Ubuntu
xchat package

Merge lp:~ari-tczew/ubuntu/hardy/xchat/CVE-2009-0315 into lp:ubuntu/hardy/xchat

  1. Hardy (8.04)
  2. CVE-2009-0315
  3. Merge into hardy
Proposed by Artur Rona
Status: Needs review
Proposed branch: lp:~ari-tczew/ubuntu/hardy/xchat/CVE-2009-0315
Merge into: lp:ubuntu/hardy/xchat
Diff against target: 75 lines (+43/-1)
4 files modified
debian/changelog (+11/-0)
debian/control (+1/-1)
debian/patches/00list (+1/-0)
debian/patches/64_CVE-2009-0315.dpatch (+30/-0)
To merge this branch: bzr merge lp:~ari-tczew/ubuntu/hardy/xchat/CVE-2009-0315
Reviewer Review Type Date Requested Status
Marc Deslauriers Approve
Review via email: mp+26539@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Marc Deslauriers (mdeslaur) wrote :

Approved. Will upload to hardy-security.

review: Approve
Reply

Unmerged revisions

26. By Artur Rona

* SECURITY UPDATE (LP: #322196)
* debian/patches/64_CVE-2009-0315.dpatch:
  - Fix untrusted search path vulnerability in the Python module
    in xchat allows local users to execute arbitrary code via
    a Trojan horse Python file in the current working directory
  - CVE-2009-0315

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'debian/changelog'
--- debian/changelog 2008-04-09 10:37:24 +0000
+++ debian/changelog 2010-06-01 20:20:50 +0000
@@ -1,3 +1,14 @@
1xchat (2.8.4-0ubuntu7.1) hardy-security; urgency=low
2
3 * SECURITY UPDATE (LP: #322196)
4 * debian/patches/64_CVE-2009-0315.dpatch:
5 - Fix untrusted search path vulnerability in the Python module
6 in xchat allows local users to execute arbitrary code via
7 a Trojan horse Python file in the current working directory
8 - CVE-2009-0315
9
10 -- Artur Rona <ari-tczew@tlen.pl> Tue, 01 Jun 2010 21:27:28 +0200
11
1xchat (2.8.4-0ubuntu7) hardy; urgency=low12xchat (2.8.4-0ubuntu7) hardy; urgency=low
213
3 * Rebuild for liblaunchpad-integration1 transition.14 * Rebuild for liblaunchpad-integration1 transition.
415
=== modified file 'debian/control'
--- debian/control 2007-07-31 15:25:31 +0000
+++ debian/control 2010-06-01 20:20:50 +0000
@@ -1,7 +1,7 @@
1Source: xchat1Source: xchat
2Section: net2Section: net
3Priority: optional3Priority: optional
4Maintainer: Ubuntu MOTU Developers <ubuntu-motu@lists.ubuntu.com>4Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
5XSBC-Original-Maintainer: Davide Puricelli (evo) <evo@debian.org>5XSBC-Original-Maintainer: Davide Puricelli (evo) <evo@debian.org>
6Standards-Version: 3.7.26Standards-Version: 3.7.2
7Build-Depends: debhelper (>> 4), bison, libssl-dev, libglib2.0-dev, libgtk2.0-dev (>= 2.10.0), libperl-dev, gettext (>= 0.10.37-1), libtool, zlib1g-dev, perl (>= 5.8), python-dev, tcl8.4-dev, autotools-dev, dpatch, libdbus-glib-1-dev, libgtkspell-dev, gconf2, dpkg-dev (>= 1.13.19), liblaunchpad-integration-dev, libsexy-dev7Build-Depends: debhelper (>> 4), bison, libssl-dev, libglib2.0-dev, libgtk2.0-dev (>= 2.10.0), libperl-dev, gettext (>= 0.10.37-1), libtool, zlib1g-dev, perl (>= 5.8), python-dev, tcl8.4-dev, autotools-dev, dpatch, libdbus-glib-1-dev, libgtkspell-dev, gconf2, dpkg-dev (>= 1.13.19), liblaunchpad-integration-dev, libsexy-dev
88
=== modified file 'debian/patches/00list'
--- debian/patches/00list 2007-09-29 14:58:03 +0000
+++ debian/patches/00list 2010-06-01 20:20:50 +0000
@@ -8,3 +8,4 @@
845_ctcp_version_less_information845_ctcp_version_less_information
962_xc284-scrollbmkdir962_xc284-scrollbmkdir
1063_xc284-improvescrollback1063_xc284-improvescrollback
1164_CVE-2009-0315
1112
=== added file 'debian/patches/64_CVE-2009-0315.dpatch'
--- debian/patches/64_CVE-2009-0315.dpatch 1970-01-01 00:00:00 +0000
+++ debian/patches/64_CVE-2009-0315.dpatch 2010-06-01 20:20:50 +0000
@@ -0,0 +1,30 @@
1#! /bin/sh /usr/share/dpatch/dpatch-run
2## 64_CVE-2009-0315.dpatch by Nico Golde <nion@debian.org>
3## From: Artur Rona <ari-tczew@tlen.pl>
4## Description: Untrusted search path vulnerability in the Python module in xchat allows
5## local users to execute arbitrary code via a Trojan horse Python file in the
6## current working directory, related to a vulnerability in the PySys_SetArgv
7## function (CVE-2008-5983).
8## Bug: https://launchpad.net/bugs/322196
9## Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=513509
10
11@DPATCH@
12diff -urNad xchat-2.8.6~/plugins/python/python.c xchat-2.8.6/plugins/python/python.c
13--- xchat-2.8.6~/plugins/python/python.c 2008-03-29 06:57:35.000000000 +0100
14+++ xchat-2.8.6/plugins/python/python.c 2009-02-05 19:13:02.000000000 +0100
15@@ -1106,6 +1106,7 @@
16 }
17
18 PySys_SetArgv(1, argv);
19+ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)");
20 PySys_SetObject("__plugin__", (PyObject *) plugin);
21
22 /* Set stdout and stderr to xchatout. */
23@@ -2110,6 +2111,7 @@
24 Py_SetProgramName("xchat");
25 Py_Initialize();
26 PySys_SetArgv(1, argv);
27+ PyRun_SimpleString("import sys; sys.path = filter(None, sys.path)");
28
29 Plugin_Type.ob_type = &PyType_Type;
30 Context_Type.ob_type = &PyType_Type;

Subscribers

People subscribed via source and target branches

to all changes: