1 files changed, 0 insertions, 43 deletions

diff --git a/recipes-security/libgssglue/files/libgssglue-fix-CVE-2011-2709.patch b/recipes-security/libgssglue/files/libgssglue-fix-CVE-2011-2709.patch
deleted file mode 100644
index 6aa1a65..0000000
--- a/recipes-security/libgssglue/files/libgssglue-fix-CVE-2011-2709.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-Use secure_getenv instead of getenv for setuid programs
-
-(bnc#694598 CVE-2011-2709 bnc#831805)
-
-import from:
-https://build.opensuse.org/package/view_file/openSUSE:Factory/libgssglue/secure-getenv.patch
-
-Upstream-Status: Pending
-
-Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
-
-diff --git a/src/g_initialize.c b/src/g_initialize.c
-index 200f173..935a9fa 100644
---- a/src/g_initialize.c
-+++ b/src/g_initialize.c
-@@ -26,6 +26,7 @@
-  * This function will initialize the gssapi mechglue library
-  */
- 
-+#define _GNU_SOURCE
- #include "mglueP.h"
- #include <stdlib.h>
- 
-@@ -197,8 +198,7 @@ static void solaris_initialize ()
-     void *dl;
-     gss_mechanism (*sym)(void), mech;
- 
--    if ((getuid() != geteuid()) ||
--        ((filename = getenv("GSSAPI_MECH_CONF")) == NULL))
-+    if ((filename = secure_getenv("GSSAPI_MECH_CONF")) == NULL)
- 	filename = MECH_CONF;
- 
-     if ((conffile = fopen(filename, "r")) == NULL) {
-@@ -274,8 +274,7 @@ static void linux_initialize ()
-     void *dl;
-     gss_mechanism (*sym)(void), mech;
- 
--    if ((getuid() != geteuid()) ||
--        ((filename = getenv("GSSAPI_MECH_CONF")) == NULL))
-+    if ((filename = secure_getenv("GSSAPI_MECH_CONF")) == NULL)
- 	filename = MECH_CONF;
- 
-     if ((conffile = fopen(filename, "r")) == NULL) {