Merge branch 'debian'

[hcoop/debian/exim4.git] / debian / patches / 84_14-CVE-2020-28012-Missing-close-on-exec-flag-for-privil.patch

diff --git a/debian/patches/84_14-CVE-2020-28012-Missing-close-on-exec-flag-for-privil.patch b/debian/patches/84_14-CVE-2020-28012-Missing-close-on-exec-flag-for-privil.patch
new file mode 100644 (file)
index 0000000..c9b2f65
--- /dev/null
+++ b/debian/patches/84_14-CVE-2020-28012-Missing-close-on-exec-flag-for-privil.patch
@@ -0,0 +1,31 @@
+From a1f36d86760def10138c1053eb3b1882b281fcd9 Mon Sep 17 00:00:00 2001
+From: Qualys Security Advisory <qsa@qualys.com>
+Date: Sun, 21 Feb 2021 21:53:55 -0800
+Subject: [PATCH 14/29] CVE-2020-28012: Missing close-on-exec flag for
+ privileged pipe
+
+---
+ src/rda.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/rda.c b/src/rda.c
+index 13f570928..c27e073a3 100644
+--- a/src/rda.c
++++ b/src/rda.c
+@@ -623,9 +623,13 @@ search_tidyup();
+ if ((pid = fork()) == 0)
+   {
+   header_line *waslast = header_last;   /* Save last header */
++  int fd_flags = -1;
+ 
+   fd = pfd[pipe_write];
+   (void)close(pfd[pipe_read]);
++
++  if ((fd_flags = fcntl(fd, F_GETFD)) == -1) goto bad;
++  if (fcntl(fd, F_SETFD, fd_flags | FD_CLOEXEC) == -1) goto bad;
+   exim_setugid(ugid->uid, ugid->gid, FALSE, rname);
+ 
+   /* Addresses can get rewritten in filters; if we are not root or the exim
+-- 
+2.30.2
+