[SCM] KDE Network module packaging branch, squeeze, updated. debian/4.4.5-2-2-gf18dcc8

José Manuel Santamaría Lema santa-guest at alioth.debian.org
Wed Apr 20 17:14:12 UTC 2011 

The following commit has been merged in the squeeze branch:
commit f18dcc8c57065378eb66c3bd460abbcb51485920
Author: José Manuel Santamaría Lema <panfaust at gmail.com>
Date:   Sun Apr 17 20:17:03 2011 +0200

    Better fix for CVE-2010-1000.
---
 debian/changelog                                   |    4 ++-
 .../patches/cve_2010_1000_directory_traversal.diff |   21 ++++++++++++++++++++
 debian/patches/series                              |    1 +
 3 files changed, 25 insertions(+), 1 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index b79e45e..45a905d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,6 +1,8 @@
 kdenetwork (4:4.4.5-2+squeeze1) UNRELEASED; urgency=low
 
-  * 
+  * Add cve_2010_1000_directory_traversal.diff, note that CVE-2010-1000 was
+    already fixed, but this patch performs a better protection against that
+    vulnerability.
 
  -- José Manuel Santamaría Lema <panfaust at gmail.com>  Sun, 17 Apr 2011 20:04:11 +0200
 
diff --git a/debian/patches/cve_2010_1000_directory_traversal.diff b/debian/patches/cve_2010_1000_directory_traversal.diff
new file mode 100644
index 0000000..125f104
--- /dev/null
+++ b/debian/patches/cve_2010_1000_directory_traversal.diff
@@ -0,0 +1,21 @@
+Origin: http://websvn.kde.org/?view=revision&revision=1227468
+Description: Further addresses CVE-2010-1000.
+ The file name of Metalink File is checked a better way, making it work under
+ more conditions.
+--- a/kget/ui/metalinkcreator/metalinker.cpp
++++ b/kget/ui/metalinkcreator/metalinker.cpp
+@@ -583,7 +583,13 @@
+         return false;
+     }
+ 
+-    if (name.contains(QRegExp("$(\\.\\.?)?/")) || name.contains("/../") || name.endsWith("/..")) {
++    if (name.endsWith('/')) {
++        kError(5001) << "Name attribute of Metalink::File does not contain a file name:" << name;
++        return false;
++    }
++
++    const QStringList components = name.split('/');
++    if (name.startsWith('/') || components.contains("..") || components.contains(".")) {
+         kError(5001) << "Name attribute of Metalink::File contains directory traversal directives:" << name;
+         return false;
+     }
diff --git a/debian/patches/series b/debian/patches/series
index 899f203..b50afdb 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,4 @@
 01_backport_use_system_libktorrent.diff
 02_debian_libktorrent_porting.diff
 03_kopete_icq_login_fix.diff
+cve_2010_1000_directory_traversal.diff

-- 
KDE Network module packaging

More information about the pkg-kde-commits mailing list