Ubuntu
xchat package

Merge lp:~ari-tczew/ubuntu/hardy/xchat/CVE-2009-0315 into lp:ubuntu/hardy/xchat

  1. Hardy (8.04)
  2. CVE-2009-0315
  3. Merge into hardy
Proposed by Artur Rona
Status: Needs review
Proposed branch: lp:~ari-tczew/ubuntu/hardy/xchat/CVE-2009-0315
Merge into: lp:ubuntu/hardy/xchat
Diff against target: 75 lines (+43/-1)
4 files modified
debian/changelog (+11/-0)
debian/control (+1/-1)
debian/patches/00list (+1/-0)
debian/patches/64_CVE-2009-0315.dpatch (+30/-0)
To merge this branch: bzr merge lp:~ari-tczew/ubuntu/hardy/xchat/CVE-2009-0315
Reviewer Review Type Date Requested Status
Marc Deslauriers Approve
Review via email: mp+26539@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Approved. Will upload to hardy-security.

review: Approve
Reply

Unmerged revisions

26. By Artur Rona

* SECURITY UPDATE (LP: #322196)
* debian/patches/64_CVE-2009-0315.dpatch:
  - Fix untrusted search path vulnerability in the Python module
    in xchat allows local users to execute arbitrary code via
    a Trojan horse Python file in the current working directory
  - CVE-2009-0315

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2008-04-09 10:37:24 +0000
3+++ debian/changelog 2010-06-01 20:20:50 +0000
4@@ -1,3 +1,14 @@
5+xchat (2.8.4-0ubuntu7.1) hardy-security; urgency=low
6+
7+ * SECURITY UPDATE (LP: #322196)
8+ * debian/patches/64_CVE-2009-0315.dpatch:
9+ - Fix untrusted search path vulnerability in the Python module
10+ in xchat allows local users to execute arbitrary code via
11+ a Trojan horse Python file in the current working directory
12+ - CVE-2009-0315
13+
14+ -- Artur Rona <ari-tczew@tlen.pl> Tue, 01 Jun 2010 21:27:28 +0200
15+
16 xchat (2.8.4-0ubuntu7) hardy; urgency=low
17
18 * Rebuild for liblaunchpad-integration1 transition.
19
20=== modified file 'debian/control'
21--- debian/control 2007-07-31 15:25:31 +0000
22+++ debian/control 2010-06-01 20:20:50 +0000
23@@ -1,7 +1,7 @@
24 Source: xchat
25 Section: net
26 Priority: optional
27-Maintainer: Ubuntu MOTU Developers <ubuntu-motu@lists.ubuntu.com>
28+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
29 XSBC-Original-Maintainer: Davide Puricelli (evo) <evo@debian.org>
30 Standards-Version: 3.7.2
31 Build-Depends: debhelper (>> 4), bison, libssl-dev, libglib2.0-dev, libgtk2.0-dev (>= 2.10.0), libperl-dev, gettext (>= 0.10.37-1), libtool, zlib1g-dev, perl (>= 5.8), python-dev, tcl8.4-dev, autotools-dev, dpatch, libdbus-glib-1-dev, libgtkspell-dev, gconf2, dpkg-dev (>= 1.13.19), liblaunchpad-integration-dev, libsexy-dev
32
33=== modified file 'debian/patches/00list'
34--- debian/patches/00list 2007-09-29 14:58:03 +0000
35+++ debian/patches/00list 2010-06-01 20:20:50 +0000
36@@ -8,3 +8,4 @@
37 45_ctcp_version_less_information
38 62_xc284-scrollbmkdir
39 63_xc284-improvescrollback
40+64_CVE-2009-0315
41
42=== added file 'debian/patches/64_CVE-2009-0315.dpatch'
43--- debian/patches/64_CVE-2009-0315.dpatch 1970-01-01 00:00:00 +0000
44+++ debian/patches/64_CVE-2009-0315.dpatch 2010-06-01 20:20:50 +0000
45@@ -0,0 +1,30 @@
46+#! /bin/sh /usr/share/dpatch/dpatch-run
47+## 64_CVE-2009-0315.dpatch by Nico Golde <nion@debian.org>
48+## From: Artur Rona <ari-tczew@tlen.pl>
49+## Description: Untrusted search path vulnerability in the Python module in xchat allows
50+## local users to execute arbitrary code via a Trojan horse Python file in the
51+## current working directory, related to a vulnerability in the PySys_SetArgv
52+## function (CVE-2008-5983).
53+## Bug: https://launchpad.net/bugs/322196
54+## Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513509
55+
56+@DPATCH@
57+diff -urNad xchat-2.8.6~/plugins/python/python.c xchat-2.8.6/plugins/python/python.c
58+--- xchat-2.8.6~/plugins/python/python.c 2008-03-29 06:57:35.000000000 +0100
59++++ xchat-2.8.6/plugins/python/python.c 2009-02-05 19:13:02.000000000 +0100
60+@@ -1106,6 +1106,7 @@
61+ }
62+
63+ PySys_SetArgv(1, argv);
64++ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)");
65+ PySys_SetObject("__plugin__", (PyObject *) plugin);
66+
67+ /* Set stdout and stderr to xchatout. */
68+@@ -2110,6 +2111,7 @@
69+ Py_SetProgramName("xchat");
70+ Py_Initialize();
71+ PySys_SetArgv(1, argv);
72++ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)");
73+
74+ Plugin_Type.ob_type = &PyType_Type;
75+ Context_Type.ob_type = &PyType_Type;

Subscribers

People subscribed via source and target branches

to all changes: