andreacavalli
/
xserver-multidpi
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
xserver-multidpi/os
History
Matthieu Herrb 630e4c9386 Fix CVE-2011-4029: File permission change vulnerability. 
Use fchmod() to change permissions of the lock file instead
of chmod(), thus avoid the race that can be exploited to set
a symbolic link to any file or directory in the system.

Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
(cherry picked from commit b67581cf82)
 		2011-10-29 18:59:32 +02:00
..
.gitignore .gitignore: use common defaults with custom section #24239 2009-11-11 21:40:20 -08:00
Makefile.am os: Prevent backtrace from being stopped in noreturn functions. 2010-03-25 06:03:43 +01:00
WaitFor.c Update to xextproto 7.0.99.1. 2009-07-15 17:00:05 +10:00
access.c Don't crash when asked if a client that has disconnected was local 2010-09-04 11:39:54 -07:00
auth.c Rework symbol visibility for easier maintenance 2008-12-03 05:43:34 -02:00
backtrace.c Miscellaneous compilation warning fixes 2009-12-08 15:50:28 -08:00
connection.c OS support: fix writeable client vs IgnoreClient behavior 2010-07-02 09:19:46 -07:00
io.c os: Return BadLength instead of disconnecting BigReq clients (#4565) 2010-10-01 13:32:05 -07:00
log.c XQuartz: Fix a build failure on Tiger 2010-05-17 09:12:34 -07:00
mitauth.c Remove a bunch of useless casts. 2009-01-22 02:11:16 -05:00
oscolor.c Rework symbol visibility for easier maintenance 2008-12-03 05:43:34 -02:00
osdep.h os: Return BadLength instead of disconnecting BigReq clients (#4565) 2010-10-01 13:32:05 -07:00
osinit.c linux: Yet more malloc() avoidance for backtrace() 2009-08-20 15:43:55 -04:00
rpcauth.c Remove a bunch of useless casts. 2009-01-22 02:11:16 -05:00
strcasecmp.c Rework symbol visibility for easier maintenance 2008-12-03 05:43:34 -02:00
strcasestr.c Rework symbol visibility for easier maintenance 2008-12-03 05:43:34 -02:00
strlcat.c Rework symbol visibility for easier maintenance 2008-12-03 05:43:34 -02:00
strlcpy.c Rework symbol visibility for easier maintenance 2008-12-03 05:43:34 -02:00
utils.c Fix CVE-2011-4029: File permission change vulnerability. 2011-10-29 18:59:32 +02:00
xdmauth.c Remove a bunch of useless casts. 2009-01-22 02:11:16 -05:00
xdmcp.c xdmcp: Don't crash on X -query with more than 255 IP addresses. (#20675) 2009-04-14 10:57:19 -04:00
xprintf.c Rework symbol visibility for easier maintenance 2008-12-03 05:43:34 -02:00
xsha1.c SHA1: Add support for Common Crypto 2009-11-05 18:34:50 -08:00
xstrans.c Change HAVE_CONFIG_H to HAVE_DIX_CONFIG_H. 2005-07-03 12:16:29 +00:00