diff options
| author | markd <markd> | 2011-11-20 02:10:58 +0000 |
|---|---|---|
| committer | markd <markd> | 2011-11-20 02:10:58 +0000 |
| commit | 0a1fb7a316ec3880f15c328694511d0d84824b5f (patch) | |
| tree | b88fe0cec2fca278a53f678a0c7e01bb0b461f21 /misc/kdeutils4 | |
| parent | eaf9ab56035ce290cfd7eddedab169a4ce23def8 (diff) | |
| download | pkgsrc-0a1fb7a316ec3880f15c328694511d0d84824b5f.tar.gz | |
Fix directory traversal issue (CVE-2011-2725).
Diffstat (limited to 'misc/kdeutils4')
| -rw-r--r-- | misc/kdeutils4/Makefile | 4 | ||||
| -rw-r--r-- | misc/kdeutils4/distinfo | 3 | ||||
| -rw-r--r-- | misc/kdeutils4/patches/patch-ark_part_part.cpp | 37 |
3 files changed, 41 insertions, 3 deletions
diff --git a/misc/kdeutils4/Makefile b/misc/kdeutils4/Makefile index d8c2c035e33..8469bf7aa8f 100644 --- a/misc/kdeutils4/Makefile +++ b/misc/kdeutils4/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.26 2011/11/01 06:50:28 sbd Exp $ +# $NetBSD: Makefile,v 1.27 2011/11/20 02:10:58 markd Exp $ DISTNAME= kdeutils-${_KDE_VERSION} -PKGREVISION= 6 +PKGREVISION= 7 CATEGORIES= misc COMMENT= Utilities for the KDE integrated X11 desktop diff --git a/misc/kdeutils4/distinfo b/misc/kdeutils4/distinfo index 79057111784..b7723e256f9 100644 --- a/misc/kdeutils4/distinfo +++ b/misc/kdeutils4/distinfo @@ -1,5 +1,6 @@ -$NetBSD: distinfo,v 1.14 2011/01/23 07:55:14 markd Exp $ +$NetBSD: distinfo,v 1.15 2011/11/20 02:10:58 markd Exp $ SHA1 (kdeutils-4.5.5.tar.bz2) = f3bf2bd808e4540f6666cb9b26471a90f2c0135e RMD160 (kdeutils-4.5.5.tar.bz2) = 9a381df068d99b13f96ce9ef2e7f479fd453aaa4 Size (kdeutils-4.5.5.tar.bz2) = 3818433 bytes +SHA1 (patch-ark_part_part.cpp) = 83fb376f59c25530b3155fc1ba54f012b3c2fbbe diff --git a/misc/kdeutils4/patches/patch-ark_part_part.cpp b/misc/kdeutils4/patches/patch-ark_part_part.cpp new file mode 100644 index 00000000000..a88da592e22 --- /dev/null +++ b/misc/kdeutils4/patches/patch-ark_part_part.cpp @@ -0,0 +1,37 @@ +$NetBSD: patch-ark_part_part.cpp,v 1.1 2011/11/20 02:10:58 markd Exp $ + +commit 6f6c0b18b3569ae2b5b6f65dc7ea626a8b7c03c0 +Author: Raphael Kubo da Costa <rakuco@FreeBSD.org> +Date: Mon Oct 17 20:40:01 2011 -0200 + + Fix directory traversal issue (CVE-2011-2725). + + Tim Brown from Nth Dimension noticed a possible traversal issue where + the previewer dialog would show (and then remove) the wrong file when + a maliciously crafted archive had a file previewed. + + We now do the same thing as infozip and filter out "../" from the + paths being previewed. + +diff --git a/part/part.cpp b/part/part.cpp +index c213f01..b034fbf 100644 +--- ark/part/part.cpp ++++ ark/part/part.cpp +@@ -504,8 +504,15 @@ void Part::slotPreviewExtracted(KJob *job) + if (!job->error()) { + const ArchiveEntry& entry = + m_model->entryForIndex(m_view->selectionModel()->currentIndex()); +- const QString fullName = +- m_previewDir->name() + '/' + entry[ FileName ].toString(); ++ ++ QString fullName = ++ m_previewDir->name() + QLatin1Char('/') + entry[ FileName ].toString(); ++ ++ // Make sure a maliciously crafted archive with parent folders named ".." do ++ // not cause the previewed file path to be located outside the temporary ++ // directory, resulting in a directory traversal issue. ++ fullName.remove(QLatin1String("../")); ++ + ArkViewer::view(fullName, widget()); + } else { + KMessageBox::error(widget(), job->errorString()); |