[wicd/f16] Fix CVE-2012-2095 (#811763)
David Cantrell
dcantrel at fedoraproject.org
Fri Apr 13 14:22:17 UTC 2012
commit dfc4dcf76bb3cd9e7217946f410075bb1b28e87f
Author: David Cantrell <dcantrell at redhat.com>
Date: Fri Apr 13 10:22:05 2012 -0400
Fix CVE-2012-2095 (#811763)
wicd-1.7.0-CVE-2012-2095.patch | 91 ++++++++++++++++++++++++++++++++++++++++
wicd.spec | 13 ++++-
2 files changed, 101 insertions(+), 3 deletions(-)
---
diff --git a/wicd-1.7.0-CVE-2012-2095.patch b/wicd-1.7.0-CVE-2012-2095.patch
new file mode 100644
index 0000000..da6a4b3
--- /dev/null
+++ b/wicd-1.7.0-CVE-2012-2095.patch
@@ -0,0 +1,91 @@
+diff -up wicd-1.7.0/wicd/wicd-daemon.py.CVE-2012-2095 wicd-1.7.0/wicd/wicd-daemon.py
+--- wicd-1.7.0/wicd/wicd-daemon.py.CVE-2012-2095 2012-04-13 10:17:46.356047035 -0400
++++ wicd-1.7.0/wicd/wicd-daemon.py 2012-04-13 10:18:35.018046979 -0400
+@@ -978,6 +978,28 @@ class WirelessDaemon(dbus.service.Object
+ "wireless-settings.conf"),
+ debug=debug)
+
++ self._validProperties = (
++ 'bssid',
++ 'essid',
++ 'hidden',
++ 'channel',
++ 'mode',
++ 'enctype',
++ 'encryption_method',
++ 'key',
++ 'automatic',
++ 'ip',
++ 'netmask',
++ 'broadcast',
++ 'gateway',
++ 'use_static_dns',
++ 'use_global_dns',
++ 'dns1',
++ 'dns2',
++ 'dns3',
++ 'use_settings_globally',
++ )
++
+ def get_debug_mode(self):
+ return self._debug_mode
+ def set_debug_mode(self, mode):
+@@ -1086,9 +1108,9 @@ class WirelessDaemon(dbus.service.Object
+ def SetWirelessProperty(self, netid, prop, value):
+ """ Sets property to value in network specified. """
+ # We don't write script settings here.
+- if (prop.strip()).endswith("script"):
+- print "Setting script properties through the daemon is not" \
+- + " permitted."
++ if prop.strip() not in self._validProperties:
++ print "Trying to set invalid property (or property not " \
++ "permitted): "+ prop.strip() + "."
+ return False
+ self.LastScan[netid][prop] = misc.to_unicode(misc.Noneify(value))
+
+@@ -1365,6 +1387,25 @@ class WiredDaemon(dbus.service.Object):
+ "wired-settings.conf"),
+ debug=debug)
+
++ self._validProperties = (
++ 'ip',
++ 'broadcast',
++ 'netmask',
++ 'gateway',
++ 'search_domain',
++ 'dns_domain',
++ 'dns1',
++ 'dns2',
++ 'dns3',
++ 'encryption_enabled',
++ 'default',
++ 'dhcphostname',
++ 'lastused',
++ 'profilename',
++ 'use_global_dns',
++ 'use_static_dns',
++ )
++
+ def get_debug_mode(self):
+ return self._debug_mode
+ def set_debug_mode(self, mode):
+@@ -1405,14 +1446,14 @@ class WiredDaemon(dbus.service.Object):
+ return str(iface)
+
+ @dbus.service.method('org.wicd.daemon.wired')
+- def SetWiredProperty(self, property, value):
++ def SetWiredProperty(self, prop, value):
+ """ Sets the given property to the given value. """
+ if self.WiredNetwork:
+- if (property.strip()).endswith("script"):
+- print "Setting script properties through the daemon" \
+- + " is not permitted."
++ if prop.strip() not in self._validProperties:
++ print "Trying to set invalid property (or property not " \
++ "permitted): "+ prop.strip() + "."
+ return False
+- self.WiredNetwork[property] = misc.to_unicode(misc.Noneify(value))
++ self.WiredNetwork[prop] = misc.to_unicode(misc.Noneify(value))
+ return True
+ else:
+ print 'SetWiredProperty: WiredNetwork does not exist'
diff --git a/wicd.spec b/wicd.spec
index 7afca29..3bfeb0c 100644
--- a/wicd.spec
+++ b/wicd.spec
@@ -9,7 +9,7 @@
Name: wicd
Version: 1.7.0
-Release: 12%{?dist}
+Release: 13%{?dist}
Summary: Wireless and wired network connection manager
Group: System Environment/Base
@@ -31,6 +31,7 @@ Patch7: wicd-1.7.0-CVE-2012-0813.patch
Patch8: wicd-1.7.0-is_mouse_event.patch
Patch9: wicd-1.7.0-child_pid.patch
Patch10: wicd-1.7.0-DaemonClosing.patch
+Patch11: wicd-1.7.0-CVE-2012-2095.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -u -n)
BuildRequires: python2-devel
@@ -132,6 +133,11 @@ Client program for wicd that uses a GTK+ interface.
# Work around bug in DaemonClosing() calls
%patch10 -p1
+# Fix CVE-2012-2095
+# Patch based on upstream:
+# http://bazaar.launchpad.net/~wicd-devel/wicd/experimental/revision/751
+%patch11 -p1
+
%build
# NOTE: --etc is where dhclient.conf.template goes
%{__python} setup.py configure \
@@ -316,14 +322,15 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
%{_datadir}/icons/hicolor/scalable/apps/wicd-gtk.svg
%changelog
-* Mon Mar 26 2012 David Cantrell <dcantrell at redhat.com> - 1.7.0-13
-- dhclient.conf.template is now in /etc/wicd, correct %%files (#754412)
+* Fri Apr 13 2012 David Cantrell <dcantrell at redhat.com> - 1.7.0-13
+- Fix CVE-2012-2095 (#811763)
* Mon Mar 26 2012 David Cantrell <dcantrell at redhat.com> - 1.7.0-12
- Ensure wpath.etc is set to /etc/wicd, not /etc/dhcp (#754412)
- Initialize child_pid to None in wicd-daemon.py (#798692)
- Make wicd-gtk subpackage require notify-python (#748258)
- Work around no-op problem in DaemonClosing calls (#740317)
+- dhclient.conf.template is now in /etc/wicd, correct %%files (#754412)
* Wed Mar 21 2012 David Cantrell <dcantrell at redhat.com> - 1.7.0-11
- Fix usage of is_mouse_event() in wicd-curses (#800617)
More information about the scm-commits
mailing list