Date: Mon, 17 Nov 2014 21:25:28 +0000 (UTC) From: Raphael Kubo da Costa <rakuco@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org Subject: svn commit: r372689 - in branches/2014Q4/x11/kde4-workspace: . files Message-ID: <201411172125.sAHLPSl4084761@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rakuco Date: Mon Nov 17 21:25:27 2014 New Revision: 372689 URL: https://svnweb.freebsd.org/changeset/ports/372689 QAT: https://qat.redports.org/buildarchive/r372689/ Log: MFH: r372687 Add patch for CVE-2014-8651 (privilege escalation). Security: dafa13a8-6e9b-11e4-8ef7-5453ed2e2b49 Approved by: ports-secteam (delphij) Added: branches/2014Q4/x11/kde4-workspace/files/patch-CVE-2014-8651 - copied unchanged from r372687, head/x11/kde4-workspace/files/patch-CVE-2014-8651 Modified: branches/2014Q4/x11/kde4-workspace/Makefile Directory Properties: branches/2014Q4/ (props changed) Modified: branches/2014Q4/x11/kde4-workspace/Makefile ============================================================================== --- branches/2014Q4/x11/kde4-workspace/Makefile Mon Nov 17 21:08:28 2014 (r372688) +++ branches/2014Q4/x11/kde4-workspace/Makefile Mon Nov 17 21:25:27 2014 (r372689) @@ -2,7 +2,7 @@ PORTNAME= kde-workspace PORTVERSION= ${KDE4_WORKSPACE_VERSION} -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= x11 kde MASTER_SITES= KDE/${KDE4_BRANCH}/${KDE4_VERSION}/src DIST_SUBDIR= KDE/${PORTVERSION} Copied: branches/2014Q4/x11/kde4-workspace/files/patch-CVE-2014-8651 (from r372687, head/x11/kde4-workspace/files/patch-CVE-2014-8651) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ branches/2014Q4/x11/kde4-workspace/files/patch-CVE-2014-8651 Mon Nov 17 21:25:27 2014 (r372689, copy of r372687, head/x11/kde4-workspace/files/patch-CVE-2014-8651) @@ -0,0 +1,113 @@ +commit eebcb17746d9fa86ea8c5a7344709ef6750781cf +Author: David Edmundson <kde@davidedmundson.co.uk> +Date: Tue Nov 4 13:57:59 2014 +0100 + + Do not pass ntpUtility as an argument to datetime helper + + Passing the name of a binary to run to a polkit helper is a security + risk as it allows any arbitrary process to be executed. + + This patch moves the detection of ntp utility location into the helper + function. + + REVIEW: 120977 + +--- kcontrol/dateandtime/dtime.cpp ++++ kcontrol/dateandtime/dtime.cpp +@@ -142,27 +142,15 @@ void Dtime::serverTimeCheck() { + //kclock->setEnabled(enabled); + } + +-void Dtime::findNTPutility(){ +- QByteArray envpath = qgetenv("PATH"); +- if (!envpath.isEmpty() && envpath[0] == ':') { +- envpath = envpath.mid(1); +- } +- +- QString path = "/sbin:/usr/sbin:"; +- if (!envpath.isEmpty()) { +- path += QString::fromLocal8Bit(envpath); +- } else { +- path += QLatin1String("/bin:/usr/bin"); +- } +- +- foreach(const QString &possible_ntputility, QStringList() << "ntpdate" << "rdate" ) { +- if( !((ntpUtility = KStandardDirs::findExe(possible_ntputility, path)).isEmpty()) ) { +- kDebug() << "ntpUtility = " << ntpUtility; +- return; ++void Dtime::findNTPutility() ++{ ++ const QString exePath = QLatin1String("/usr/sbin:/usr/bin:/sbin:/bin"); ++ foreach(const QString &possible_ntputility, QStringList() << "ntpdate" << "rdate" ) { ++ ntpUtility = KStandardDirs::findExe(possible_ntputility, exePath); ++ if (!ntpUtility.isEmpty()) { ++ return; ++ } + } +- } +- +- kDebug() << "ntpUtility not found!"; + } + + void Dtime::set_time() +@@ -238,7 +226,6 @@ void Dtime::save( QVariantMap& helperargs ) + helperargs["ntp"] = true; + helperargs["ntpServers"] = list; + helperargs["ntpEnabled"] = setDateTimeAuto->isChecked(); +- helperargs["ntpUtility"] = ntpUtility; + + if(setDateTimeAuto->isChecked() && !ntpUtility.isEmpty()){ + // NTP Time setting - done in helper +--- kcontrol/dateandtime/helper.cpp ++++ kcontrol/dateandtime/helper.cpp +@@ -52,8 +52,18 @@ + // clears it. So we have to use a reasonable default. + static const QString exePath = QLatin1String("/usr/sbin:/usr/bin:/sbin:/bin"); + +-int ClockHelper::ntp( const QStringList& ntpServers, bool ntpEnabled, +- const QString& ntpUtility ) ++static QString findNtpUtility() ++{ ++ foreach(const QString &possible_ntputility, QStringList() << "ntpdate" << "rdate" ) { ++ const QString ntpUtility = KStandardDirs::findExe(possible_ntputility, exePath); ++ if (!ntpUtility.isEmpty()) { ++ return ntpUtility; ++ } ++ } ++ return QString(); ++} ++ ++int ClockHelper::ntp( const QStringList& ntpServers, bool ntpEnabled ) + { + int ret = 0; + +@@ -69,6 +79,8 @@ int ClockHelper::ntp( const QStringList& ntpServers, bool ntpEnabled, + config.writeEntry("servers", ntpServers ); + config.writeEntry("enabled", ntpEnabled ); + ++ QString ntpUtility(findNtpUtility()); ++ + if ( ntpEnabled && !ntpUtility.isEmpty() ) { + // NTP Time setting + QString timeServer = ntpServers.first(); +@@ -227,7 +239,7 @@ ActionReply ClockHelper::save(const QVariantMap &args) + int ret = 0; // error code + // The order here is important + if( _ntp ) +- ret |= ntp( args.value("ntpServers").toStringList(), args.value("ntpEnabled").toBool(), args.value("ntpUtility").toString() ); ++ ret |= ntp( args.value("ntpServers").toStringList(), args.value("ntpEnabled").toBool()); + if( _date ) + ret |= date( args.value("newdate").toString(), args.value("olddate").toString() ); + if( _tz ) +--- kcontrol/dateandtime/helper.h ++++ kcontrol/dateandtime/helper.h +@@ -42,8 +42,7 @@ class ClockHelper : public QObject + ActionReply save(const QVariantMap &map); + + private: +- int ntp(const QStringList& ntpServers, bool ntpEnabled, +- const QString& ntpUtility); ++ int ntp(const QStringList& ntpServers, bool ntpEnabled); + int date(const QString& newdate, const QString& olddate); + int tz(const QString& selectedzone); + int tzreset();
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201411172125.sAHLPSl4084761>