[luci] Fix CVE-2010-3852 (bug #645404)

Thu Oct 21 18:51:17 UTC 2010

commit 2fe66a094739b55e56377f4e6a8d8f0aa5105066
Author: Fabio M. Di Nitto <fdinitto at redhat.com>
Date:   Thu Oct 21 20:51:08 2010 +0200

    Fix CVE-2010-3852 (bug #645404)
    
    Signed-off-by: Fabio M. Di Nitto <fdinitto at redhat.com>

 luci.spec |   11 ++++++++++-
 1 files changed, 10 insertions(+), 1 deletions(-)
---

diff --git a/luci.spec b/luci.spec
index 019a0c3..aeee67c 100644
--- a/luci.spec
+++ b/luci.spec
@@ -6,7 +6,7 @@
 
 Name: luci
 Version: 0.22.4
-Release: 1%{?alphatag:.%{alphatag}}%{?dist}
+Release: 2%{?alphatag:.%{alphatag}}%{?dist}
 Summary: Web-based high availability administration application
 Group: Applications/System
 License: GPLv2
@@ -63,6 +63,9 @@ rm -rf %{buildroot}
 %config(noreplace)      %{_sysconfdir}/rc.d/init.d/luci
 %attr(750, luci, luci)  %dir /var/log/luci
 
+# We alter this file in %post - it is not user serviceable.
+%verify(not md5 mtime size) %{_localstatedir}/lib/luci/etc/who.ini
+
 %pre
 /usr/sbin/groupadd -g 141 luci 2> /dev/null
 /usr/sbin/useradd -u 141 -g 141 -d /var/lib/luci -s /sbin/nologin -r \
@@ -71,6 +74,9 @@ exit 0
 
 %post
 /sbin/chkconfig --add luci
+secret="$(dd if=/dev/urandom bs=8 count=1 2>/dev/null | od -t x8 -A n | sed 's/^[ ]*//')"
+sedcmd=":a /^\[plugin:auth_tkt\]\$/! {p;d;ba}; {:b \$! {N;bb}; {s/\([ \t]*secret[ \t]*=[ \t]*\)[^\n]*/\1$secret/1;p;d}}"
+sed -ni "$sedcmd" %{_localstatedir}/lib/luci/etc/who.ini
 exit 0
 
 %preun
@@ -87,6 +93,9 @@ fi
 exit 0
 
 %changelog
+* Thu Oct 21 2010 Fabio M. Di Nitto <fdinitto at redhat.com> - 0.22.4-2.0.b9faf868074git
+- Fix CVE-2010-3852 (bug #645404)
+
 * Thu Aug 19 2010 Fabio M. Di Nitto <fdinitto at redhat.com> - 0.22.4-1.0.b9faf868074git
 - New upstream release (0.22.4)
 - Steal fixes from upstream git up to b9faf868074git
