From 6ddffed86803f5a18ce2bd0b730fe9a039faf042 Mon Sep 17 00:00:00 2001
From: Hugel <2712504175@qq.com>
Date: Tue, 29 Sep 2020 19:57:09 +0800
Subject: [PATCH] require /etc/tcsd.conf to be owned by root:tss mode 640 for
 CVE-2020-24331

---
 trousers.spec | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/trousers.spec b/trousers.spec
index a9fafcf..4c3a441 100644
--- a/trousers.spec
+++ b/trousers.spec
@@ -1,6 +1,6 @@
 Name:         trousers
 Version:      0.3.14
-Release:      4
+Release:      5
 Summary:      The open-source TCG Software Stack
 License:      BSD
 Url:          http://trousers.sourceforge.net
@@ -74,7 +74,7 @@ exit 0
 %doc README ChangeLog AUTHORS
 %license LICENSE
 %{_sbindir}/tcsd
-%config(noreplace) %attr(0600, tss, tss) %{_sysconfdir}/tcsd.conf
+%config(noreplace) %attr(0640, root, tss) %{_sysconfdir}/tcsd.conf
 %attr(0644,root,root) %{_unitdir}/tcsd.service
 %attr(0700, tss, tss) %{_localstatedir}/lib/tpm/
 %{_libdir}/libtspi.so.*
@@ -93,6 +93,9 @@ exit 0
 
 
 %changelog
+* Tue Sep 29 2020 Hugel <gengqihu1@huawei.com> - 1.9.8-5
+- require /etc/tcsd.conf to be owned by root:tss mode 640 for CVE-2020-24331
+
 * Mon Sep 14 2020 wangchen <wangchen137@huawei.com> - 1.9.8-4
 - Fix CVE-2020-24330 CVE-2020-24331 CVE-2020-24332