summaryrefslogtreecommitdiff
path: root/debian/patches-applied
diff options
context:
space:
mode:
authorSteve Langasek <vorlon@debian.org>2013-02-11 19:02:37 -0800
committerSteve Langasek <vorlon@debian.org>2019-01-08 22:11:49 -0800
commit1f362f8fbacbe742c940187199bff4b5b28c9561 (patch)
treeb3ecdc627b65ea4dcd2afe1e43d62cf4454e3a2d /debian/patches-applied
parent445fb44ae72d252900dd18b4d38e4f04eb8d0299 (diff)
Confirm NMU for bug #611136; thanks to Michael Gilbert.
Diffstat (limited to 'debian/patches-applied')
-rw-r--r--debian/patches-applied/cve-2011-4708.patch12
-rw-r--r--debian/patches-applied/series1
2 files changed, 13 insertions, 0 deletions
diff --git a/debian/patches-applied/cve-2011-4708.patch b/debian/patches-applied/cve-2011-4708.patch
new file mode 100644
index 00000000..b0413ff9
--- /dev/null
+++ b/debian/patches-applied/cve-2011-4708.patch
@@ -0,0 +1,12 @@
+Description: fix cve-2011-4708: .pam_environment privilege issue
+--- pam-1.1.3.orig/modules/pam_env/pam_env.c
++++ pam-1.1.3/modules/pam_env/pam_env.c
+@@ -10,7 +10,7 @@
+ #define DEFAULT_READ_ENVFILE 1
+
+ #define DEFAULT_USER_ENVFILE ".pam_environment"
+-#define DEFAULT_USER_READ_ENVFILE 1
++#define DEFAULT_USER_READ_ENVFILE 0
+
+ #include "config.h"
+
diff --git a/debian/patches-applied/series b/debian/patches-applied/series
index 9006ae52..46b106af 100644
--- a/debian/patches-applied/series
+++ b/debian/patches-applied/series
@@ -24,3 +24,4 @@ no_PATH_MAX_on_hurd
lib_security_multiarch_compat
pam_env-fix-overflow.patch
pam_env-fix-dos.patch
+cve-2011-4708.patch