fdo-mirrors/xserver
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/xserver.git synced 2026-05-09 09:38:14 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
xserver/hw
History
Exact
Matthieu Herrb 8a59e3b7db Disable -logfile and -modulepath when running with elevated privileges 
Could cause privilege elevation and/or arbitrary files overwrite, when
the X server is running with elevated privileges (ie when Xorg is
installed with the setuid bit set and started by a non-root user).

CVE-2018-14665

Issue reported by Narendra Shinde and Red Hat.

Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Adam Jackson <ajax@redhat.com>
(cherry picked from commit 50c0cf885a)
2018-10-25 09:18:06 -04:00
..
dmx dmx: Silence a string truncation warning. 2018-04-05 14:18:44 -04:00
kdrive meson: Install man pages 2018-03-27 10:28:33 -04:00
vfb vfb: Fix man page in re depth 2018-04-24 14:44:06 -04:00
xfree86 Disable -logfile and -modulepath when running with elevated privileges 2018-10-25 09:18:06 -04:00
xnest meson: Install man pages 2018-03-27 10:28:33 -04:00
xquartz man: s/__/@/g 2018-03-27 10:13:17 -04:00
xwayland glamor/egl: Avoid crashing on broken configurations 2018-10-12 11:35:07 -04:00
xwin meson: install xwinclip and Xwinrc man pages 2018-06-19 09:52:17 -04:00
Makefile.am Xwayland DDX 2014-04-03 15:19:22 -07:00
meson.build meson: Move Xvfb build under an option. 2017-09-20 13:19:21 -04:00