r262 - in tags/vim/1:6.3-071+1: tags/vim/1:6.3-071+1/debian
tags/vim/1:6.3-071+1/upstream/patches
Pierre Habouzit
madcoder-guest at costa.debian.org
Tue Jul 26 15:31:43 UTC 2005
Author: madcoder-guest
Date: 2005-07-26 15:31:42 +0000 (Tue, 26 Jul 2005)
New Revision: 262
Added:
tags/vim/1:6.3-071+1/upstream/patches/6.3.081
tags/vim/1:6.3-071+1/upstream/patches/6.3.082
Modified:
tags/vim/1:6.3-071+1/debian/changelog
Log:
add patches 081 and 082 for stable
Modified: tags/vim/1:6.3-071+1/debian/changelog
===================================================================
--- tags/vim/1:6.3-071+1/debian/changelog 2005-07-26 15:26:45 UTC (rev 261)
+++ tags/vim/1:6.3-071+1/debian/changelog 2005-07-26 15:31:42 UTC (rev 262)
@@ -1,3 +1,11 @@
+vim (1:6.3-071+2) stable; urgency=high
+
+ * Add upstream patches 081 and 082 :
+ + add patches Fix arbitrary shell commands execution by wrapping them in
+ glob() or expand() function calls in modelines. (closes: #320017)
+
+ -- Debian VIM Maintainers <pkg-vim-maintainers at lists.alioth.debian.org> Tue, 26 Jul 2005 17:28:37 +0200
+
vim (1:6.3-071+1) unstable; urgency=medium
* New upstream patches (069 to 071), see README.gz for details.
Added: tags/vim/1:6.3-071+1/upstream/patches/6.3.081
===================================================================
--- tags/vim/1:6.3-071+1/upstream/patches/6.3.081 2005-07-26 15:26:45 UTC (rev 261)
+++ tags/vim/1:6.3-071+1/upstream/patches/6.3.081 2005-07-26 15:31:42 UTC (rev 262)
@@ -0,0 +1,58 @@
+To: vim-dev at vim.org
+Subject: Patch 6.3.081
+From: Bram Moolenaar <Bram at moolenaar.net>
+Mime-Version: 1.0
+Content-Type: text/plain; charset=ISO-8859-1
+Content-Transfer-Encoding: 8bit
+------------
+
+Patch 6.3.081
+Problem: Unix: glob() may execute a shell command when it's not wanted.
+ (Georgi Guninski)
+Solution: Verify the sandbox flag is not set.
+Files: src/os_unix.c
+
+
+*** ../vim-6.3.080/src/os_unix.c Sat Jan 29 16:14:42 2005
+--- src/os_unix.c Tue Jul 19 22:29:34 2005
+***************
+*** 4700,4706 ****
+ /*
+ * Don't allow the use of backticks in secure and restricted mode.
+ */
+! if (secure || restricted)
+ for (i = 0; i < num_pat; ++i)
+ if (vim_strchr(pat[i], '`') != NULL
+ && (check_restricted() || check_secure()))
+--- 4700,4710 ----
+ /*
+ * Don't allow the use of backticks in secure and restricted mode.
+ */
+! if (secure || restricted
+! # ifdef HAVE_SANDBOX
+! || sandbox != 0
+! # endif
+! )
+ for (i = 0; i < num_pat; ++i)
+ if (vim_strchr(pat[i], '`') != NULL
+ && (check_restricted() || check_secure()))
+*** ../vim-6.3.080/src/version.c Mon Jul 4 12:19:01 2005
+--- src/version.c Tue Jul 19 22:26:32 2005
+***************
+*** 643,644 ****
+--- 643,646 ----
+ { /* Add new patch number below this line */
++ /**/
++ 81,
+ /**/
+
+--
+ With sufficient thrust, pigs fly just fine.
+ -- RFC 1925
+
+ /// Bram Moolenaar -- Bram at Moolenaar.net -- http://www.Moolenaar.net \\\
+/// Sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
+\\\ Project leader for A-A-P -- http://www.A-A-P.org ///
+ \\\ Buy LOTR 3 and help AIDS victims -- http://ICCF.nl/lotr.html ///
+
+html ///
Added: tags/vim/1:6.3-071+1/upstream/patches/6.3.082
===================================================================
--- tags/vim/1:6.3-071+1/upstream/patches/6.3.082 2005-07-26 15:26:45 UTC (rev 261)
+++ tags/vim/1:6.3-071+1/upstream/patches/6.3.082 2005-07-26 15:31:42 UTC (rev 262)
@@ -0,0 +1,69 @@
+To: vim-dev at vim.org
+Subject: Patch 6.3.082
+From: Bram Moolenaar <Bram at moolenaar.net>
+Mime-Version: 1.0
+Content-Type: text/plain; charset=ISO-8859-1
+Content-Transfer-Encoding: 8bit
+------------
+
+Patch 6.3.082 (after 6.3.081)
+Problem: Unix: expand() may execute a shell command when it's not wanted.
+ (Georgi Guninski)
+Solution: A more generic solution than 6.3.081.
+Files: src/os_unix.c
+
+
+*** ../vim-6.3.081/src/os_unix.c Tue Jul 19 22:31:54 2005
+--- src/os_unix.c Wed Jul 20 10:54:12 2005
+***************
+*** 4697,4710 ****
+ if (!have_wildcard(num_pat, pat))
+ return save_patterns(num_pat, pat, num_file, file);
+
+ /*
+ * Don't allow the use of backticks in secure and restricted mode.
+ */
+! if (secure || restricted
+! # ifdef HAVE_SANDBOX
+! || sandbox != 0
+! # endif
+! )
+ for (i = 0; i < num_pat; ++i)
+ if (vim_strchr(pat[i], '`') != NULL
+ && (check_restricted() || check_secure()))
+--- 4697,4712 ----
+ if (!have_wildcard(num_pat, pat))
+ return save_patterns(num_pat, pat, num_file, file);
+
++ # ifdef HAVE_SANDBOX
++ /* Don't allow any shell command in the sandbox. */
++ if (sandbox != 0 && check_secure())
++ return FAIL;
++ # endif
++
+ /*
+ * Don't allow the use of backticks in secure and restricted mode.
+ */
+! if (secure || restricted)
+ for (i = 0; i < num_pat; ++i)
+ if (vim_strchr(pat[i], '`') != NULL
+ && (check_restricted() || check_secure()))
+*** ../vim-6.3.081/src/version.c Tue Jul 19 22:31:54 2005
+--- src/version.c Wed Jul 20 11:03:50 2005
+***************
+*** 643,644 ****
+--- 643,646 ----
+ { /* Add new patch number below this line */
++ /**/
++ 82,
+ /**/
+
+--
+No letters of the alphabet were harmed in the creation of this message.
+
+ /// Bram Moolenaar -- Bram at Moolenaar.net -- http://www.Moolenaar.net \\\
+/// Sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
+\\\ Project leader for A-A-P -- http://www.A-A-P.org ///
+ \\\ Buy LOTR 3 and help AIDS victims -- http://ICCF.nl/lotr.html ///
+
+html ///
More information about the pkg-vim-maintainers
mailing list