Package: yarssr
Version: 0.2.2-3
Severity: important

The fix for CVE-2007-5837 (bug #448721) splits the arguments up, but
keeps them quoted. Thus, the browser sees a URL in double quotes, and
gets thoroughly confused, erroring out.

Here's a patch which seems to cover all cases I can think of, though my
Perl isn't too sharp.

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-14-generic (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash

Versions of packages yarssr depends on:
ii  libgnome2-perl                1.040-1    Perl interface to the GNOME librar
ii  libgnome2-vfs-perl            1.080-1    Perl interface to the 2.x series o
ii  libgtk2-gladexml-perl         1.006-1    Perl interface to use user interfa
ii  libgtk2-perl                  1:1.161-1  Perl interface to the 2.x series o
ii  libgtk2-trayicon-perl         0.04-1     Perl interface to fill the system 
ii  libxml-rss-perl               1.31-2     Perl module for managing RSS (RDF 
ii  perl                          5.8.8-12   Larry Wall's Practical Extraction 

yarssr recommends no packages.

-- no debconf information
--- yarssr-0.2.2/lib/Yarssr/GUI.pm      2005-03-19 13:52:35.000000000 +1100
+++ GUI.pm      2007-12-04 09:59:06.000000000 +1100
@@ -162,9 +162,15 @@
                        );
                }
                else {
-                       my $b = Yarssr::Config->get_browser;
-                       $b .= " \"$url\"" unless $b =~ s/\%s/"$url"/;
-                       exec($b) or warn "unable to launch browser\n";
+                       my @b = split(' ', Yarssr::Config->get_browser);
+                       if (grep(/\%s/, @b))
+                       {
+                               map {grep(s/\%s/$url/, $_) => $_} @b;
+                       }
+                       else {
+                               push(@b, $url);
+                       }
+                       exec(@b) or warn "unable to launch browser\n";
                        exit;
                }
        }

Reply via email to