[ocsinventory/f14] fix CVE-2011-4024
Remi Collet
remi at fedoraproject.org
Tue Oct 25 12:55:05 UTC 2011
commit 764695b413cfbb4a5d08558d62221134b260956b
Author: remi <fedora at famillecollet.com>
Date: Tue Oct 25 14:55:00 2011 +0200
fix CVE-2011-4024
.gitignore | 1 +
ocsinventory-shorttag.patch | 12 ------------
ocsinventory-xss.patch | 20 ++++++++++++++++++++
ocsinventory.spec | 14 ++++++++++++--
4 files changed, 33 insertions(+), 14 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 4ca0276..2832fab 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
+*spec~
OCSNG_UNIX_SERVER-1.3.2.tar.gz
/OCSNG_UNIX_SERVER-1.3.3.tar.gz
diff --git a/ocsinventory-xss.patch b/ocsinventory-xss.patch
new file mode 100644
index 0000000..042509b
--- /dev/null
+++ b/ocsinventory-xss.patch
@@ -0,0 +1,20 @@
+diff -up ocsreports/preferences.php.orig ocsreports/preferences.php
+--- ocsreports/preferences.php.orig 2010-11-23 09:35:19.000000000 +0100
++++ ocsreports/preferences.php 2011-10-22 09:43:24.000000000 +0200
+@@ -748,6 +748,7 @@ function ShowResults($req,$sortable=true
+ }*/
+
+ foreach($tabChamps as $chmp) {// Affichage de toutes les valeurs r�sultats
++ $item[$chmp] = strip_tags($item[$chmp]);
+ echo "<td align='center'>";
+ $isLink = FALSE;
+ if($chmp==TAG_LBL)
+@@ -1594,7 +1595,7 @@ function textDecode( $txt ) {
+ for( $i=0; $i<UTF8_DEGREE; $i++ ) {
+ $txt = utf8_decode( $txt );
+ }
+- return $txt;
++ return strip_tags($txt);
+ }
+
+
diff --git a/ocsinventory.spec b/ocsinventory.spec
index bff8f00..4f2a85d 100644
--- a/ocsinventory.spec
+++ b/ocsinventory.spec
@@ -12,7 +12,7 @@ Name: ocsinventory
Summary: Open Computer and Software Inventory Next Generation
Version: 1.3.3
-Release: 1%{?dist}
+Release: 5%{?dist}
Group: Applications/Internet
License: GPLv2
@@ -24,6 +24,8 @@ Source1: ocsinventory-reports.conf
# Upstream patch from Bzr
Patch1: %{name}-upstream.patch
+# Patch for CVE-2011-4024
+Patch2: %{name}-xss.patch
BuildArch: noarch
@@ -105,7 +107,10 @@ Group: Applications/Internet
Summary: OCS Inventory NG - Communication server
# From PHP_Compat : date, mysql, ereg, pcre, zip, hash, xml, gd, zlib
Requires: php
-Requires: php-mysql php-zip php-gd php-domxml
+Requires: php-mysql php-gd php-domxml
+%if 0%{?fedora} < 16
+Requires: php-zip
+%endif
# Required by the original setup script, but not detected automatically :
Requires: perl(DBD::mysql)
# Required by ipdiscover-util.pl (nmap and nmblookup)
@@ -130,6 +135,7 @@ navigateur favori.
%setup -q -n %{tarname}-%{version}
%patch1 -p0
+%patch2 -p0
%build
@@ -278,6 +284,10 @@ fi
%changelog
+* Tue Oct 25 2011 Remi Collet <Fedora at famillecollet.com> - 1.3.3-5
+- fix XSS vulnerabity (Bug #748072, CVE-2011-4024)
+- Don't require php-zip for F16 and up.
+
* Wed Nov 24 2010 Remi Collet <Fedora at famillecollet.com> - 1.3.3-1
- update to 1.3.3 (bugfix)
- clean applied patches
More information about the scm-commits
mailing list