Bug#594301: Patch to fix this bug

Thu, 26 Aug 2010 11:57:22 -0700 

tags 594301 + patch
thanks

Hi!

Please find attached a patch to fix this bug.

Kumar

>From 0612b806a2f743e014fed0b8df2bcaf67fc36562 Mon Sep 17 00:00:00 2001
From: Kumar Appaiah <a.ku...@alumni.iitm.ac.in>
Date: Thu, 26 Aug 2010 13:52:02 -0500
Subject: [PATCH] Add patch to fix CVE-2010-2809

---
 ...shell-interpret-SELECTED_URI-fixes-FS-240.patch |   22 ++++++++++++++++++++
 debian/patches/series                              |    1 +
 2 files changed, 23 insertions(+), 0 deletions(-)
 create mode 100644 debian/patches/0001-Don-t-shell-interpret-SELECTED_URI-fixes-FS-240.patch

diff --git a/debian/patches/0001-Don-t-shell-interpret-SELECTED_URI-fixes-FS-240.patch b/debian/patches/0001-Don-t-shell-interpret-SELECTED_URI-fixes-FS-240.patch
new file mode 100644
index 0000000..383bc0d
--- /dev/null
+++ b/debian/patches/0001-Don-t-shell-interpret-SELECTED_URI-fixes-FS-240.patch
@@ -0,0 +1,22 @@
+From 8fbe72f35afa9953c7b150c636fa26f182a9fce7 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Pawe=C5=82=20Zuzelski?= <paw...@pld-linux.org>
+Date: Tue, 3 Aug 2010 09:25:10 +0200
+Subject: [PATCH] Don't shell-interpret \...@selected_uri (fixes FS#240)
+
+---
+ examples/config/config |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+Index: uzbl/examples/config/config
+===================================================================
+--- uzbl.orig/examples/config/config	2010-08-26 13:50:43.000000000 -0500
++++ uzbl/examples/config/config	2010-08-26 13:50:44.000000000 -0500
+@@ -190,7 +190,7 @@
+ # === Mouse bindings =========================================================
+ 
+ # Middle click open in new window
+...@bind  <Button2>  = sh 'if [ "\...@selected_uri" ]; then uzbl-browser -u "\...@selected_uri"; else echo "uri $(xclip -o | sed s/\\\@/%40/g)" > $4; fi'
+...@bind  <Button2>  = sh 'if [ "$8" ]; then uzbl-browser -u "$8"; else echo "uri $(xclip -o | sed s/\\\@/%40/g)" > $4; fi' \...@selected_uri
+ 
+ 
+ # === Keyboard bindings ======================================================
diff --git a/debian/patches/series b/debian/patches/series
index 2cb978b..acda7f9 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
 #gtk-links-ranout
 fix-bashisms
+0001-Don-t-shell-interpret-SELECTED_URI-fixes-FS-240.patch
-- 
1.7.1

Reply via email to