aboutsummaryrefslogtreecommitdiff
path: root/system/ipmitool/patches/0001-CVE-2011-4339-OpenIPMI.patch
diff options
context:
space:
mode:
Diffstat (limited to 'system/ipmitool/patches/0001-CVE-2011-4339-OpenIPMI.patch')
-rw-r--r--system/ipmitool/patches/0001-CVE-2011-4339-OpenIPMI.patch25
1 files changed, 25 insertions, 0 deletions
diff --git a/system/ipmitool/patches/0001-CVE-2011-4339-OpenIPMI.patch b/system/ipmitool/patches/0001-CVE-2011-4339-OpenIPMI.patch
new file mode 100644
index 000000000000..437c9adaf9c8
--- /dev/null
+++ b/system/ipmitool/patches/0001-CVE-2011-4339-OpenIPMI.patch
@@ -0,0 +1,25 @@
+From 152efd46931a70ab4e3d81e99d312df7dcd666e6 Mon Sep 17 00:00:00 2001
+From: Boris Ranto <branto@redhat.com>
+Date: Tue, 10 May 2016 19:12:08 +0200
+Subject: [PATCH] CVE-2011-4339 OpenIPMI
+
+IPMI event daemon creates PID file with world writeable permissions
+---
+ lib/helper.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/lib/helper.c b/lib/helper.c
+index de91438..c3a1c80 100644
+--- a/lib/helper.c
++++ b/lib/helper.c
+@@ -829,7 +829,6 @@ ipmi_start_daemon(struct ipmi_intf *intf)
+ #endif
+
+ chdir("/");
+- umask(0);
+
+ for (fd=0; fd<64; fd++) {
+ if (fd != intf->fd)
+--
+2.7.4
+
generated by cgit v1.2.3 (git 2.26.2) at 2024-11-20 05:41:55 +0000