From 094100f2ee1382fdbdd7a1a79ff7c4d4834e7746 Mon Sep 17 00:00:00 2001 From: tv Date: Mon, 14 Feb 2005 16:56:38 +0000 Subject: Apply patch from Mailman maintainers to fix vulnerability described in: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0202 --- mail/mailman/Makefile | 4 ++-- mail/mailman/distinfo | 3 ++- mail/mailman/patches/patch-ai | 30 ++++++++++++++++++++++++++++++ 3 files changed, 34 insertions(+), 3 deletions(-) create mode 100644 mail/mailman/patches/patch-ai (limited to 'mail/mailman') diff --git a/mail/mailman/Makefile b/mail/mailman/Makefile index 1bfaa983245..65de1a1fdff 100644 --- a/mail/mailman/Makefile +++ b/mail/mailman/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.18 2005/01/23 20:41:48 recht Exp $ +# $NetBSD: Makefile,v 1.19 2005/02/14 16:56:38 tv Exp $ DISTNAME= mailman-2.1.4 -PKGREVISION= 2 +PKGREVISION= 3 CATEGORIES= mail www MASTER_SITES= http://www.list.org/ \ ${MASTER_SITE_GNU:=mailman/} diff --git a/mail/mailman/distinfo b/mail/mailman/distinfo index 8f2e2ce299c..c0874780a30 100644 --- a/mail/mailman/distinfo +++ b/mail/mailman/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.4 2004/09/06 04:12:46 lukem Exp $ +$NetBSD: distinfo,v 1.5 2005/02/14 16:56:38 tv Exp $ SHA1 (mailman-2.1.4.tgz) = b77d22283d5780b6d8449f19f86c210e4e58a032 Size (mailman-2.1.4.tgz) = 5779983 bytes @@ -10,3 +10,4 @@ SHA1 (patch-ae) = 6c17de398014217be8f1c7a3b3a6f8d379fc0fb2 SHA1 (patch-af) = 985a619a055151d998cefd0c1b7280a0d55f889e SHA1 (patch-ag) = f94f190e69ce892841b88574ec8e9f100b182ed9 SHA1 (patch-ah) = 42296c52e30b1fcc1d42ef0f1b89c83414ca85df +SHA1 (patch-ai) = 39288f7047063f77d0a94128f74ae4e9fa9e72e9 diff --git a/mail/mailman/patches/patch-ai b/mail/mailman/patches/patch-ai new file mode 100644 index 00000000000..97c544aabb7 --- /dev/null +++ b/mail/mailman/patches/patch-ai @@ -0,0 +1,30 @@ +$NetBSD: patch-ai,v 1.1 2005/02/14 16:56:38 tv Exp $ + +Index: private.py +=================================================================== +RCS file: /cvsroot/mailman/mailman/Mailman/Cgi/private.py,v +retrieving revision 2.16.2.1 +diff -u -r2.16.2.1 private.py +--- Mailman/Cgi/private.py 8 Feb 2003 07:13:50 -0000 2.16.2.1 ++++ Mailman/Cgi/private.py 10 Feb 2005 03:34:21 -0000 +@@ -35,13 +35,17 @@ + _ = i18n._ + i18n.set_language(mm_cfg.DEFAULT_SERVER_LANGUAGE) + ++SLASH = '/' ++ + + + def true_path(path): + "Ensure that the path is safe by removing .." +- path = path.replace('../', '') +- path = path.replace('./', '') +- return path[1:] ++ parts = path.split(SLASH) ++ safe = [x for x in parts if x not in ('.', '..')] ++ if parts <> safe: ++ syslog('mischief', 'Directory traversal attack thwarted') ++ return SLASH.join(safe)[1:] + + + -- cgit v1.2.3