non port: security/trousers/files/patch-src_tcsd_svrside.c |
Number of commits found: 3 |
Tuesday, 18 Aug 2020
|
23:23 zeising
security/trousers: fix security issues
Fix three security issues in security/trousers:
* CVE-2020-24332
If the tcsd daemon is started with root privileges,
the creation of the system.data file is prone to symlink attacks
* CVE-2020-24330
If the tcsd daemon is started with root privileges,
it fails to drop the root gid after it is no longer needed
* CVE-2020-24331
If the tcsd daemon is started with root privileges,
the tss user has read and write access to the /etc/tcsd.conf file
Add patches to fix potential use-after-free
Fix build with -fno-common
MFH: 2020Q3
Security: e37a0a7b-e1a7-11ea-9538-0c9d925bbbc0
|
Saturday, 19 Nov 2016
|
03:22 hrs
Update to 0.3.14. TrouSerS has been under 3-clause BSDL since 0.3.11.
|
Monday, 20 Jun 2016
|
16:23 mat
With the power of USES=dos2unix, get rid of most patches and files
with CRLF.
While there, run make makepatch, rename patches to use the new scheme,
and various fixes.
With hat: portmgr
Sponsored by: Absolight
|
Number of commits found: 3 |