diff -u uim-0.4.7/debian/patches/00list uim-0.4.7/debian/patches/00list --- uim-0.4.7/debian/patches/00list +++ uim-0.4.7/debian/patches/00list @@ -1,0 +2 @@ +08_fix_privilage_escalation_GLSA_2005_10_3.dpatch diff -u uim-0.4.7/debian/changelog uim-0.4.7/debian/changelog --- uim-0.4.7/debian/changelog +++ uim-0.4.7/debian/changelog @@ -1,3 +1,15 @@ +uim (1:0.4.7-1ubuntu2) breezy; urgency=low + + * SECURITY UPDATE: fix priviledge escalation problem + * Added debian/patches/08_fix_privilage_escalation_GLSA_2005_10_3.dpatch: + This patch is backported from 1:0.4.7-2 (debian unstable). + * References: + CAN-2005-3149 + http://bugs.debian.org/331620 + https://launchpad.net/malone/3328 + + -- Benjamin Montgomery Sun, 6 Nov 2005 20:59:29 -0600 + uim (1:0.4.7-1ubuntu1) breezy; urgency=low * debian/control: only in patch2: unchanged: --- uim-0.4.7.orig/debian/patches/08_fix_privilage_escalation_GLSA_2005_10_3.dpatch +++ uim-0.4.7/debian/patches/08_fix_privilage_escalation_GLSA_2005_10_3.dpatch @@ -0,0 +1,80 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 08_fix_privilage_escalation_GLSA_2005_10_3.dpatch by Masahito Omote +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: No description. + +@DPATCH@ +diff -urNad uim-0.4.7~/scm/custom-rt.scm uim-0.4.7/scm/custom-rt.scm +--- uim-0.4.7~/scm/custom-rt.scm 2005-04-20 04:48:24.000000000 +0900 ++++ uim-0.4.7/scm/custom-rt.scm 2005-10-17 13:38:22.943153000 +0900 +@@ -74,7 +74,8 @@ + (cons filename custom-required-custom-files))) + (let* ((post-groups (custom-list-primary-groups)) + (new-groups (list-tail post-groups (length pre-groups)))) +- (if (not (getenv "LIBUIM_VANILLA")) ++ (if (and (not (getenv "LIBUIM_VANILLA")) ++ (not (is-set-ugid?))) + (for-each custom-load-group-conf + (reverse new-groups))))))) + +diff -urNad uim-0.4.7~/uim/uim-custom.c uim-0.4.7/uim/uim-custom.c +--- uim-0.4.7~/uim/uim-custom.c 2005-04-20 04:48:25.000000000 +0900 ++++ uim-0.4.7/uim/uim-custom.c 2005-10-17 13:37:13.962842000 +0900 +@@ -826,7 +826,11 @@ + uim_bool + uim_custom_load(void) + { +- return for_each_primary_groups(uim_custom_load_group); ++ if(uim_helper_is_setugid() == UIM_FALSE) { ++ return for_each_primary_groups(uim_custom_load_group); ++ } else { ++ return UIM_FALSE; ++ } + } + + static uim_bool +@@ -892,7 +896,11 @@ + uim_bool + uim_custom_save(void) + { +- return for_each_primary_groups(uim_custom_save_group); ++ if(uim_helper_is_setugid() == UIM_FALSE) { ++ return for_each_primary_groups(uim_custom_save_group); ++ } else { ++ return UIM_FALSE; ++ } + } + + /** +diff -urNad uim-0.4.7~/uim/uim-helper.c uim-0.4.7/uim/uim-helper.c +--- uim-0.4.7~/uim/uim-helper.c 2005-04-20 04:48:25.000000000 +0900 ++++ uim-0.4.7/uim/uim-helper.c 2005-10-17 13:37:13.962842000 +0900 +@@ -209,6 +209,16 @@ + return NULL; + } + ++/* Interface function for is_setugid. */ ++uim_bool ++uim_helper_is_setugid(void) ++{ ++ if(is_setugid() != 0) ++ return UIM_TRUE; ++ else ++ return UIM_FALSE; ++} ++ + int + is_setugid(void) + { +diff -urNad uim-0.4.7~/uim/uim-helper.h uim-0.4.7/uim/uim-helper.h +--- uim-0.4.7~/uim/uim-helper.h 2005-04-20 04:48:25.000000000 +0900 ++++ uim-0.4.7/uim/uim-helper.h 2005-10-17 13:37:13.962842000 +0900 +@@ -59,6 +59,7 @@ + void uim_helper_buffer_shift(char *buf, int count); + char *uim_helper_buffer_get_message(char *buf); + ++uim_bool uim_helper_is_setugid(void); + #ifdef __cplusplus + } + #endif