[Pkg-xfce-commits] r1343 - in desktop/trunk/xfce4-terminal/debian: . patches

Sun Aug 12 17:19:49 UTC 2007

Author: huggie
Date: 2007-08-12 17:19:49 +0000 (Sun, 12 Aug 2007)
New Revision: 1343

Added:
   desktop/trunk/xfce4-terminal/debian/patches/01_CVE-2007-3770.patch
Modified:
   desktop/trunk/xfce4-terminal/debian/changelog
Log:
Add Darren Salt's patch for CVE-2007-3770


Modified: desktop/trunk/xfce4-terminal/debian/changelog
===================================================================

--- desktop/trunk/xfce4-terminal/debian/changelog	2007-08-11 20:13:31 UTC (rev 1342)
+++ desktop/trunk/xfce4-terminal/debian/changelog	2007-08-12 17:19:49 UTC (rev 1343)
@@ -1,3 +1,14 @@
+xfce4-terminal (0.2.6-3) UNRELEASED; urgency=high
+
+  (Yves-Alexis Perez)
+  * debian/menu: switch to new menu policy.
+  (Simon Huggins)
+  * Fix security problem in URL handling code (CVE-2007-3770) thanks to Darren
+    Salt                                                        closes: #437454
+  * urgency high for the above.
+
+ -- Yves-Alexis Perez <corsac at corsac.net>  Sun, 12 Aug 2007 18:00:09 +0100
+
 xfce4-terminal (0.2.6-2) unstable; urgency=low
 
   * Use install instead of mv for installing terminal.xpm so that the clean

Added: desktop/trunk/xfce4-terminal/debian/patches/01_CVE-2007-3770.patch
===================================================================
--- desktop/trunk/xfce4-terminal/debian/patches/01_CVE-2007-3770.patch	                        (rev 0)
+++ desktop/trunk/xfce4-terminal/debian/patches/01_CVE-2007-3770.patch	2007-08-12 17:19:49 UTC (rev 1343)
@@ -0,0 +1,187 @@
+--- helpers/opera-browser.desktop.in
++++ helpers/opera-browser.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=opera;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B -remote "openURL(%u,new-window)" || %B "%u"
++X-Terminal-Command=%B -remote openURL\(%u,new-window\) || %B %u
+--- helpers/evolution.desktop.in
++++ helpers/evolution.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=evolution-2.2;evolution-2.0;evolution-1.6;evolution-1.5;evolution-1.4;evolution;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B "mailto:%u"
++X-Terminal-Command=%B mailto:%u
+--- helpers/mozilla-mailer.desktop.in
++++ helpers/mozilla-mailer.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=mozilla;mozilla-gtk2;mozilla-gtk;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B -remote "mailto(%u)" || %B -compose "mailto:%u"
++X-Terminal-Command=%B -remote mailto\(%u\) || %B -compose mailto:%u
+--- helpers/exo-open-mailer.desktop.in
++++ helpers/exo-open-mailer.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=exo-open
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B --launch MailReader "%u"
++X-Terminal-Command=%B --launch MailReader %u
+--- helpers/kmail.desktop.in
++++ helpers/kmail.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=kmail;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B "%u"
++X-Terminal-Command=%B %u
+--- helpers/exo-open-browser.desktop.in
++++ helpers/exo-open-browser.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=exo-open
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B --launch WebBrowser "%u"
++X-Terminal-Command=%B --launch WebBrowser %u
+--- helpers/epiphany.desktop.in
++++ helpers/epiphany.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=epiphany;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B "%u"
++X-Terminal-Command=%B %u
+--- helpers/galeon.desktop.in
++++ helpers/galeon.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=galeon;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B "%u"
++X-Terminal-Command=%B %u
+--- helpers/konqueror.desktop.in
++++ helpers/konqueror.desktop.in
+@@ -5,6 +5,6 @@
+ Type=Application
+ X-Terminal-Binaries=konqueror;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B "%u"
++X-Terminal-Command=%B %u
+ 
+ 
+--- helpers/balsa.desktop.in
++++ helpers/balsa.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=balsa
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B -m "mailto:%u"
++X-Terminal-Command=%B -m mailto:%u
+--- helpers/sylpheed-claws.desktop.in
++++ helpers/sylpheed-claws.desktop.in
+@@ -7,4 +7,4 @@
+ StartupNotify=true
+ X-Terminal-Binaries=sylpheed-claws;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B --compose "%u"
++X-Terminal-Command=%B --compose %u
+--- helpers/sensible-browser.desktop.in
++++ helpers/sensible-browser.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=sensible-browser
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B "%u"
++X-Terminal-Command=%B %u
+--- helpers/firefox.desktop.in
++++ helpers/firefox.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=firefox;firefox-gtk2;firefox-gtk;mozilla-firefox;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B -remote "openURL(%u)" || %B "%u"
++X-Terminal-Command=%B -remote openURL\(%u\) || %B %u
+--- helpers/mozilla-browser.desktop.in
++++ helpers/mozilla-browser.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=mozilla;mozilla-gtk2;mozilla-gtk;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=%B -remote "openURL(%u,new-window)" || %B "%u"
++X-Terminal-Command=%B -remote openURL\(%u,new-window\) || %B %u
+--- helpers/opera-mailer.desktop.in
++++ helpers/opera-mailer.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=opera;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B -remote "openURL(mailto:%u)" || %B "mailto:%u"
++X-Terminal-Command=%B -remote openURL\(mailto:%u\) || %B mailto:%u
+--- helpers/mutt.desktop.in
++++ helpers/mutt.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=mutt;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=Terminal -x %B "%u"
++X-Terminal-Command=Terminal -x %B %u
+--- helpers/thunderbird.desktop.in
++++ helpers/thunderbird.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=thunderbird;thunderbird-gtk2;thunderbird-gtk;mozilla-thunderbird;
+ X-Terminal-Category=MailReader
+-X-Terminal-Command=%B -remote "mailto(%u)" || %B -compose "mailto:%u"
++X-Terminal-Command=%B -remote mailto\(%u\) || %B -compose mailto:%u
+--- helpers/lynx.desktop.in
++++ helpers/lynx.desktop.in
+@@ -5,4 +5,4 @@
+ Type=Application
+ X-Terminal-Binaries=lynx;
+ X-Terminal-Category=WebBrowser
+-X-Terminal-Command=Terminal -x %B "%u"
++X-Terminal-Command=Terminal -x %B %u
+--- terminal/terminal-helper.c
++++ terminal/terminal-helper.c
+@@ -349,6 +349,7 @@
+   gchar       *argv[4];
+   gchar       *command;
+   gchar       *t;
++  gchar       *escaped;
+   guint        n;
+ 
+   g_return_if_fail (TERMINAL_IS_HELPER (helper));
+@@ -359,6 +360,8 @@
+     if (s[0] == '%' && g_ascii_tolower (s[1]) == 'u')
+       ++n;
+ 
++  escaped = g_shell_quote (uri);
++
+   if (n > 0)
+     {
+       command = g_new (gchar, strlen (helper->command) + n * strlen (uri) + 1);
+@@ -366,7 +369,7 @@
+         {
+           if (s[0] == '%' && g_ascii_tolower (s[1]) == 'u')
+             {
+-              for (u = uri; *u != '\0'; )
++              for (u = escaped; *u != '\0'; )
+                 *t++ = *u++;
+               s += 2;
+             }
+@@ -379,9 +382,11 @@
+     }
+   else
+     {
+-      command = g_strconcat (helper->command, " ", uri, NULL);
++      command = g_strconcat (helper->command, " ", escaped, NULL);
+     }
+ 
++  g_free (escaped);
++
+   argv[0] = "/bin/sh";
+   argv[1] = "-c";
+   argv[2] = command;


