diff options
author | tron <tron@pkgsrc.org> | 2011-11-20 14:42:04 +0000 |
---|---|---|
committer | tron <tron@pkgsrc.org> | 2011-11-20 14:42:04 +0000 |
commit | 68353df751a641ed61b733ef95656ebb45b34817 (patch) | |
tree | dbe48130189a931c6c07011f6064eacc2c72f567 | |
parent | c4ffef588df688ce72614aa24b44fe93165ec722 (diff) | |
download | pkgsrc-68353df751a641ed61b733ef95656ebb45b34817.tar.gz |
Pullup ticket #3614 - requested by markd
misc/kdeutils4: security patch
Revisions pulled up:
- misc/kdeutils4/Makefile 1.27 via patch
- misc/kdeutils4/distinfo 1.15
- misc/kdeutils4/patches/patch-ark_part_part.cpp 1.1
---
Module Name: pkgsrc
Committed By: markd
Date: Sun Nov 20 02:10:58 UTC 2011
Modified Files:
pkgsrc/misc/kdeutils4: Makefile distinfo
Added Files:
pkgsrc/misc/kdeutils4/patches: patch-ark_part_part.cpp
Log Message:
Fix directory traversal issue (CVE-2011-2725).
-rw-r--r-- | misc/kdeutils4/Makefile | 4 | ||||
-rw-r--r-- | misc/kdeutils4/distinfo | 3 | ||||
-rw-r--r-- | misc/kdeutils4/patches/patch-ark_part_part.cpp | 37 |
3 files changed, 41 insertions, 3 deletions
diff --git a/misc/kdeutils4/Makefile b/misc/kdeutils4/Makefile index fbfde19af3b..c3eaf7302f5 100644 --- a/misc/kdeutils4/Makefile +++ b/misc/kdeutils4/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.23 2011/05/02 10:09:11 abs Exp $ +# $NetBSD: Makefile,v 1.23.4.1 2011/11/20 14:42:04 tron Exp $ DISTNAME= kdeutils-${_KDE_VERSION} -PKGREVISION= 3 +PKGREVISION= 7 CATEGORIES= misc COMMENT= Utilities for the KDE integrated X11 desktop diff --git a/misc/kdeutils4/distinfo b/misc/kdeutils4/distinfo index 79057111784..d46953b8033 100644 --- a/misc/kdeutils4/distinfo +++ b/misc/kdeutils4/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.14 2011/01/23 07:55:14 markd Exp $ +$NetBSD: distinfo,v 1.14.6.1 2011/11/20 14:42:04 tron Exp $ SHA1 (kdeutils-4.5.5.tar.bz2) = f3bf2bd808e4540f6666cb9b26471a90f2c0135e RMD160 (kdeutils-4.5.5.tar.bz2) = 9a381df068d99b13f96ce9ef2e7f479fd453aaa4 Size (kdeutils-4.5.5.tar.bz2) = 3818433 bytes +SHA1 (patch-ark_part_part.cpp) = 83fb376f59c25530b3155fc1ba54f012b3c2fbbe diff --git a/misc/kdeutils4/patches/patch-ark_part_part.cpp b/misc/kdeutils4/patches/patch-ark_part_part.cpp new file mode 100644 index 00000000000..59d4e62e0f3 --- /dev/null +++ b/misc/kdeutils4/patches/patch-ark_part_part.cpp @@ -0,0 +1,37 @@ +$NetBSD: patch-ark_part_part.cpp,v 1.1.2.2 2011/11/20 14:42:05 tron Exp $ + +commit 6f6c0b18b3569ae2b5b6f65dc7ea626a8b7c03c0 +Author: Raphael Kubo da Costa <rakuco@FreeBSD.org> +Date: Mon Oct 17 20:40:01 2011 -0200 + + Fix directory traversal issue (CVE-2011-2725). + + Tim Brown from Nth Dimension noticed a possible traversal issue where + the previewer dialog would show (and then remove) the wrong file when + a maliciously crafted archive had a file previewed. + + We now do the same thing as infozip and filter out "../" from the + paths being previewed. + +diff --git a/part/part.cpp b/part/part.cpp +index c213f01..b034fbf 100644 +--- ark/part/part.cpp ++++ ark/part/part.cpp +@@ -504,8 +504,15 @@ void Part::slotPreviewExtracted(KJob *job) + if (!job->error()) { + const ArchiveEntry& entry = + m_model->entryForIndex(m_view->selectionModel()->currentIndex()); +- const QString fullName = +- m_previewDir->name() + '/' + entry[ FileName ].toString(); ++ ++ QString fullName = ++ m_previewDir->name() + QLatin1Char('/') + entry[ FileName ].toString(); ++ ++ // Make sure a maliciously crafted archive with parent folders named ".." do ++ // not cause the previewed file path to be located outside the temporary ++ // directory, resulting in a directory traversal issue. ++ fullName.remove(QLatin1String("../")); ++ + ArkViewer::view(fullName, widget()); + } else { + KMessageBox::error(widget(), job->errorString()); |