summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/screen
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-extended/screen')
-rw-r--r--meta/recipes-extended/screen/screen/CVE-2023-24626.patch40
-rw-r--r--meta/recipes-extended/screen/screen_4.8.0.bb1
2 files changed, 41 insertions, 0 deletions
diff --git a/meta/recipes-extended/screen/screen/CVE-2023-24626.patch b/meta/recipes-extended/screen/screen/CVE-2023-24626.patch
new file mode 100644
index 0000000000..73caf9d81b
--- /dev/null
+++ b/meta/recipes-extended/screen/screen/CVE-2023-24626.patch
@@ -0,0 +1,40 @@
+From e9ad41bfedb4537a6f0de20f00b27c7739f168f7 Mon Sep 17 00:00:00 2001
+From: Alexander Naumov <alexander_naumov@opensuse.org>
+Date: Mon, 30 Jan 2023 17:22:25 +0200
+Subject: fix: missing signal sending permission check on failed query messages
+
+Signed-off-by: Alexander Naumov <alexander_naumov@opensuse.org>
+
+CVE: CVE-2023-24626
+Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/screen.git/commit/?id=e9ad41bfedb4537a6f0de20f00b27c7739f168f7]
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ socket.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/socket.c b/socket.c
+index bb68b35..9d87445 100644
+--- a/socket.c
++++ b/socket.c
+@@ -1285,11 +1285,16 @@ ReceiveMsg()
+ else
+ queryflag = -1;
+
+- Kill(m.m.command.apid,
++ if (CheckPid(m.m.command.apid)) {
++ Msg(0, "Query attempt with bad pid(%d)!", m.m.command.apid);
++ }
++ else {
++ Kill(m.m.command.apid,
+ (queryflag >= 0)
+ ? SIGCONT
+ : SIG_BYE); /* Send SIG_BYE if an error happened */
+- queryflag = -1;
++ queryflag = -1;
++ }
+ }
+ break;
+ case MSG_COMMAND:
+--
+2.25.1
+
diff --git a/meta/recipes-extended/screen/screen_4.8.0.bb b/meta/recipes-extended/screen/screen_4.8.0.bb
index fe640c262b..c4faa27023 100644
--- a/meta/recipes-extended/screen/screen_4.8.0.bb
+++ b/meta/recipes-extended/screen/screen_4.8.0.bb
@@ -22,6 +22,7 @@ SRC_URI = "${GNU_MIRROR}/screen/screen-${PV}.tar.gz \
file://0001-fix-for-multijob-build.patch \
file://0001-Remove-more-compatibility-stuff.patch \
file://CVE-2021-26937.patch \
+ file://CVE-2023-24626.patch \
"
SRC_URI[md5sum] = "d276213d3acd10339cd37848b8c4ab1e"
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-06-06 14:57:02 +0000