packages/ncurses
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ncurses/backport-0002-CVE-2023-29491-env-access.patch
yangl777 91702f9ee8 fix CVE-2023-29491 
(cherry picked from commit 2fe55f9f4b797b89c9d70fdc82cea6db078c8438)
2023-07-10 15:45:16 +08:00

33 lines
978 B
Diff
Raw Permalink Blame History

From 94240194a58b15e7fc3a015ed123ebb124f4e869 Mon Sep 17 00:00:00 2001
From: Sven Joachim <svenjoac@gmx.de>
Date: Mon, 1 May 2023 11:32:01 +0200
Subject: [PATCH] Change the behavior of the "--disable-root-environ" option
The new patch debian-env-access.diff makes the
"--disable-root-environ" configure option functionally equivalent to
the --disable-setuid-environ" option that has been added in the
20230425 upstream patchlevel.
Conflict:NA
Reference:https://salsa.debian.org/debian/ncurses/-/commit/94240194a58b15e7fc3a015ed123ebb124f4e869
---
ncurses/tinfo/access.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/ncurses/tinfo/access.c b/ncurses/tinfo/access.c
index a735db2..c9f8660 100644
--- a/ncurses/tinfo/access.c
+++ b/ncurses/tinfo/access.c
@@ -215,8 +215,6 @@ _nc_env_access(void)
if (is_elevated()) {
result = FALSE;
- } else if ((getuid() == ROOT_UID) || (geteuid() == ROOT_UID)) {
- result = FALSE;
}
return result;
}
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink