SECURITY FIXES from SuSE

Changed files:
    at-heapcorruption.patch -> 1.1
    at-open.patch -> 1.1

diff --git a/at-heapcorruption.patch b/at-heapcorruption.patch
new file mode 100644 (file)
index 0000000..0b6fa21
--- /dev/null
+++ b/at-heapcorruption.patch
@@ -0,0 +1,29 @@
+diff -ruN ../at-3.1.8.orig/parsetime.y ./parsetime.y
+--- ../at-3.1.8.orig/parsetime.y       Mon Jan 14 17:59:09 2002
++++ ./parsetime.y      Mon Jan 14 18:01:22 2002
+@@ -193,7 +193,6 @@
+                                   exectm.tm_year -= 1900;
+                               }
+ 
+-                              free ($1);
+                       }
+                       else {
+                           sscanf($1, "%d", &exectm.tm_hour);
+@@ -369,6 +368,8 @@
+     time_only = 0;
+     if (yyparse() == 0) {
+       exectime = mktime(&exectm);
++      if (exectime == (time_t)-1)
++              return 0;
+       if (isgmt) {
+           exectime += timezone;
+           if (daylight) {
+@@ -432,6 +433,8 @@
+ {
+     time_t timeval;
+     timeval = mktime(tm);
++    if (timeval == (time_t)-1)
++      timeval = (time_t)0;
+     timeval += numsec;
+     *tm = *localtime(&timeval);
+ }

diff --git a/at-open.patch b/at-open.patch
new file mode 100644 (file)
index 0000000..b3dddac
--- /dev/null
+++ b/at-open.patch
@@ -0,0 +1,12 @@
+diff -ruN ../at-3.1.8.orig/at.c ./at.c
+--- ../at-3.1.8.orig/at.c      Mon Jan 14 17:59:08 2002
++++ ./at.c     Mon Jan 14 17:59:48 2002
+@@ -292,7 +292,7 @@
+        * bit.  Yes, this is a kluge.
+        */
+       cmask = umask(S_IRUSR | S_IWUSR | S_IXUSR);
+-      if ((fd = open(atfile, O_CREAT | O_TRUNC | O_WRONLY, S_IRUSR)) == -1)
++      if ((fd = open(atfile, O_CREAT | O_EXCL | O_TRUNC | O_WRONLY, S_IRUSR)) == -1)
+           perr("Cannot create atjob file %.500s", atfile);
+ 
+       if ((fd2 = dup(fd)) < 0)