[Pkg-awstats-commits] [SCM] awstats Debian packaging branch, master, updated. debian/6.9.5.dfsg-4-4-gaaf089d
Sergey B Kirpichev
skirpichev at gmail.com
Tue Dec 14 20:52:16 UTC 2010
The following commit has been merged in the master branch:
commit aaf089d10ce4e12e6d499089407d93c62511e9c0
Author: Sergey B Kirpichev <skirpichev at gmail.com>
Date: Tue Dec 14 23:50:26 2010 +0300
Apply patch 0009 to fix CVE-2010-4369
diff --git a/debian/patches/0009_CVE-2010-4369.patch b/debian/patches/0009_CVE-2010-4369.patch
new file mode 100644
index 0000000..95d7d19
--- /dev/null
+++ b/debian/patches/0009_CVE-2010-4369.patch
@@ -0,0 +1,35 @@
+Description: Fix directory traversal vulnerability (CVE-2010-4369) via
+ crafted LoadPlugin directory.
+Origin: http://awstats.cvs.sourceforge.net/viewvc/awstats/awstats/wwwroot/cgi-bin/awstats.pl?r1=1.966&r2=1.967
+Bug: http://sourceforge.net/tracker/index.php?func=detail&aid=2537928&group_id=13764&atid=113764
+Bug-Debian: http://bugs.debian.org/606263
+
+--- a/wwwroot/cgi-bin/awstats.pl
++++ b/wwwroot/cgi-bin/awstats.pl
+@@ -3056,10 +3056,10 @@
+ my ( $pluginfile, $pluginparam ) = split( /\s+/, $plugininfo, 2 );
+ $pluginparam ||=
+ ""; # If split has only on part, pluginparam is not initialized
+- $pluginfile =~ s/\.pm$//i;
++ $pluginfile =~ s/\.pm$//i;
+ $pluginfile =~ /([^\/\\]+)$/;
+- my $pluginname = $1; # pluginname is pluginfile without any path
+- # Check if plugin is not disabled
++ $pluginfile = Sanitize($1); # pluginfile is cleaned from any path for security reasons and from .pm
++ my $pluginname = $pluginfile;
+ if ( $NoLoadPlugin{$pluginname} && $NoLoadPlugin{$pluginname} > 0 ) {
+ if ($Debug) {
+ debug(
+@@ -7724,10 +7724,10 @@
+ my $stringtoclean = shift;
+ my $full = shift || 0;
+ if ($full) {
+- $stringtoclean =~ s/[^\w]//g;
++ $stringtoclean =~ s/[^\w\d]//g;
+ }
+ else {
+- $stringtoclean =~ s/[^\w\-\\\/\.:\s]//g;
++ $stringtoclean =~ s/[^\w\d\-\\\/\.:\s]//g;
+ }
+ return $stringtoclean;
+ }
diff --git a/debian/patches/series b/debian/patches/series
index d12ff75..86db568 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,6 +1,7 @@
#0006_more_xss.patch
0007_russian_lang.patch
0008_nested_includes.patch
+0009_CVE-2010-4369.patch
1002_disable_configdir.patch
1003_redirect_to_STDERR.patch
1004_perl_version.patch
--
awstats Debian packaging
More information about the Pkg-awstats-commits
mailing list