r67387 - in /trunk/libcgi-simple-perl/debian: changelog patches/cve-2010-4411.patch patches/series
ntyni at users.alioth.debian.org
ntyni at users.alioth.debian.org
Fri Jan 14 17:43:55 UTC 2011
Author: ntyni
Date: Fri Jan 14 17:43:30 2011
New Revision: 67387
URL: http://svn.debian.org/wsvn/pkg-perl/?sc=1&rev=67387
Log:
[SECURITY] CVE-2010-4411: fix a newline injection issue that resulted
from an incomplete fix for CVE-2010-4410.
Added:
trunk/libcgi-simple-perl/debian/patches/cve-2010-4411.patch
Modified:
trunk/libcgi-simple-perl/debian/changelog
trunk/libcgi-simple-perl/debian/patches/series
Modified: trunk/libcgi-simple-perl/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libcgi-simple-perl/debian/changelog?rev=67387&op=diff
==============================================================================
--- trunk/libcgi-simple-perl/debian/changelog (original)
+++ trunk/libcgi-simple-perl/debian/changelog Fri Jan 14 17:43:30 2011
@@ -22,6 +22,10 @@
* add a patch for CVE-2010-4410
+ add libtest-exception-perl to dependencies
* use "3.0 (quilt)" source format
+
+ [ Niko Tyni ]
+ * [SECURITY] CVE-2010-4411: fix a newline injection issue that resulted
+ from an incomplete fix for CVE-2010-4410.
-- Damyan Ivanov <dmn at debian.org> Fri, 31 Dec 2010 17:57:27 +0200
Added: trunk/libcgi-simple-perl/debian/patches/cve-2010-4411.patch
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libcgi-simple-perl/debian/patches/cve-2010-4411.patch?rev=67387&op=file
==============================================================================
--- trunk/libcgi-simple-perl/debian/patches/cve-2010-4411.patch (added)
+++ trunk/libcgi-simple-perl/debian/patches/cve-2010-4411.patch Fri Jan 14 17:43:30 2011
@@ -1,0 +1,30 @@
+Author: Mark Stosberg <mark at stosberg.com>
+Origin: http://github.com/markstos/CGI--Simple/commit/daff9ca164a7d88d68b6d4d729331e03e32d00dd
+Origin: http://github.com/markstos/CGI--Simple/commit/e811ab874a5e0ac8a99e76b645a0e537d8f714da
+Subject: [CVE-2010-4411] Port latest header-injection refinement from CGI.pm
+
+See also http://www.openwall.com/lists/oss-security/2011/01/04/9
+
+--- libcgi-simple-perl.orig/lib/CGI/Simple.pm
++++ libcgi-simple-perl/lib/CGI/Simple.pm
+@@ -1007,7 +1007,7 @@
+ $header =~ s/$CRLF(\s)/$1/g;
+
+ # All other uses of newlines are invalid input.
+- if ( $header =~ m/$CRLF/ ) {
++ if ($header =~ m/$CRLF|\015|\012/) {
+ # shorten very long values in the diagnostic
+ $header = substr( $header, 0, 72 ) . '...'
+ if ( length $header > 72 );
+--- libcgi-simple-perl.orig/t/headers.t
++++ libcgi-simple-perl/t/headers.t
+@@ -76,3 +76,9 @@
+ 'redirect with leading newlines blows up'
+ );
+
++{
++ my $cgi = CGI::Simple->new('t=bogus%0A%0A<html>');
++ my $out;
++ eval { $out = $cgi->redirect( $cgi->param('t') ) };
++ like($@,qr/contains a newline/, "redirect does not allow double-newline injection");
++}
Modified: trunk/libcgi-simple-perl/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-perl/trunk/libcgi-simple-perl/debian/patches/series?rev=67387&op=diff
==============================================================================
--- trunk/libcgi-simple-perl/debian/patches/series (original)
+++ trunk/libcgi-simple-perl/debian/patches/series Fri Jan 14 17:43:30 2011
@@ -1,1 +1,2 @@
cve-2010-4410.patch
+cve-2010-4411.patch
More information about the Pkg-perl-cvs-commits
mailing list