[Secure-testing-team] Bug#700912: zoneminder: local file inclusion vulnerability
Salvatore Bonaccorso
carnil at debian.org
Tue Feb 19 08:53:37 UTC 2013
Package: zoneminder
Version: 1.24.2-8
Severity: grave
Tags: security patch
Justification: user security hole
Control: fixed -1 1.25.0-1
Hi
In zoneminder forum there is the following security patch announce:
http://www.zoneminder.com/forums/viewtopic.php?f=1&t=17979
1.24.2-8 is affected by this file inclusion vulnerability.
Attached are the patches from svn, r3483 and r3488.
Note: upstream 1.25.0 has a sligthly modified detaint function:
function detaintPath( $path )
{
// Remove any absolute paths, or relative ones that want to go up
$path = preg_replace( '/\.(?:\.+[\\/][\\/]*)+/', '', $path );
$path = preg_replace( '/^[\\/]+/', '', $path );
return( $path );
}
Regards
Salvatore
-------------- next part --------------
A non-text attachment was scrubbed...
Name: zoneminder_r3483.patch
Type: text/x-diff
Size: 2421 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20130219/9454a6e5/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: zoneminder_r3488.patch
Type: text/x-diff
Size: 559 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20130219/9454a6e5/attachment-0001.patch>
More information about the Secure-testing-team
mailing list