aboutsummaryrefslogtreecommitdiffstats
path: root/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch')
-rw-r--r--meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch49
1 files changed, 49 insertions, 0 deletions
diff --git a/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch
new file mode 100644
index 0000000000..aabc675b6a
--- /dev/null
+++ b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch
@@ -0,0 +1,49 @@
+From 610f9fdbb86667f4094972547deb936c6cdfc6d5 Mon Sep 17 00:00:00 2001
+From: Andris Zeila <andris.zeila@zabbix.com>
+Date: Fri, 12 Jan 2024 06:06:02 +0000
+Subject: [PATCH] .......PS. [DEV-2695] removed group/all access flags for
+ fping temporary files
+
+Merge in ZBX/zabbix from feature/DEV-2695-6.5 to master
+
+* commit 'cf07db1d5c2b8fe4a9de85fed22cf05035e08914':
+ .......PS. [DEV-2695] remove group/all access flags when creating fping input file for testing fping features
+
+(cherry picked from commit cd12f0a2d89c3ef05f0e9f50dcb73fdaf3a7e8a9)
+
+CVE: CVE-2023-32727
+Upstream_Status: Backport [https://github.com/zabbix/zabbix/commit/610f9fdbb86667f4094972547deb936c6cdfc6d5]
+
+Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
+---
+ src/libs/zbxicmpping/icmpping.c | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/src/libs/zbxicmpping/icmpping.c b/src/libs/zbxicmpping/icmpping.c
+index 9a751b7..bab3d09 100644
+--- a/src/libs/zbxicmpping/icmpping.c
++++ b/src/libs/zbxicmpping/icmpping.c
+@@ -108,6 +108,7 @@ static int get_fping_out(const char *fping, const char *address, char **out, cha
+ int ret = FAIL, fd;
+ sigset_t mask, orig_mask;
+ char filename[MAX_STRING_LEN];
++ mode_t mode;
+
+ if (FAIL == zbx_validate_hostname(address) && FAIL == is_supported_ip(address))
+ {
+@@ -116,7 +117,12 @@ static int get_fping_out(const char *fping, const char *address, char **out, cha
+ }
+
+ zbx_snprintf(filename, sizeof(filename), "%s/%s_XXXXXX", CONFIG_TMPDIR, progname);
+- if (-1 == (fd = mkstemp(filename)))
++
++ mode = umask(077);
++ fd = mkstemp(filename);
++ umask(mode);
++
++ if (-1 == fd)
+ {
+ zbx_snprintf(error, max_error_len, "Cannot create temporary file \"%s\": %s", filename,
+ zbx_strerror(errno));
+--
+2.40.0
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-30 21:56:06 +0000