diff options
Diffstat (limited to 'meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch')
-rw-r--r-- | meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch new file mode 100644 index 0000000000..aabc675b6a --- /dev/null +++ b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch @@ -0,0 +1,49 @@ +From 610f9fdbb86667f4094972547deb936c6cdfc6d5 Mon Sep 17 00:00:00 2001 +From: Andris Zeila <andris.zeila@zabbix.com> +Date: Fri, 12 Jan 2024 06:06:02 +0000 +Subject: [PATCH] .......PS. [DEV-2695] removed group/all access flags for + fping temporary files + +Merge in ZBX/zabbix from feature/DEV-2695-6.5 to master + +* commit 'cf07db1d5c2b8fe4a9de85fed22cf05035e08914': + .......PS. [DEV-2695] remove group/all access flags when creating fping input file for testing fping features + +(cherry picked from commit cd12f0a2d89c3ef05f0e9f50dcb73fdaf3a7e8a9) + +CVE: CVE-2023-32727 +Upstream_Status: Backport [https://github.com/zabbix/zabbix/commit/610f9fdbb86667f4094972547deb936c6cdfc6d5] + +Signed-off-by: Yogita Urade <yogita.urade@windriver.com> +--- + src/libs/zbxicmpping/icmpping.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/src/libs/zbxicmpping/icmpping.c b/src/libs/zbxicmpping/icmpping.c +index 9a751b7..bab3d09 100644 +--- a/src/libs/zbxicmpping/icmpping.c ++++ b/src/libs/zbxicmpping/icmpping.c +@@ -108,6 +108,7 @@ static int get_fping_out(const char *fping, const char *address, char **out, cha + int ret = FAIL, fd; + sigset_t mask, orig_mask; + char filename[MAX_STRING_LEN]; ++ mode_t mode; + + if (FAIL == zbx_validate_hostname(address) && FAIL == is_supported_ip(address)) + { +@@ -116,7 +117,12 @@ static int get_fping_out(const char *fping, const char *address, char **out, cha + } + + zbx_snprintf(filename, sizeof(filename), "%s/%s_XXXXXX", CONFIG_TMPDIR, progname); +- if (-1 == (fd = mkstemp(filename))) ++ ++ mode = umask(077); ++ fd = mkstemp(filename); ++ umask(mode); ++ ++ if (-1 == fd) + { + zbx_snprintf(error, max_error_len, "Cannot create temporary file \"%s\": %s", filename, + zbx_strerror(errno)); +-- +2.40.0 |