[gitolite/f14/master] Fix ADC security issue
Lubomir Rintel
lkundrak at fedoraproject.org
Wed Feb 16 10:22:24 UTC 2011
commit ab4e6e01b90d88cf676a5e917038c52ac3e93e1a
Author: Lubomir Rintel <lkundrak at v3.sk>
Date: Tue Feb 15 12:14:20 2011 +0100
Fix ADC security issue
Dylan Alex Simon discovered and reported a directory traversal flaw in
the way Gitolite restricted access to admin defined commands ("ADC"). An
authenticated attacker could execute arbitrary code with privileges of
Gitolite server user using specially crafted command name.
The flaw does not affect default Gitolite installations. Users who have
enabled ADC in their configurations are advised to install the updated
package which includes a fix to resolve the issue.
adcfix.pre-v2.patch | 12 ++++++++++++
gitolite.spec | 7 ++++++-
2 files changed, 18 insertions(+), 1 deletions(-)
---
diff --git a/adcfix.pre-v2.patch b/adcfix.pre-v2.patch
new file mode 100644
index 0000000..bfab25a
--- /dev/null
+++ b/adcfix.pre-v2.patch
@@ -0,0 +1,12 @@
+diff --git a/src/gl-auth-command b/src/gl-auth-command
+index c8d72b3..c66e79c 100755
+--- a/src/gl-auth-command
++++ b/src/gl-auth-command
+@@ -117,6 +117,7 @@ unless ($ENV{SSH_ORIGINAL_COMMAND}) {
+ if ($GL_ADC_PATH and -d $GL_ADC_PATH) {
+ my ($cmd, @args) = split ' ', $ENV{SSH_ORIGINAL_COMMAND};
+ if (-x "$GL_ADC_PATH/$cmd") {
++ die "I don't like $cmd\n" if $cmd =~ /\.\./;
+ # yes this is rather strict, sorry.
+ do { die "I don't like $_\n" unless $_ =~ $REPOPATT_PATT } for ($cmd, @args);
+ &log_it("$GL_ADC_PATH/$ENV{SSH_ORIGINAL_COMMAND}");
diff --git a/gitolite.spec b/gitolite.spec
index 0ced579..89cc6c6 100644
--- a/gitolite.spec
+++ b/gitolite.spec
@@ -8,7 +8,7 @@
Name: gitolite
Version: 1.5.3
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: Highly flexible server for git directory version tracker
Group: Applications/System
@@ -25,6 +25,7 @@ Source1: gitolite-README-fedora
# Far from being upstreamable
Patch0: gitolite-1.5-rpm.patch
Patch1: gitolite-1.4.2-conf.patch
+Patch2: adcfix.pre-v2.patch
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
BuildArch: noarch
@@ -55,6 +56,7 @@ elsewhere in the doc/ directory.
# Don't create backups; would mess with %%install
%patch0 -p1
%patch1 -p1
+%patch2 -p1
cp %{SOURCE1} .
@@ -114,6 +116,9 @@ exit 0
%changelog
+* Tue Feb 15 2011 Lubomir Rintel <lkundrak at v3.sk> - 1.5.3-2
+- Fix ADC security issue
+
* Mon Jun 28 2010 Jon Ciesla <limb at jcomserv.net> - 1.5.3-1
- New upstream.
More information about the scm-commits
mailing list