[Pkg-ceph-commits] [ceph] 01/09: Patch to fix CVE-2015-5245 applied from upstream

Gaudenz Steinlin gaudenz at moszumanska.debian.org
Thu Jan 5 10:05:28 UTC 2017 

This is an automated email from the git hooks/post-receive script.

gaudenz pushed a commit to branch jessie
in repository ceph.

commit 61b5e0389099bab8bcd196a76eb7a66cb6f5c63e
Author: Gaudenz Steinlin <gaudenz at debian.org>
Date:   Fri Sep 11 10:27:26 2015 +0200

    Patch to fix CVE-2015-5245 applied from upstream
    
    Refreshed the patch to apply onto the firefly sources and to only
    contain the chages to fix the vulnerability.
    
    Closes: #798567
---
 debian/patches/CVE-2015-5245.patch | 35 +++++++++++++++++++++++++++++++++++
 debian/patches/series              |  1 +
 2 files changed, 36 insertions(+)

diff --git a/debian/patches/CVE-2015-5245.patch b/debian/patches/CVE-2015-5245.patch
new file mode 100644
index 0000000..c929c0e
--- /dev/null
+++ b/debian/patches/CVE-2015-5245.patch
@@ -0,0 +1,35 @@
+From ad5507fe0bf72ed5bdf8353e315cc9092c740144 Mon Sep 17 00:00:00 2001
+From: Yehuda Sadeh <yehuda at redhat.com>
+Date: Thu, 30 Jul 2015 14:47:15 -0700
+Subject: [PATCH] rgw: url encode exposed bucket
+
+Fixes: #12537
+Don't send the bucket name back without url encoding it.
+
+Signed-off-by: Yehuda Sadeh <yehuda at redhat.com>
+
+The patch below is an adapted version for ceph 0.80.7 to only contain
+the necessary changes to fix this vulnerability. Neither the quoting 
+of the bucket name nor the missing \r are fixed.
+(see http://tracker.ceph.com/issues/9254 and http://tracker.ceph.com/issues/11860)
+
+---
+ src/rgw/rgw_rest.cc | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+--- a/src/rgw/rgw_rest.cc
++++ b/src/rgw/rgw_rest.cc
+@@ -272,8 +272,11 @@
+ {
+   int expose_bucket = g_conf->rgw_expose_bucket;
+   if (expose_bucket) {
+-    if (!s->bucket_name_str.empty())
+-      s->cio->print("Bucket: \"%s\"\n", s->bucket_name_str.c_str());
++    if (!s->bucket_name_str.empty()) {
++      string b;
++      url_encode(s->bucket_name_str, b);
++      s->cio->print("Bucket: \"%s\"\n", b.c_str());
++    }
+   }
+ }
+ 
diff --git a/debian/patches/series b/debian/patches/series
index 8625fda..8ac47ad 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -14,6 +14,7 @@ backfill-prio.patch
 bash-completion.patch
 rbdmap1-mount.patch
 rbdmap2-hooks.patch
+CVE-2015-5245.patch
 
 ## Debian
 rbdmap3-lazyumount.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ceph/ceph.git

More information about the Pkg-ceph-commits mailing list