[Pkg-awstats-commits] [SCM] awstats Debian packaging branch, master, updated. debian/6.9.5.dfsg-4-4-gaaf089d

Sergey B Kirpichev skirpichev at gmail.com
Tue Dec 14 20:52:16 UTC 2010 

The following commit has been merged in the master branch:
commit aaf089d10ce4e12e6d499089407d93c62511e9c0
Author: Sergey B Kirpichev <skirpichev at gmail.com>
Date:   Tue Dec 14 23:50:26 2010 +0300

    Apply patch 0009 to fix CVE-2010-4369

diff --git a/debian/patches/0009_CVE-2010-4369.patch b/debian/patches/0009_CVE-2010-4369.patch
new file mode 100644
index 0000000..95d7d19
--- /dev/null
+++ b/debian/patches/0009_CVE-2010-4369.patch
@@ -0,0 +1,35 @@
+Description: Fix directory traversal vulnerability (CVE-2010-4369) via
+ crafted LoadPlugin directory.
+Origin: http://awstats.cvs.sourceforge.net/viewvc/awstats/awstats/wwwroot/cgi-bin/awstats.pl?r1=1.966&r2=1.967
+Bug: http://sourceforge.net/tracker/index.php?func=detail&aid=2537928&group_id=13764&atid=113764
+Bug-Debian: http://bugs.debian.org/606263
+
+--- a/wwwroot/cgi-bin/awstats.pl
++++ b/wwwroot/cgi-bin/awstats.pl
+@@ -3056,10 +3056,10 @@
+ 		my ( $pluginfile, $pluginparam ) = split( /\s+/, $plugininfo, 2 );
+ 		$pluginparam ||=
+ 		  "";    # If split has only on part, pluginparam is not initialized
+-		$pluginfile =~ s/\.pm$//i;
++        $pluginfile =~ s/\.pm$//i;
+ 		$pluginfile =~ /([^\/\\]+)$/;
+-		my $pluginname = $1;    # pluginname is pluginfile without any path
+-		                        # Check if plugin is not disabled
++		$pluginfile = Sanitize($1);     # pluginfile is cleaned from any path for security reasons and from .pm
++		my $pluginname = $pluginfile;
+ 		if ( $NoLoadPlugin{$pluginname} && $NoLoadPlugin{$pluginname} > 0 ) {
+ 			if ($Debug) {
+ 				debug(
+@@ -7724,10 +7724,10 @@
+ 	my $stringtoclean = shift;
+ 	my $full = shift || 0;
+ 	if ($full) {
+-		$stringtoclean =~ s/[^\w]//g;
++		$stringtoclean =~ s/[^\w\d]//g;
+ 	}
+ 	else {
+-		$stringtoclean =~ s/[^\w\-\\\/\.:\s]//g;
++		$stringtoclean =~ s/[^\w\d\-\\\/\.:\s]//g;
+ 	}
+ 	return $stringtoclean;
+ }
diff --git a/debian/patches/series b/debian/patches/series
index d12ff75..86db568 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,6 +1,7 @@
 #0006_more_xss.patch
 0007_russian_lang.patch
 0008_nested_includes.patch
+0009_CVE-2010-4369.patch
 1002_disable_configdir.patch
 1003_redirect_to_STDERR.patch
 1004_perl_version.patch

-- 
awstats Debian packaging

More information about the Pkg-awstats-commits mailing list