[rubygem-activerecord/f18] Fix for CVE-2013-0276.
Vít Ondruch
vondruch at fedoraproject.org
Tue Feb 12 12:25:19 UTC 2013
commit 27308d1f33aa1d48dba463d557834bc5debb938c
Author: Vít Ondruch <vondruch at redhat.com>
Date: Tue Feb 12 13:24:41 2013 +0100
Fix for CVE-2013-0276.
...ecord-3.2.12-CVE-2013-0276-attr_protected.patch | 41 ++++++++++++++++++++
rubygem-activerecord.spec | 9 ++++-
2 files changed, 49 insertions(+), 1 deletions(-)
---
diff --git a/rubygem-activerecord-3.2.12-CVE-2013-0276-attr_protected.patch b/rubygem-activerecord-3.2.12-CVE-2013-0276-attr_protected.patch
new file mode 100644
index 0000000..6ccc10e
--- /dev/null
+++ b/rubygem-activerecord-3.2.12-CVE-2013-0276-attr_protected.patch
@@ -0,0 +1,41 @@
+From 060bb7250b963609a0d8a5d0559e36b99d2402c6 Mon Sep 17 00:00:00 2001
+From: joernchen of Phenoelit <joernchen at phenoelit.de>
+Date: Sat, 9 Feb 2013 15:46:44 -0800
+Subject: [PATCH] Fix issue with attr_protected where malformed input could
+ circumvent protection
+
+Fixes: CVE-2013-0276
+---
+ activemodel/lib/active_model/attribute_methods.rb | 2 +-
+ activemodel/lib/active_model/mass_assignment_security/permission_set.rb | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/activemodel/lib/active_model/attribute_methods.rb b/activemodel/lib/active_model/attribute_methods.rb
+index f033a94..96f2c82 100644
+--- a/activemodel/lib/active_model/attribute_methods.rb
++++ b/activemodel/lib/active_model/attribute_methods.rb
+@@ -365,7 +365,7 @@ module ActiveModel
+ end
+
+ @prefix, @suffix = options[:prefix] || '', options[:suffix] || ''
+- @regex = /^(#{Regexp.escape(@prefix)})(.+?)(#{Regexp.escape(@suffix)})$/
++ @regex = /\A(#{Regexp.escape(@prefix)})(.+?)(#{Regexp.escape(@suffix)})\z/
+ @method_missing_target = "#{@prefix}attribute#{@suffix}"
+ @method_name = "#{prefix}%s#{suffix}"
+ end
+diff --git a/activemodel/lib/active_model/mass_assignment_security/permission_set.rb b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb
+index a1fcdf1..10faa29 100644
+--- a/activemodel/lib/active_model/mass_assignment_security/permission_set.rb
++++ b/activemodel/lib/active_model/mass_assignment_security/permission_set.rb
+@@ -19,7 +19,7 @@ module ActiveModel
+ protected
+
+ def remove_multiparameter_id(key)
+- key.to_s.gsub(/\(.+/, '')
++ key.to_s.gsub(/\(.+/m, '')
+ end
+ end
+
+--
+1.8.1.1
+
diff --git a/rubygem-activerecord.spec b/rubygem-activerecord.spec
index 99adc8e..9246a93 100644
--- a/rubygem-activerecord.spec
+++ b/rubygem-activerecord.spec
@@ -6,7 +6,7 @@ Summary: Implements the ActiveRecord pattern for ORM
Name: rubygem-%{gem_name}
Epoch: 1
Version: 3.2.8
-Release: 3%{?dist}
+Release: 4%{?dist}
Group: Development/Languages
License: MIT
URL: http://www.rubyonrails.org
@@ -25,6 +25,10 @@ Patch0: rubygem-activerecord-3.2.10-CVE-2012-6496-dynamic_finder_injection.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=892866
Patch1: rubygem-activerecord-3.2.11-CVE-2013-0155-null_array_param.patch
+# CVE-2013-0276
+# https://bugzilla.redhat.com/show_bug.cgi?id=909528
+Patch2: rubygem-activerecord-3.2.12-CVE-2013-0276-attr_protected.patch
+
Requires: ruby(abi) = %{rubyabi}
Requires: ruby(rubygems)
Requires: rubygem(activesupport) = %{version}
@@ -114,6 +118,9 @@ popd
%changelog
+* Tue Feb 12 2013 Vít Ondruch <vondruch at redhat.com> - 1:3.2.8-4
+- Fix for CVE-2013-0276.
+
* Wed Jan 09 2013 Vít Ondruch <vondruch at redhat.com> - 1:3.2.8-3
- Fix for CVE-2013-0155.
More information about the scm-commits
mailing list