Bug#505791: NMU diff for syslog-ng 2.0.9-4.1

Sun, 23 Nov 2008 13:13:36 -0800 

Fixes this bug and two others with patches available.

Ben.

diff -u syslog-ng-2.0.9/debian/changelog syslog-ng-2.0.9/debian/changelog
--- syslog-ng-2.0.9/debian/changelog
+++ syslog-ng-2.0.9/debian/changelog
@@ -1,3 +1,12 @@
+syslog-ng (2.0.9-4.1) unstable; urgency=high
+
+  * Non-maintainer upload; high priority due to the following security fix.
+  * Add chdir() before chroot(), and exit if either fails. (Closes: #505791)
+  * Fix typo in postrm. (Closes: #505797)
+  * Fix path to DocBook XML DTD. (Closes: #477223)
+
+ -- Ben Hutchings <[EMAIL PROTECTED]>  Sun, 23 Nov 2008 20:26:06 +0000
+
 syslog-ng (2.0.9-4) unstable; urgency=low
 
   * Fixed init script to check /usr/sbin/syslog-ng instead of /sbin/syslog-ng. 
(Closes: #492363)
diff -u syslog-ng-2.0.9/doc/reference/syslog-ng.xml 
syslog-ng-2.0.9/doc/reference/syslog-ng.xml
--- syslog-ng-2.0.9/doc/reference/syslog-ng.xml
+++ syslog-ng-2.0.9/doc/reference/syslog-ng.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="iso-8859-2"?>
-<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" 
"/usr/share/xml/docbook/schema/4.3/docbookx.dtd" [
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.3//EN" 
"/usr/share/xml/docbook/schema/dtd/4.3/docbookx.dtd" [
   <!ENTITY % docvars SYSTEM "../docvars.xml.in">
   %docvars;
 ]>
only in patch2:
unchanged:
--- syslog-ng-2.0.9.orig/src/main.c
+++ syslog-ng-2.0.9/src/main.c
@@ -275,7 +275,7 @@
 {
   if (chroot_dir) 
     {
-      if (chroot(chroot_dir) < 0) 
+      if (chdir(chroot_dir) || chroot("."))
        {
          msg_error("Error during chroot()",
                    evt_tag_errno(EVT_TAG_OSERROR, errno),
@@ -428,7 +428,8 @@
   /* from now on internal messages are written to the system log as well */
   msg_syslog_started();
   
-  setup_creds();
+  if (!setup_creds())
+    return 1;
   setup_std_fds(log_to_stderr);
   
   rc = main_loop_run(&cfg);
only in patch2:
unchanged:
--- syslog-ng-2.0.9.orig/debian/syslog-ng.postrm
+++ syslog-ng-2.0.9/debian/syslog-ng.postrm
@@ -9,7 +9,7 @@
 fi
 
 # remove disabled files on purge or complete overwrite.
-if [ "$1" = "purge" -o "$1" = "dissappear" ]; then
+if [ "$1" = "purge" -o "$1" = "disappear" ]; then
     # main file
     [ -f /etc/logrotate.d/syslog-ng.disabled ] && rm -f 
/etc/logrotate.d/syslog-ng.disabled
 fi
--- END ---

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to