[fish/f19] Fix CVE-2014-2914
amluto
amluto at fedoraproject.org
Mon Apr 28 18:08:23 UTC 2014
commit fbcf04f8c57ce1c239b8c748af1b341a5af51e35
Author: Andy Lutomirski <luto at amacapital.net>
Date: Mon Apr 28 11:08:14 2014 -0700
Fix CVE-2014-2914
fish-upstream-CVE-2014-2914.patch | 47 +++++++++++++++++++++++++++++++++++++
fish.spec | 11 ++++++--
2 files changed, 55 insertions(+), 3 deletions(-)
---
diff --git a/fish-upstream-CVE-2014-2914.patch b/fish-upstream-CVE-2014-2914.patch
new file mode 100644
index 0000000..248bb38
--- /dev/null
+++ b/fish-upstream-CVE-2014-2914.patch
@@ -0,0 +1,47 @@
+From 10642a34f17ae45bd93be3ae6021ee920d3da0c2 Mon Sep 17 00:00:00 2001
+Message-Id: <10642a34f17ae45bd93be3ae6021ee920d3da0c2.1398707555.git.luto at amacapital.net>
+In-Reply-To: <3c5d5b344ee945b99e4bb16a44af6f293601813d.1398707555.git.luto at amacapital.net>
+References: <3c5d5b344ee945b99e4bb16a44af6f293601813d.1398707555.git.luto at amacapital.net>
+From: Anders Bergh <anders1 at gmail.com>
+Date: Tue, 4 Mar 2014 09:59:26 +0100
+Subject: [PATCH 2/4] fish_config: Listen on both IPv6 and IPv4.
+
+A subclass of TCPServer was created to deny any non-local connections and to
+listen using an IPv6 socket.
+---
+ share/tools/web_config/webconfig.py | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/share/tools/web_config/webconfig.py b/share/tools/web_config/webconfig.py
+index f735a02..1b9250b 100755
+--- a/share/tools/web_config/webconfig.py
++++ b/share/tools/web_config/webconfig.py
+@@ -250,6 +250,16 @@ class FishVar:
+ if self.exported: flags.append('exported')
+ return [self.name, self.value, ', '.join(flags)]
+
++class FishConfigTCPServer(SocketServer.TCPServer):
++ """TCPServer that only accepts connections from localhost (IPv4/IPv6)."""
++ WHITELIST = set(['::1', '::ffff:127.0.0.1', '127.0.0.1'])
++
++ address_family = socket.AF_INET6
++
++ def verify_request(self, request, client_address):
++ return client_address[0] in FishConfigTCPServer.WHITELIST
++
++
+ class FishConfigHTTPRequestHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
+
+ def write_to_wfile(self, txt):
+@@ -613,7 +623,7 @@ PORT = 8000
+ while PORT <= 9000:
+ try:
+ Handler = FishConfigHTTPRequestHandler
+- httpd = SocketServer.TCPServer(("", PORT), Handler)
++ httpd = FishConfigTCPServer(("::", PORT), Handler)
+ # Success
+ break
+ except socket.error:
+--
+1.9.0
+
diff --git a/fish.spec b/fish.spec
index aaa6bec..30ca356 100644
--- a/fish.spec
+++ b/fish.spec
@@ -1,6 +1,6 @@
Name: fish
Version: 2.1.0
-Release: 8%{?dist}
+Release: 9%{?dist}
Summary: A friendly interactive shell
Group: System Environment/Shells
@@ -10,8 +10,9 @@ Source0: http://fishshell.com/files/%{version}/fish-%{version}.ta
Patch0: fish-remove-usr-local.patch
Patch1: fish-add-link-cxxflags.patch
Patch2: fish-use-usrbinpython.patch
-Patch3: fish-upstream-CVE-2014-2905.patch
-Patch4: fish-upstream-CVE-2014-2906.patch
+Patch3: fish-upstream-CVE-2014-2914.patch
+Patch4: fish-upstream-CVE-2014-2905.patch
+Patch5: fish-upstream-CVE-2014-2906.patch
BuildRequires: ncurses-devel gettext groff doxygen
@@ -32,6 +33,7 @@ nothing to learn or configure.
%patch2 -p1
%patch3 -p1
%patch4 -p1
+%patch5 -p1
# This is unused. If we fiddle with Python versions, its presence will
# be confusing.
@@ -84,6 +86,9 @@ fi
%changelog
+* Mon Apr 28 2014 Andy Lutomirski <luto at mit.edu> - 2.1.0-9
+- Fix CVE-2014-2914
+
* Mon Apr 28 2014 Andy Lutomirski <luto at mit.edu> - 2.1.0-8
- Fix build failure
More information about the scm-commits
mailing list