r262 - in tags/vim/1:6.3-071+1: tags/vim/1:6.3-071+1/debian tags/vim/1:6.3-071+1/upstream/patches

Pierre Habouzit madcoder-guest at costa.debian.org
Tue Jul 26 15:31:43 UTC 2005 

Author: madcoder-guest
Date: 2005-07-26 15:31:42 +0000 (Tue, 26 Jul 2005)
New Revision: 262

Added:
   tags/vim/1:6.3-071+1/upstream/patches/6.3.081
   tags/vim/1:6.3-071+1/upstream/patches/6.3.082
Modified:
   tags/vim/1:6.3-071+1/debian/changelog
Log:
add patches 081 and 082 for stable

Modified: tags/vim/1:6.3-071+1/debian/changelog
===================================================================
--- tags/vim/1:6.3-071+1/debian/changelog	2005-07-26 15:26:45 UTC (rev 261)
+++ tags/vim/1:6.3-071+1/debian/changelog	2005-07-26 15:31:42 UTC (rev 262)
@@ -1,3 +1,11 @@
+vim (1:6.3-071+2) stable; urgency=high
+
+  * Add upstream patches 081 and 082 :
+    + add patches Fix arbitrary shell commands execution by wrapping them in
+      glob() or expand() function calls in modelines.  (closes: #320017)
+
+ -- Debian VIM Maintainers <pkg-vim-maintainers at lists.alioth.debian.org>  Tue, 26 Jul 2005 17:28:37 +0200
+
 vim (1:6.3-071+1) unstable; urgency=medium
 
   * New upstream patches (069 to 071), see README.gz for details.

Added: tags/vim/1:6.3-071+1/upstream/patches/6.3.081
===================================================================
--- tags/vim/1:6.3-071+1/upstream/patches/6.3.081	2005-07-26 15:26:45 UTC (rev 261)
+++ tags/vim/1:6.3-071+1/upstream/patches/6.3.081	2005-07-26 15:31:42 UTC (rev 262)
@@ -0,0 +1,58 @@
+To: vim-dev at vim.org
+Subject: Patch 6.3.081
+From: Bram Moolenaar <Bram at moolenaar.net>
+Mime-Version: 1.0
+Content-Type: text/plain; charset=ISO-8859-1
+Content-Transfer-Encoding: 8bit
+------------
+
+Patch 6.3.081
+Problem:    Unix: glob() may execute a shell command when it's not wanted.
+	    (Georgi Guninski)
+Solution:   Verify the sandbox flag is not set.
+Files:	    src/os_unix.c
+
+
+*** ../vim-6.3.080/src/os_unix.c	Sat Jan 29 16:14:42 2005
+--- src/os_unix.c	Tue Jul 19 22:29:34 2005
+***************
+*** 4700,4706 ****
+      /*
+       * Don't allow the use of backticks in secure and restricted mode.
+       */
+!     if (secure || restricted)
+  	for (i = 0; i < num_pat; ++i)
+  	    if (vim_strchr(pat[i], '`') != NULL
+  		    && (check_restricted() || check_secure()))
+--- 4700,4710 ----
+      /*
+       * Don't allow the use of backticks in secure and restricted mode.
+       */
+!     if (secure || restricted
+! # ifdef HAVE_SANDBOX
+! 	    || sandbox != 0
+! # endif
+! 	    )
+  	for (i = 0; i < num_pat; ++i)
+  	    if (vim_strchr(pat[i], '`') != NULL
+  		    && (check_restricted() || check_secure()))
+*** ../vim-6.3.080/src/version.c	Mon Jul  4 12:19:01 2005
+--- src/version.c	Tue Jul 19 22:26:32 2005
+***************
+*** 643,644 ****
+--- 643,646 ----
+  {   /* Add new patch number below this line */
++ /**/
++     81,
+  /**/
+
+-- 
+    With sufficient thrust, pigs fly just fine.
+                   -- RFC 1925
+
+ /// Bram Moolenaar -- Bram at Moolenaar.net -- http://www.Moolenaar.net   \\\
+///        Sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
+\\\              Project leader for A-A-P -- http://www.A-A-P.org        ///
+ \\\     Buy LOTR 3 and help AIDS victims -- http://ICCF.nl/lotr.html   ///
+
+html   ///

Added: tags/vim/1:6.3-071+1/upstream/patches/6.3.082
===================================================================
--- tags/vim/1:6.3-071+1/upstream/patches/6.3.082	2005-07-26 15:26:45 UTC (rev 261)
+++ tags/vim/1:6.3-071+1/upstream/patches/6.3.082	2005-07-26 15:31:42 UTC (rev 262)
@@ -0,0 +1,69 @@
+To: vim-dev at vim.org
+Subject: Patch 6.3.082
+From: Bram Moolenaar <Bram at moolenaar.net>
+Mime-Version: 1.0
+Content-Type: text/plain; charset=ISO-8859-1
+Content-Transfer-Encoding: 8bit
+------------
+
+Patch 6.3.082 (after 6.3.081)
+Problem:    Unix: expand() may execute a shell command when it's not wanted.
+            (Georgi Guninski)
+Solution:   A more generic solution than 6.3.081.
+Files:      src/os_unix.c
+    
+
+*** ../vim-6.3.081/src/os_unix.c	Tue Jul 19 22:31:54 2005
+--- src/os_unix.c	Wed Jul 20 10:54:12 2005
+***************
+*** 4697,4710 ****
+      if (!have_wildcard(num_pat, pat))
+  	return save_patterns(num_pat, pat, num_file, file);
+  
+      /*
+       * Don't allow the use of backticks in secure and restricted mode.
+       */
+!     if (secure || restricted
+! # ifdef HAVE_SANDBOX
+! 	    || sandbox != 0
+! # endif
+! 	    )
+  	for (i = 0; i < num_pat; ++i)
+  	    if (vim_strchr(pat[i], '`') != NULL
+  		    && (check_restricted() || check_secure()))
+--- 4697,4712 ----
+      if (!have_wildcard(num_pat, pat))
+  	return save_patterns(num_pat, pat, num_file, file);
+  
++ # ifdef HAVE_SANDBOX
++     /* Don't allow any shell command in the sandbox. */
++     if (sandbox != 0 && check_secure())
++ 	return FAIL;
++ # endif
++ 
+      /*
+       * Don't allow the use of backticks in secure and restricted mode.
+       */
+!     if (secure || restricted)
+  	for (i = 0; i < num_pat; ++i)
+  	    if (vim_strchr(pat[i], '`') != NULL
+  		    && (check_restricted() || check_secure()))
+*** ../vim-6.3.081/src/version.c	Tue Jul 19 22:31:54 2005
+--- src/version.c	Wed Jul 20 11:03:50 2005
+***************
+*** 643,644 ****
+--- 643,646 ----
+  {   /* Add new patch number below this line */
++ /**/
++     82,
+  /**/
+
+-- 
+No letters of the alphabet were harmed in the creation of this message.
+
+ /// Bram Moolenaar -- Bram at Moolenaar.net -- http://www.Moolenaar.net   \\\
+///        Sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
+\\\              Project leader for A-A-P -- http://www.A-A-P.org        ///
+ \\\     Buy LOTR 3 and help AIDS victims -- http://ICCF.nl/lotr.html   ///
+
+html   ///

More information about the pkg-vim-maintainers mailing list