CVE-2008-5375, symlink attack wrt #250474.

(Portage version: 2.1.6.13/cvs/Linux x86_64)
author: Samuli Suominen <ssuominen@gentoo.org> 2009-05-12 06:19:03 +0000
committer: Samuli Suominen <ssuominen@gentoo.org> 2009-05-12 06:19:03 +0000
commit: b9b6dcee0ad47fbee15dbc706b5bf079c4bab652 (patch)
tree: 0051db604991606c5e3cafeb4a734c00b7232429 /media-sound/cmus/files
parent: Mask media-sound/rat for removal wrt security #208464, CVE-2008-0553. (diff)
download: gentoo-2-b9b6dcee0ad47fbee15dbc706b5bf079c4bab652.tar.gz
gentoo-2-b9b6dcee0ad47fbee15dbc706b5bf079c4bab652.tar.bz2
gentoo-2-b9b6dcee0ad47fbee15dbc706b5bf079c4bab652.zip
1 files changed, 12 insertions, 0 deletions
diff --git a/media-sound/cmus/files/cmus-2.2.0-symlink_attack.patch b/media-sound/cmus/files/cmus-2.2.0-symlink_attack.patch
new file mode 100644
index 000000000000..3c3e09c55cfe
--- /dev/null
+++ b/media-sound/cmus/files/cmus-2.2.0-symlink_attack.patch
@@ -0,0 +1,12 @@
+diff -ur cmus-2.2.0.orig/cmus-status-display cmus-2.2.0/cmus-status-display
+--- cmus-2.2.0.orig/cmus-status-display	2007-07-27 17:52:13.000000000 +0300
++++ cmus-2.2.0/cmus-status-display	2009-05-12 09:12:56.000000000 +0300
+@@ -19,7 +19,7 @@
+ output()
+ {
+ 	# write status to /tmp/cmus-status (not very useful though)
+-	echo "$*" >> /tmp/cmus-status 2>&1
++	echo "$*" >> ~/.cmus-status 2>&1
+ 
+ 	# WMI (http://wmi.modprobe.de/)
+ 	#wmiremote -t "$*" &> /dev/null
author	Samuli Suominen <ssuominen@gentoo.org>	2009-05-12 06:19:03 +0000
committer	Samuli Suominen <ssuominen@gentoo.org>	2009-05-12 06:19:03 +0000
commit	b9b6dcee0ad47fbee15dbc706b5bf079c4bab652 (patch)
tree	0051db604991606c5e3cafeb4a734c00b7232429 /media-sound/cmus/files
parent	Mask media-sound/rat for removal wrt security #208464, CVE-2008-0553. (diff)
download	gentoo-2-b9b6dcee0ad47fbee15dbc706b5bf079c4bab652.tar.gz gentoo-2-b9b6dcee0ad47fbee15dbc706b5bf079c4bab652.tar.bz2 gentoo-2-b9b6dcee0ad47fbee15dbc706b5bf079c4bab652.zip