fdo-mirrors/xserver
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/xserver.git synced 2025-12-31 23:00:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
xserver/os
History
Matthieu Herrb e4bf3807ae Fix CVE-2011-4029: File permission change vulnerability. 
Use fchmod() to change permissions of the lock file instead
of chmod(), thus avoid the race that can be exploited to set
a symbolic link to any file or directory in the system.

Signed-off-by: Matthieu Herrb <matthieu.herrb@laas.fr>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
(cherry picked from commit b67581cf82)
2011-10-18 09:23:40 -07:00
..
.gitignore .gitignore: use common defaults with custom section #24239 2009-11-11 21:40:20 -08:00
access.c os: Silence warnings when building with clang 2011-05-11 12:26:53 -07:00
auth.c Constify function prototypes in auth & xdmcp code 2010-05-07 12:22:58 -07:00
backtrace.c Miscellaneous compilation warning fixes 2009-12-08 15:50:28 -08:00
connection.c os: always check if client is local when connection is accepted 2010-12-31 12:52:51 +00:00
io.c os: Fix BigReq ignoring when another request is pending 2010-11-10 14:58:28 -08:00
log.c os: Silence warnings when building with clang 2011-05-11 12:26:53 -07:00
Makefile.am os: Prevent backtrace from being stopped in noreturn functions. 2010-03-25 06:03:43 +01:00
mitauth.c Replace X-allocation functions with their C89 counterparts 2010-05-13 00:22:37 +07:00
oscolor.c Rework symbol visibility for easier maintenance 2008-12-03 05:43:34 -02:00
osdep.h os: always check if client is local when connection is accepted 2010-12-31 12:52:51 +00:00
osinit.c Remove SCO support 2010-12-20 12:11:11 -05:00
rpcauth.c Replace X-allocation functions with their C89 counterparts 2010-05-13 00:22:37 +07:00
strcasecmp.c Remove unnecessary parentheses around return values in functions 2010-06-10 06:42:42 -07:00
strcasestr.c Remove unnecessary parentheses around return values in functions 2010-06-10 06:42:42 -07:00
strlcat.c os: include dix-config.h, not xorg-config.h 2010-11-11 08:41:38 +10:00
strlcpy.c os: include dix-config.h, not xorg-config.h 2010-11-11 08:41:38 +10:00
utils.c Fix CVE-2011-4029: File permission change vulnerability. 2011-10-18 09:23:40 -07:00
WaitFor.c os: Reduce smart scheduler setup calls 2011-01-20 21:08:17 -05:00
xdmauth.c Replace deprecated bzero with memset 2010-06-06 15:07:27 +07:00
xdmcp.c os: Clean up various xtrans bits that we've never supported 2010-10-15 16:50:23 -04:00
xprintf.c Typo in xserver Xvasprintf() 2010-12-18 00:22:29 -08:00
xsha1.c Replace X-allocation functions with their C89 counterparts 2010-05-13 00:22:37 +07:00
xstrans.c os: Silence warnings when building with clang 2011-05-11 12:26:53 -07:00