patch)
tree502f745607e77a2c4386ad38d818ddcafe81489c /source/xap/rdesktop
parentb76270bf9e6dd375e495fec92140a79a79415d27 (diff)
downloadcurrent-75a4a592e5ccda30715f93563d741b83e0dcf39e.tar.gz
Slackware 13.37slackware-13.37
Mon Apr 25 13:37:00 UTC 2011 Slackware 13.37 x86_64 stable is released! Thanks to everyone who pitched in on this release: the Slackware team, the folks producing upstream code, and linuxquestions.org for providing a great forum for collaboration and testing. The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware project by picking up a copy from store.slackware.com. We're taking pre-orders now, and offer a discount if you sign up for a subscription. As always, thanks to the Slackware community for testing, suggestions, and feedback. :-) Have fun!
Diffstat (limited to 'source/xap/rdesktop')
-rw-r--r--source/xap/rdesktop/rdesktop.CVE-2011-1595.diff22
-rwxr-xr-xsource/xap/rdesktop/rdesktop.SlackBuild21
2 files changed, 38 insertions, 5 deletions
diff --git a/source/xap/rdesktop/rdesktop.CVE-2011-1595.diff b/source/xap/rdesktop/rdesktop.CVE-2011-1595.diff
new file mode 100644
index 00000000..0db8c3bc
--- /dev/null
+++ b/source/xap/rdesktop/rdesktop.CVE-2011-1595.diff
@@ -0,0 +1,22 @@
+--- ./disk.c.orig 2008-02-15 18:13:25.000000000 -0600
++++ ./disk.c 2011-04-20 20:27:55.978000772 -0500
+@@ -356,6 +356,19 @@
+ filename[strlen(filename) - 1] = 0;
+ sprintf(path, "%s%s", g_rdpdr_device[device_id].local_path, filename);
+
++ /* Protect against mailicous servers:
++ somelongpath/.. not allowed
++ somelongpath/../b not allowed
++ somelongpath/..b in principle ok, but currently not allowed
++ somelongpath/b.. ok
++ somelongpath/b..b ok
++ somelongpath/b../c ok
++ */
++ if (strstr(path, "/.."))
++ {
++ return RD_STATUS_ACCESS_DENIED;
++ }
++
+ switch (create_disposition)
+ {
+ case CREATE_ALWAYS:
diff --git a/source/xap/rdesktop/rdesktop.SlackBuild b/source/xap/rdesktop/rdesktop.SlackBuild
index cbfc1498..5e1ae2e2 100755
--- a/source/xap/rdesktop/rdesktop.SlackBuild
+++ b/source/xap/rdesktop/rdesktop.SlackBuild
@@ -1,6 +1,6 @@
#!/bin/sh
-# Copyright 2006, 2008, 2009 Patrick J. Volkerding, Sebeka, MN, USA
+# Copyright 2006, 2008, 2009, 2011 Patrick J. Volkerding, Sebeka, MN, USA
# All rights reserved.
#
# Redistribution and use of this script, with or without modification, is
@@ -23,10 +23,17 @@
PKGNAM=rdesktop
VERSION=${VERSION:-1.6.0}
-ARCH=${ARCH:-x86_64}
-NUMJOBS=${NUMJOBS:-" -j7 "}
-BUILD=${BUILD:-1}
-
+BUILD=${BUILD:-2}
+
+# Automatically determine the architecture we're building on:
+if [ -z "$ARCH" ]; then
+ case "$( uname -m )" in
+ i?86) export ARCH=i486 ;;
+ arm*) export ARCH=arm ;;
+ # Unless $ARCH is already set, use uname -m for all other archs:
+ *) export ARCH=$( uname -m ) ;;
+ esac
+fi
if [ "$ARCH" = "i486" ]; then
SLKCFLAGS="-O2 -march=i486 -mtune=i686"
@@ -39,6 +46,8 @@ elif [ "$ARCH" = "x86_64" ]; then
LIBDIRSUFFIX="64"
fi
+NUMJOBS=${NUMJOBS:-" -j7 "}
+
CWD=$(pwd)
TMP=${TMP:-/tmp}
PKG=$TMP/package-${PKGNAM}
@@ -50,6 +59,8 @@ rm -rf ${PKGNAM}-${VERSION}
tar xvf $CWD/${PKGNAM}-$VERSION.tar.bz2 || exit 1
cd ${PKGNAM}-$VERSION || exit 1
+zcat $CWD/rdesktop.CVE-2011-1595.diff.gz | patch -p1 --verbose || exit 1
+
# Make sure ownerships and permissions are sane:
chown -R root:root .
find . \