diff options
| author |   Mart Raudsepp <leio@gentoo.org> | 2020-01-11 20:11:39 +0200 |
|---|---|---|
| committer | Mart Raudsepp <leio@gentoo.org> | 2020-01-11 20:12:17 +0200 |
| commit | 0b605b42363650b0b8dcd49bb1b9787d317eceec (patch) | |
| tree | 4e690eced6d6ebf3a191a404df1dfc9d5a223c3b /dev-libs/glib/files/2.58.3-CVE-2019-12450.patch | |
| parent | dev-util/gdbus-codegen: remove old (diff) | |
| download | gentoo-0b605b42363650b0b8dcd49bb1b9787d317eceec.tar.gz gentoo-0b605b42363650b0b8dcd49bb1b9787d317eceec.tar.bz2 gentoo-0b605b42363650b0b8dcd49bb1b9787d317eceec.zip | |
dev-libs/glib: remove old
Package-Manager: Portage-2.3.79, Repoman-2.3.12
Signed-off-by: Mart Raudsepp <leio@gentoo.org>
Diffstat (limited to 'dev-libs/glib/files/2.58.3-CVE-2019-12450.patch')
| -rw-r--r-- | dev-libs/glib/files/2.58.3-CVE-2019-12450.patch | 53 |
1 files changed, 0 insertions, 53 deletions
diff --git a/dev-libs/glib/files/2.58.3-CVE-2019-12450.patch b/dev-libs/glib/files/2.58.3-CVE-2019-12450.patch deleted file mode 100644 index 949ac56431f1..000000000000 --- a/dev-libs/glib/files/2.58.3-CVE-2019-12450.patch +++ /dev/null @@ -1,53 +0,0 @@ -From e6b769819d63d2b24b251dbc9f902fe6fd614da3 Mon Sep 17 00:00:00 2001 -From: Ondrej Holy <oholy@redhat.com> -Date: Thu, 23 May 2019 10:41:53 +0200 -Subject: [PATCH] gfile: Limit access to files when copying - -file_copy_fallback creates new files with default permissions and -set the correct permissions after the operation is finished. This -might cause that the files can be accessible by more users during -the operation than expected. Use G_FILE_CREATE_PRIVATE for the new -files to limit access to those files. ---- - gio/gfile.c | 11 ++++++----- - 1 file changed, 6 insertions(+), 5 deletions(-) - -diff --git a/gio/gfile.c b/gio/gfile.c -index 1cc69166a..13b435480 100644 ---- a/gio/gfile.c -+++ b/gio/gfile.c -@@ -3284,12 +3284,12 @@ file_copy_fallback (GFile *source, - out = (GOutputStream*)_g_local_file_output_stream_replace (_g_local_file_get_filename (G_LOCAL_FILE (destination)), - FALSE, NULL, - flags & G_FILE_COPY_BACKUP, -- G_FILE_CREATE_REPLACE_DESTINATION, -- info, -+ G_FILE_CREATE_REPLACE_DESTINATION | -+ G_FILE_CREATE_PRIVATE, info, - cancellable, error); - else - out = (GOutputStream*)_g_local_file_output_stream_create (_g_local_file_get_filename (G_LOCAL_FILE (destination)), -- FALSE, 0, info, -+ FALSE, G_FILE_CREATE_PRIVATE, info, - cancellable, error); - } - else if (flags & G_FILE_COPY_OVERWRITE) -@@ -3297,12 +3297,13 @@ file_copy_fallback (GFile *source, - out = (GOutputStream *)g_file_replace (destination, - NULL, - flags & G_FILE_COPY_BACKUP, -- G_FILE_CREATE_REPLACE_DESTINATION, -+ G_FILE_CREATE_REPLACE_DESTINATION | -+ G_FILE_CREATE_PRIVATE, - cancellable, error); - } - else - { -- out = (GOutputStream *)g_file_create (destination, 0, cancellable, error); -+ out = (GOutputStream *)g_file_create (destination, G_FILE_CREATE_PRIVATE, cancellable, error); - } - - if (!out) --- -2.20.1 - |