[moin] Fixes CVE-2011-1058 (rhbz#679523)

Ville-Pekka Vainio vpv at fedoraproject.org
Thu Feb 24 18:02:17 UTC 2011 

commit d5a73085b068c65b59f33f68bf0c1cfeec234971
Author: Ville-Pekka Vainio <vpivaini at cs.helsinki.fi>
Date:   Thu Feb 24 20:02:11 2011 +0200

    Fixes CVE-2011-1058 (rhbz#679523)

 97208f67798f-cve-2011-1058.patch |   22 ++++++++++++++++++++++
 moin.spec                        |    7 ++++++-
 2 files changed, 28 insertions(+), 1 deletions(-)
---
diff --git a/97208f67798f-cve-2011-1058.patch b/97208f67798f-cve-2011-1058.patch
new file mode 100644
index 0000000..b509754
--- /dev/null
+++ b/97208f67798f-cve-2011-1058.patch
@@ -0,0 +1,22 @@
+
+# HG changeset patch
+# User Thomas Waldmann <tw AT waldmann-edv DOT de>
+# Date 1298323197 -3600
+# Node ID 97208f67798fa035f95d4f2d25517faa018130e7
+# Parent  b1b82826f8b8b924b98adf39362fefd05f79484d
+remove support for javascript: URLs in the rst parser (dangerous, XSS)
+
+diff -r b1b82826f8b8 -r 97208f67798f MoinMoin/parser/text_rst.py
+--- a/MoinMoin/parser/text_rst.py	Thu Jan 20 13:34:33 2011 +0100
++++ b/MoinMoin/parser/text_rst.py	Mon Feb 21 22:19:57 2011 +0100
+@@ -391,6 +391,9 @@
+                 # for images with targets).
+                 if not [i for i in node.children if i.__class__ == docutils.nodes.image]:
+                     node['classes'].append('interwiki')
++            elif prefix == 'javascript':
++                # is someone trying to do XSS with javascript?
++                node['refuri'] = 'javascript:alert("it does not work")'
+             elif prefix != '':
+                 # Some link scheme (http, file, https, mailto, etc.), add class
+                 # information if the reference doesn't have a child image (don't
+
diff --git a/moin.spec b/moin.spec
index 6d2b04d..03d23c7 100644
--- a/moin.spec
+++ b/moin.spec
@@ -3,12 +3,13 @@
 Summary: MoinMoin is a WikiEngine to collaborate on easily editable web pages
 Name: moin
 Version: 1.9.3
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPLv2+
 Group: Applications/Internet
 URL: http://moinmo.in/
 Source0: http://static.moinmo.in/files/moin-%{version}.tar.gz
 Source1: README-rpm
+Patch0: 97208f67798f-cve-2011-1058.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 BuildRequires: python-devel
 BuildArch: noarch
@@ -21,6 +22,7 @@ editable web pages.
 
 %prep
 %setup -q
+%patch0 -p1
 # Change the encoding to UTF-8, users are likely to edit this file
 sed -i -e 's|coding: iso-8859-1|coding: utf-8|' wiki/config/wikiconfig.py
 # Remove the leading comment from url_prefix_static. The Moin default assumes
@@ -61,6 +63,9 @@ sed -i -e "s|#sys.path.insert(0, '/path/to/wikiconfigdir')|sys.path.insert(0, os
 
 
 %changelog
+* Thu Feb 24 2011 Ville-Pekka Vainio <vpivaini AT cs.helsinki.fi> - 1.9.3-4
+- Fixes CVE-2011-1058 (rhbz#679523)
+
 * Tue Feb 08 2011 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.9.3-3
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

More information about the scm-commits mailing list