From: | "Andreas HAttel (dilfridge)" <dilfridge@g.o> |
---|---|
To: | gentoo-commits@l.g.o |
Subject: | [gentoo-commits] gentoo-x86 commit in dev-perl/HTTP-Body/files: HTTP-Body-1.190.0-CVE-2013-4407.patch |
Date: | Sun, 30 Nov 2014 22:20:53 |
Message-Id: | 20141130222045.DBB7EB3EC@oystercatcher.gentoo.org |
1 | dilfridge 14/11/30 22:20:45 |
2 | |
3 | Added: HTTP-Body-1.190.0-CVE-2013-4407.patch |
4 | Log: |
5 | Version bump; add patch for bug 484310; remove old |
6 | |
7 | (Portage version: 2.2.14/cvs/Linux x86_64, signed Manifest commit with key EBE6A336BE19039C!) |
8 | |
9 | Revision Changes Path |
10 | 1.1 dev-perl/HTTP-Body/files/HTTP-Body-1.190.0-CVE-2013-4407.patch |
11 | |
12 | file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-perl/HTTP-Body/files/HTTP-Body-1.190.0-CVE-2013-4407.patch?rev=1.1&view=markup |
13 | plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/dev-perl/HTTP-Body/files/HTTP-Body-1.190.0-CVE-2013-4407.patch?rev=1.1&content-type=text/plain |
14 | |
15 | Index: HTTP-Body-1.190.0-CVE-2013-4407.patch |
16 | =================================================================== |
17 | Description: Allow only word characters in filename suffixes |
18 | CVE-2013-4407: Allow only word characters in filename suffixes. An |
19 | attacker able to upload files to a service that uses |
20 | HTTP::Body::Multipart could use this issue to upload a file and create |
21 | a specifically-crafted temporary filename on the server, that when |
22 | processed without further validation, could allow execution of commands |
23 | on the server. |
24 | Origin: vendor |
25 | Bug: https://rt.cpan.org/Ticket/Display.html?id=88342 |
26 | Bug-Debian: http://bugs.debian.org/721634 |
27 | Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1005669 |
28 | Forwarded: no |
29 | Author: Salvatore Bonaccorso <carnil@××××××.org> |
30 | Last-Update: 2013-10-21 |
31 | |
32 | Updated by Andreas K. Huettel <dilfridge@g.o> for HTTP-Body-1.19 |
33 | |
34 | diff -ruN HTTP-Body-1.19.orig/lib/HTTP/Body/MultiPart.pm HTTP-Body-1.19/lib/HTTP/Body/MultiPart.pm |
35 | --- HTTP-Body-1.19.orig/lib/HTTP/Body/MultiPart.pm 2013-12-06 16:07:25.000000000 +0100 |
36 | +++ HTTP-Body-1.19/lib/HTTP/Body/MultiPart.pm 2014-11-30 23:17:19.652051615 +0100 |
37 | @@ -258,8 +258,8 @@ |
38 | |
39 | =cut |
40 | |
41 | -our $basename_regexp = qr/[^.]+(\.[^\\\/]+)$/; |
42 | -#our $basename_regexp = qr/(\.\w+(?:\.\w+)*)$/; |
43 | +#our $basename_regexp = qr/[^.]+(\.[^\\\/]+)$/; |
44 | +our $basename_regexp = qr/(\.\w+(?:\.\w+)*)$/; |
45 | |
46 | sub handler { |
47 | my ( $self, $part ) = @_; |