Bug#664567: Info received (pu: kdeutils: diff for NMU version 4:4.4.5-1.1)

Sun, 18 Mar 2012 23:33:18 -0700 

I realised during the night that the debdiff has the wrong version number
and misses the series file. Updated diff attached.

-- 
Jonathan Wiltshire                                      j...@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

<directhex> i have six years of solaris sysadmin experience, from
            8->10. i am well qualified to say it is made from bonghits
                        layered on top of bonghits

diff -Nru kdeutils-4.4.5/debian/changelog kdeutils-4.4.5/debian/changelog
--- kdeutils-4.4.5/debian/changelog     2010-07-21 08:47:03.000000000 +0100
+++ kdeutils-4.4.5/debian/changelog     2012-03-19 06:07:14.000000000 +0000
@@ -1,3 +1,11 @@
+kdeutils (4:4.4.5-1+squeeze1) stable; urgency=low
+
+  * Non-maintainer upload.
+  * CVE-2011-2725: Backport patch for upstream directory traversal in Ark
+    Closes: #635541 (thanks to Moritz Muehlenhoff)
+
+ -- Jonathan Wiltshire <j...@debian.org>  Sun, 18 Mar 2012 21:36:25 +0000
+
 kdeutils (4:4.4.5-1) unstable; urgency=low
 
   [ Modestas Vainius ]
diff -Nru kdeutils-4.4.5/debian/patches/CVE-2011-2725.patch 
kdeutils-4.4.5/debian/patches/CVE-2011-2725.patch
--- kdeutils-4.4.5/debian/patches/CVE-2011-2725.patch   1970-01-01 
01:00:00.000000000 +0100
+++ kdeutils-4.4.5/debian/patches/CVE-2011-2725.patch   2012-03-18 
21:43:23.000000000 +0000
@@ -0,0 +1,27 @@
+Description: fix directory traversal in Ark
+Origin: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635541#32
+Bug-Debian: http://bugs.debian.org/635541
+Author: Moritz Muehlenhoff <j...@debian.org>
+Reviewed-By: Jonathan Wiltshire <j...@debian.org>
+Last-Update: 2012-03-18
+
+--- kdeutils-4.4.5.orig/ark/part/part.cpp
++++ kdeutils-4.4.5/ark/part/part.cpp
+@@ -500,8 +500,15 @@ void Part::slotPreviewExtracted(KJob *jo
+     if (!job->error()) {
+         const ArchiveEntry& entry =
+             m_model->entryForIndex(m_view->selectionModel()->currentIndex());
+-        const QString fullName =
+-            m_previewDir->name() + '/' + entry[ FileName ].toString();
++
++        QString fullName =
++            m_previewDir->name() + QLatin1Char('/') + entry[ FileName 
].toString();
++
++        // Make sure a maliciously crafted archive with parent folders named 
".." do
++        // not cause the previewed file path to be located outside the 
temporary
++        // directory, resulting in a directory traversal issue.
++        fullName.remove(QLatin1String("../"));
++
+         ArkViewer::view(fullName, widget());
+     } else {
+         KMessageBox::error(widget(), job->errorString());
diff -Nru kdeutils-4.4.5/debian/patches/series 
kdeutils-4.4.5/debian/patches/series
--- kdeutils-4.4.5/debian/patches/series        1970-01-01 01:00:00.000000000 
+0100
+++ kdeutils-4.4.5/debian/patches/series        2012-03-19 06:07:36.000000000 
+0000
@@ -0,0 +1 @@
+CVE-2011-2725.patch

Attachment: signature.asc
Description: Digital signature

Reply via email to