[wicd/el6] Fix CVE-2012-2095 (#811764)
David Cantrell
dcantrel at fedoraproject.org
Fri Apr 13 16:50:24 UTC 2012
commit e0a014ce335bd5a72a709161148050807bc3ad40
Author: David Cantrell <dcantrell at redhat.com>
Date: Fri Apr 13 12:50:12 2012 -0400
Fix CVE-2012-2095 (#811764)
wicd-1.7.0-CVE-2012-2095.patch | 91 ++++++++++++++++++++++++++++++++++++++++
wicd.spec | 13 +++++-
2 files changed, 102 insertions(+), 2 deletions(-)
---
diff --git a/wicd-1.7.0-CVE-2012-2095.patch b/wicd-1.7.0-CVE-2012-2095.patch
new file mode 100644
index 0000000..da6a4b3
--- /dev/null
+++ b/wicd-1.7.0-CVE-2012-2095.patch
@@ -0,0 +1,91 @@
+diff -up wicd-1.7.0/wicd/wicd-daemon.py.CVE-2012-2095 wicd-1.7.0/wicd/wicd-daemon.py
+--- wicd-1.7.0/wicd/wicd-daemon.py.CVE-2012-2095 2012-04-13 10:17:46.356047035 -0400
++++ wicd-1.7.0/wicd/wicd-daemon.py 2012-04-13 10:18:35.018046979 -0400
+@@ -978,6 +978,28 @@ class WirelessDaemon(dbus.service.Object
+ "wireless-settings.conf"),
+ debug=debug)
+
++ self._validProperties = (
++ 'bssid',
++ 'essid',
++ 'hidden',
++ 'channel',
++ 'mode',
++ 'enctype',
++ 'encryption_method',
++ 'key',
++ 'automatic',
++ 'ip',
++ 'netmask',
++ 'broadcast',
++ 'gateway',
++ 'use_static_dns',
++ 'use_global_dns',
++ 'dns1',
++ 'dns2',
++ 'dns3',
++ 'use_settings_globally',
++ )
++
+ def get_debug_mode(self):
+ return self._debug_mode
+ def set_debug_mode(self, mode):
+@@ -1086,9 +1108,9 @@ class WirelessDaemon(dbus.service.Object
+ def SetWirelessProperty(self, netid, prop, value):
+ """ Sets property to value in network specified. """
+ # We don't write script settings here.
+- if (prop.strip()).endswith("script"):
+- print "Setting script properties through the daemon is not" \
+- + " permitted."
++ if prop.strip() not in self._validProperties:
++ print "Trying to set invalid property (or property not " \
++ "permitted): "+ prop.strip() + "."
+ return False
+ self.LastScan[netid][prop] = misc.to_unicode(misc.Noneify(value))
+
+@@ -1365,6 +1387,25 @@ class WiredDaemon(dbus.service.Object):
+ "wired-settings.conf"),
+ debug=debug)
+
++ self._validProperties = (
++ 'ip',
++ 'broadcast',
++ 'netmask',
++ 'gateway',
++ 'search_domain',
++ 'dns_domain',
++ 'dns1',
++ 'dns2',
++ 'dns3',
++ 'encryption_enabled',
++ 'default',
++ 'dhcphostname',
++ 'lastused',
++ 'profilename',
++ 'use_global_dns',
++ 'use_static_dns',
++ )
++
+ def get_debug_mode(self):
+ return self._debug_mode
+ def set_debug_mode(self, mode):
+@@ -1405,14 +1446,14 @@ class WiredDaemon(dbus.service.Object):
+ return str(iface)
+
+ @dbus.service.method('org.wicd.daemon.wired')
+- def SetWiredProperty(self, property, value):
++ def SetWiredProperty(self, prop, value):
+ """ Sets the given property to the given value. """
+ if self.WiredNetwork:
+- if (property.strip()).endswith("script"):
+- print "Setting script properties through the daemon" \
+- + " is not permitted."
++ if prop.strip() not in self._validProperties:
++ print "Trying to set invalid property (or property not " \
++ "permitted): "+ prop.strip() + "."
+ return False
+- self.WiredNetwork[property] = misc.to_unicode(misc.Noneify(value))
++ self.WiredNetwork[prop] = misc.to_unicode(misc.Noneify(value))
+ return True
+ else:
+ print 'SetWiredProperty: WiredNetwork does not exist'
diff --git a/wicd.spec b/wicd.spec
index 1316c9f..f8e98f9 100644
--- a/wicd.spec
+++ b/wicd.spec
@@ -7,7 +7,7 @@
Name: wicd
Version: 1.7.0
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: Wireless and wired network connection manager
Group: System Environment/Base
@@ -18,6 +18,7 @@ Source1: wicd.logrotate
Patch0: wicd-1.7.0-remove-WHEREAREMYFILES.patch
Patch1: wicd-1.7.0-initscript.patch
Patch2: wicd-1.7.0-CVE-2012-0813.patch
+Patch3: wicd-1.7.0-CVE-2012-2095.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -u -n)
BuildRequires: python2-devel
@@ -94,6 +95,11 @@ Client program for wicd that uses a GTK+ interface.
# http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/revision/682
%patch2 -p1
+# Fix CVE-2012-2095
+# Patch based on upstream:
+# http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/revision/751
+%patch3 -p1
+
%build
# NOTE: --etc is where dhclient.conf.template goes
%{__python} setup.py configure \
@@ -259,8 +265,11 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
%{_datadir}/icons/hicolor/scalable/apps/wicd-gtk.svg
%changelog
+* Fri Apr 13 2012 David Cantrell <dcantrell at redhat.com> - 1.7.0-3
+- Fix CVE-2012-2095 (#811764)
+
* Fri Jan 27 2012 David Cantrell <dcantrell at redhat.com> - 1.7.0-2
-- Fix CVS-2012-0813 (#785147)
+- Fix CVE-2012-0813 (#785147)
* Mon Jun 21 2010 David Cantrell <dcantrell at redhat.com> - 1.7.0-1
- Initial package
More information about the scm-commits
mailing list