Package: backuppc Version: 3.2.1-1 Severity: grave Tags: patch security Justification: user security hole User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu precise ubuntu-patch
In Ubuntu, the attached patch was applied to achieve the following: * SECURITY UPDATE: XSS in CGI/View.pm - lib/BackupPC/CGI/View.pm: update to verify backup number is numeric - CVE-2011-XXXX A CVE was requested on oss-security: http://www.openwall.com/lists/oss-security/2011/10/27/8 Thanks for considering the patch. -- System Information: Debian Release: wheezy/sid APT prefers oneiric-updates APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric') Architecture: amd64 (x86_64) Kernel: Linux 3.0.0-12-generic (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
diff -u backuppc-3.2.1/debian/changelog backuppc-3.2.1/debian/changelog diff -u backuppc-3.2.1/lib/BackupPC/CGI/View.pm backuppc-3.2.1/lib/BackupPC/CGI/View.pm --- backuppc-3.2.1/lib/BackupPC/CGI/View.pm +++ backuppc-3.2.1/lib/BackupPC/CGI/View.pm @@ -46,7 +46,7 @@ my $compress = 0; my $fh; my $host = $In{host}; - my $num = $In{num}; + my $num = ${EscHTML($In{num})}; my $type = $In{type}; my $linkHosts = 0; my($file, $comment);