Giuseppe Iuculano ha scritto: > Hi, > > Attached is a debdiff of the changes I made for 1.1.0.7-1.1 0-day NMU.
Hi, previous NMU introduced a regression. Attached the debdiff for 1.1.0.7-1.2 0-day NMU. Cheers, Giuseppe.
diff -u phpldapadmin-1.1.0.7/debian/changelog
phpldapadmin-1.1.0.7/debian/changelog
--- phpldapadmin-1.1.0.7/debian/changelog
+++ phpldapadmin-1.1.0.7/debian/changelog
@@ -1,3 +1,11 @@
+phpldapadmin (1.1.0.7-1.2) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * Fixed a regression in the previous NMU: use a proper regexp to discover
+ malicious commands.
+
+ -- Giuseppe Iuculano <iucul...@debian.org> Mon, 04 Jan 2010 21:08:46 +0100
+
phpldapadmin (1.1.0.7-1.1) unstable; urgency=high
* Non-maintainer upload by the Security Team.
diff -u phpldapadmin-1.1.0.7/debian/patches/CVE-2009-4427.dpatch
phpldapadmin-1.1.0.7/debian/patches/CVE-2009-4427.dpatch
--- phpldapadmin-1.1.0.7/debian/patches/CVE-2009-4427.dpatch
+++ phpldapadmin-1.1.0.7/debian/patches/CVE-2009-4427.dpatch
@@ -7,7 +7,7 @@
@DPATCH@
diff -urNad phpldapadmin~/htdocs/cmd.php phpldapadmin/htdocs/cmd.php
--- phpldapadmin~/htdocs/cmd.php 2008-01-10 13:28:34.000000000 +0100
-+++ phpldapadmin/htdocs/cmd.php 2010-01-03 11:45:59.000000000 +0100
++++ phpldapadmin/htdocs/cmd.php 2010-01-04 13:38:33.000000000 +0100
@@ -35,6 +35,14 @@
# Create page.
$www['page'] = new page($ldapserver->server_id);
@@ -15,7 +15,7 @@
+# See if we can render the command
+if (trim($www['cmd'])) {
+ # If this command has been disabled by the config.
-+ if (! $_SESSION[APPCONFIG]->isCommandAvailable('script',$www['cmd']))
++ if (!preg_match('/^([A-Za-z0-9-_]+)$/',$www['cmd']))
+ system_message(array('title'=>_('Command disabled by the server
configuration'),
+ _('Error'),'body'=>sprintf('%s: <b>%s</b>.',_('The
command could not be run'),$www['cmd']),'type'=>'error'),'index.php');
+}
signature.asc
Description: OpenPGP digital signature
