[Pkg-sympa-commits] [sympa] 01/05: Add a patch to fix a vulnerability in the web interface (wwsympa)
Emmanuel Bouthenot
kolter at moszumanska.debian.org
Mon Feb 9 22:54:59 UTC 2015
This is an automated email from the git hooks/post-receive script.
kolter pushed a commit to branch debian/squeeze-lts
in repository sympa.
commit 6e2afc25a6917794133f02d2fef7782bd06578bc
Author: Emmanuel Bouthenot <kolter at openics.org>
Date: Fri Jan 16 22:16:47 2015 +0000
Add a patch to fix a vulnerability in the web interface (wwsympa)
---
debian/patches/2007_fix_web_interface_vulnerability | 20 ++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 21 insertions(+)
diff --git a/debian/patches/2007_fix_web_interface_vulnerability b/debian/patches/2007_fix_web_interface_vulnerability
new file mode 100644
index 0000000..9727c25
--- /dev/null
+++ b/debian/patches/2007_fix_web_interface_vulnerability
@@ -0,0 +1,20 @@
+--- a/wwsympa/wwsympa.fcgi.in
++++ b/wwsympa/wwsympa.fcgi.in
+@@ -15146,9 +15146,14 @@
+ $pages_url = $in{'url'};
+
+ # parse return the MIME::Lite part to send
+- my $MIMEmail = $mailHTML->parse($pages_url);
+-
+- $in{'body'} = $MIMEmail->as_string;
++ $mailHTML->{_AGENT}->protocols_allowed(['http', 'https', 'ftp', 'nntp']);
++ my $MIMEmail = eval { $mailHTML->parse($pages_url) };
++ if ($MIMEmail) {
++ $in{'body'} = $MIMEmail->as_string;
++ } else {
++ report::reject_report_web('user', 'wrong_value', {'argument' => 'url'}, $param->{'action'});
++ return undef;
++ }
+
+ } else {
+
diff --git a/debian/patches/series b/debian/patches/series
index a4222a0..1475d37 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -14,3 +14,4 @@
1010_sqlite_upgrade.patch
2005_disable_build_non_dfsg_po_files.patch
2006_fix_CVE-2012-2352.patch
+2007_fix_web_interface_vulnerability
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/collab-maint/sympa.git
More information about the Pkg-sympa-commits
mailing list