r19408 - in /packages/experimental/nautilus-python/debian: changelog patches/50_CVE-2009-0317.patch

joss at users.alioth.debian.org joss at users.alioth.debian.org
Tue Apr 7 13:47:20 UTC 2009 

Author: joss
Date: Tue Apr  7 13:47:20 2009
New Revision: 19408

URL: http://svn.debian.org/wsvn/pkg-gnome/?sc=1&rev=19408
Log:
50_CVE-2009-0317.patch: fix CVE-2009-0317: untrusted search path 
vulnerability. Closes: #513419

Added:
    packages/experimental/nautilus-python/debian/patches/50_CVE-2009-0317.patch
Modified:
    packages/experimental/nautilus-python/debian/changelog

Modified: packages/experimental/nautilus-python/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnome/packages/experimental/nautilus-python/debian/changelog?rev=19408&op=diff
==============================================================================
--- packages/experimental/nautilus-python/debian/changelog (original)
+++ packages/experimental/nautilus-python/debian/changelog Tue Apr  7 13:47:20 2009
@@ -8,6 +8,10 @@
   [ Emilio Pozuelo Monfort ]
   * Change section back to python, override has been fixed.
   * Do not duplicate the section in the binary package stanza.
+
+  [ Josselin Mouette ]
+  * 50_CVE-2009-0317.patch: fix CVE-2009-0317: untrusted search path 
+    vulnerability. Closes: #513419
 
  -- Loic Minier <lool at dooz.org>  Mon, 21 Apr 2008 13:59:59 +0200
 

Added: packages/experimental/nautilus-python/debian/patches/50_CVE-2009-0317.patch
URL: http://svn.debian.org/wsvn/pkg-gnome/packages/experimental/nautilus-python/debian/patches/50_CVE-2009-0317.patch?rev=19408&op=file
==============================================================================
--- packages/experimental/nautilus-python/debian/patches/50_CVE-2009-0317.patch (added)
+++ packages/experimental/nautilus-python/debian/patches/50_CVE-2009-0317.patch Tue Apr  7 13:47:20 2009
@@ -1,0 +1,10 @@
+--- src/nautilus-python.c.orig	2008-01-11 12:26:55.000000000 +0100
++++ src/nautilus-python.c	2009-04-07 15:45:17.955951735 +0200
+@@ -218,6 +218,7 @@
+ 	
+ 	debug("PySys_SetArgv");
+ 	PySys_SetArgv(1, argv);
++	PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)");
+ 	if (PyErr_Occurred()) {
+ 		PyErr_Print();
+ 		return FALSE;

More information about the pkg-gnome-commits mailing list