rpms/netatalk/devel netatalk-2.0.3-papd_cmds.patch, NONE, 1.1 netatalk.spec, 1.50, 1.51
Jiri Skala
jskala at fedoraproject.org
Tue Feb 17 07:27:43 UTC 2009
- Previous message: rpms/geglmm/devel geglmm-0.0.22-add-cstdio.patch, NONE, 1.1 geglmm-0.0.22-kill-warnings.patch, NONE, 1.1 geglmm.spec, NONE, 1.1 import.log, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message: rpms/rpm/devel rpm-4.6.0-anyarch-actions-fix.patch, 1.1, 1.2 rpm.spec, 1.327, 1.328
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jskala
Update of /cvs/extras/rpms/netatalk/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv27244
Modified Files:
netatalk.spec
Added Files:
netatalk-2.0.3-papd_cmds.patch
Log Message:
* Mon Feb 16 2009 Jiri Skala <jskala at redhat.com> -4:2.0.3-26
- Resolves #480641 - CVE-2008-5718 netatalk: papd command injection vulnerability
netatalk-2.0.3-papd_cmds.patch:
--- NEW FILE netatalk-2.0.3-papd_cmds.patch ---
diff -Nurad netatalk-2.0.3.orig/etc/papd/lp.c netatalk-2.0.3/etc/papd/lp.c
--- netatalk-2.0.3.orig/etc/papd/lp.c 2009-01-28 17:04:36.000000000 +0100
+++ netatalk-2.0.3/etc/papd/lp.c 2009-01-28 17:05:01.000000000 +0100
@@ -212,10 +212,54 @@
#define is_var(a, b) (strncmp((a), (b), 2) == 0)
+static size_t quote(char *dest, char *src, const size_t bsize, size_t len) {
+ size_t used = 0;
+
+ while (len && used < bsize ) {
+ switch (*src) {
+ case '$':
+ case '\\':
+ case '"':
+ case ';':
+ case '&':
+ case '(':
+ case ')':
+ case ' ':
+ case '*':
+ case '#':
+ case '|':
+ case '>':
+ case '<':
+ case '[':
+ case ']':
+ case '{':
+ case '}':
+ case '^':
+ case '?':
+ case '~':
+ case '`':
+ case '\x0A':
+ case '\xFF':
+ if (used + 2 > bsize )
+ return used;
+ *dest = '\\';
+ dest++;
+ used++;
+ break;
+ }
+ *dest = *src;
+ src++;
+ dest++;
+ len--;
+ used++;
+ }
+ return used;
+}
+
static char* pipexlate(char *src)
{
char *p, *q, *dest;
- static char destbuf[MAXPATHLEN];
+ static char destbuf[MAXPATHLEN + 1];
size_t destlen = MAXPATHLEN;
int len = 0;
@@ -224,13 +268,16 @@
if (!src)
return NULL;
- strncpy(dest, src, MAXPATHLEN);
- if ((p = strchr(src, '%')) == NULL) /* nothing to do */
+ memset(dest, 0, sizeof(destbuf));
+ if ((p = strchr(src, '%')) == NULL) { /* nothing to do */
+ strncpy(dest, src, sizeof(dest) - 1);
return destbuf;
+ }
/* first part of the path. just forward to the next variable. */
len = MIN((size_t)(p - src), destlen);
if (len > 0) {
+ strncpy(dest, src, len);
destlen -= len;
dest += len;
}
@@ -246,17 +293,20 @@
q = lp.lp_created_for;
} else if (is_var(p, "%%")) {
q = "%";
- } else
- q = p;
+ }
/* copy the stuff over. if we don't understand something that we
* should, just skip it over. */
if (q) {
- len = MIN(p == q ? 2 : strlen(q), destlen);
+ len = MIN(strlen(q), destlen);
+ len = quote(dest, q, destlen, len);
+ }
+ else {
+ len = MIN(2, destlen);
strncpy(dest, q, len);
- dest += len;
- destlen -= len;
}
+ dest += len;
+ destlen -= len;
/* stuff up to next $ */
src = p + 2;
Index: netatalk.spec
===================================================================
RCS file: /cvs/extras/rpms/netatalk/devel/netatalk.spec,v
retrieving revision 1.50
retrieving revision 1.51
diff -u -r1.50 -r1.51
--- netatalk.spec 27 Jan 2009 10:26:26 -0000 1.50
+++ netatalk.spec 17 Feb 2009 07:27:13 -0000 1.51
@@ -1,7 +1,7 @@
Summary: AppleTalk networking programs
Name: netatalk
Version: 2.0.3
-Release: 25%{?dist}
+Release: 26%{?dist}
Epoch: 4
License: GPLv2+
Group: System Environment/Daemons
@@ -18,6 +18,7 @@
Patch7: netatalk-2.0.3-maxsrv.patch
Patch8: netatalk-2.0.3-log_stderr.patch
Patch9: netatalk-2.0.3-multiarch.patch
+Patch10: netatalk-2.0.3-papd_cmds.patch
Url: http://netatalk.sourceforge.net/
Requires: pam
Requires(post): /sbin/chkconfig /sbin/ldconfig
@@ -62,6 +63,7 @@
%patch7 -p1 -b .maxsrv
%patch8 -p1 -b .log_stderr
%patch9 -p1 -b .multiarch
+%patch10 -p1 -b .papd_cmds
ln -s ./NEWS ChangeLog
@@ -208,10 +210,13 @@
%{_mandir}/man*/netatalk-config.1*
%changelog
-* Tue Jan 27 2009 Jiri Skala <jskala at redhat.com> -4:3.0.3-25
+* Mon Feb 16 2009 Jiri Skala <jskala at redhat.com> -4:2.0.3-26
+- Resolves #480641 - CVE-2008-5718 netatalk: papd command injection vulnerability
+
+* Tue Jan 27 2009 Jiri Skala <jskala at redhat.com> -4:2.0.3-25
- fixed epoch in the subpackage requires
-* Fri Jan 23 2009 Jiri Skala <jskala at redhat.com> -4:3.0.3-24
+* Fri Jan 23 2009 Jiri Skala <jskala at redhat.com> -4:2.0.3-24
- fix #473186 conflict timeout with coreutils
* Sat Jan 17 2009 Tomas Mraz <tmraz at redhat.com> - 4:2.0.3-23
- Previous message: rpms/geglmm/devel geglmm-0.0.22-add-cstdio.patch, NONE, 1.1 geglmm-0.0.22-kill-warnings.patch, NONE, 1.1 geglmm.spec, NONE, 1.1 import.log, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message: rpms/rpm/devel rpm-4.6.0-anyarch-actions-fix.patch, 1.1, 1.2 rpm.spec, 1.327, 1.328
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list