Bug#447753: CVE-2007-5588 cross-site scripting

Sat, 27 Oct 2007 06:28:26 -0700 

tags 447753 + patch
thanks
Hi,
the attached patch for an NMU fixes this problem.
It will be also archived on:
http://people.debian.org/~nion/nmu-diff/mnogosearch-3.3.4-4_3.3.4-4.1.patch

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

diff -u mnogosearch-3.3.4/debian/changelog mnogosearch-3.3.4/debian/changelog
--- mnogosearch-3.3.4/debian/changelog
+++ mnogosearch-3.3.4/debian/changelog
@@ -1,3 +1,10 @@
+mnogosearch (3.3.4-4.1) unstable; urgency=high
+
+  * Non-maintainer upload by testing security team.
+  * Fix cross-site scripting (CVE-2007-5588) (Closes: #447753).
+
+ -- Nico Golde <[EMAIL PROTECTED]>  Sat, 27 Oct 2007 14:50:29 +0200
+
 mnogosearch (3.3.4-4) unstable; urgency=low
 
   * Upload to unstable.
only in patch2:
unchanged:
--- mnogosearch-3.3.4.orig/etc/search.htm-dist
+++ mnogosearch-3.3.4/etc/search.htm-dist
@@ -122,25 +122,25 @@
     <TD>Match:</TD>
     <TD>
       <SELECT NAME="m">
-        <OPTION VALUE="all"  SELECTED="$(m)">All
-        <OPTION VALUE="any"  SELECTED="$(m)">Any
-        <OPTION VALUE="bool" SELECTED="$(m)">Boolean
+        <OPTION VALUE="all"  SELECTED="$&(m)">All
+        <OPTION VALUE="any"  SELECTED="$&(m)">Any
+        <OPTION VALUE="bool" SELECTED="$&(m)">Boolean
       </SELECT>
     </TD>
     <TD>Results per page:</TD>
     <TD>
       <SELECT NAME="ps">
-        <OPTION VALUE="10" SELECTED="$(ps)">10
-        <OPTION VALUE="20" SELECTED="$(ps)">20
-        <OPTION VALUE="50" SELECTED="$(ps)">50
+        <OPTION VALUE="10" SELECTED="$&(ps)">10
+        <OPTION VALUE="20" SELECTED="$&(ps)">20
+        <OPTION VALUE="50" SELECTED="$&(ps)">50
       </SELECT>
     </TD>
     <TD>Output format:</TD>
     <TD>
       <SELECT NAME="fmt">
-        <OPTION VALUE="long"  SELECTED="$(fmt)">Long
-        <OPTION VALUE="short" SELECTED="$(fmt)">Short
-        <OPTION VALUE="url"   SELECTED="$(fmt)">URL
+        <OPTION VALUE="long"  SELECTED="$&(fmt)">Long
+        <OPTION VALUE="short" SELECTED="$&(fmt)">Short
+        <OPTION VALUE="url"   SELECTED="$&(fmt)">URL
       </SELECT>
     </TD>
   </TR>
@@ -149,24 +149,24 @@
     <TD>Search for:</TD>
     <TD>
       <SELECT NAME="wm">
-        <OPTION VALUE="wrd" SELECTED="$(wm)">Whole word
-        <OPTION VALUE="beg" SELECTED="$(wm)">Beginning
-        <OPTION VALUE="end" SELECTED="$(wm)">Ending
-        <OPTION VALUE="sub" SELECTED="$(wm)">Substring
+        <OPTION VALUE="wrd" SELECTED="$&(wm)">Whole word
+        <OPTION VALUE="beg" SELECTED="$&(wm)">Beginning
+        <OPTION VALUE="end" SELECTED="$&(wm)">Ending
+        <OPTION VALUE="sub" SELECTED="$&(wm)">Substring
       </SELECT>
     </TD>
     <TD>Words forms:</TD>
     <TD>
        <SELECT NAME="sp">
-         <OPTION VALUE="1"  SELECTED="$(sp)">All
-         <OPTION VALUE="0" SELECTED="$(sp)">Exact
+         <OPTION VALUE="1"  SELECTED="$&(sp)">All
+         <OPTION VALUE="0" SELECTED="$&(sp)">Exact
        </SELECT>
     </TD>
     <TD>Use synonyms:</TD>
     <TD>
       <SELECT NAME="sy">
-        <OPTION VALUE="1"  SELECTED="$(sy)">Yes
-        <OPTION VALUE="0" SELECTED="$(sy)">No
+        <OPTION VALUE="1"  SELECTED="$&(sy)">Yes
+        <OPTION VALUE="0" SELECTED="$&(sy)">No
       </SELECT>
     </TD>
   </TR>
@@ -176,19 +176,19 @@
     <TD>In:</TD>
     <TD>
       <SELECT NAME="wf">
-        <OPTION VALUE="2221"  SELECTED="$(wf)">Whole document
-        <OPTION VALUE="2000"  SELECTED="$(wf)">Description
-        <OPTION VALUE="0200"  SELECTED="$(wf)">Keywords
-        <OPTION VALUE="0020"  SELECTED="$(wf)">Title
-        <OPTION VALUE="0001"  SELECTED="$(wf)">Body
+        <OPTION VALUE="2221"  SELECTED="$&(wf)">Whole document
+        <OPTION VALUE="2000"  SELECTED="$&(wf)">Description
+        <OPTION VALUE="0200"  SELECTED="$&(wf)">Keywords
+        <OPTION VALUE="0020"  SELECTED="$&(wf)">Title
+        <OPTION VALUE="0001"  SELECTED="$&(wf)">Body
       </SELECT>
     </TD>
     <TD>Document types:</TD>
     <TD>
       <SELECT NAME="type">
-        <OPTION VALUE=""           SELECTED="$(type)">all types
-        <OPTION VALUE="text/html"  SELECTED="$(type)">text/html
-        <OPTION VALUE="text/plain" SELECTED="$(type)">text/plain
+        <OPTION VALUE=""           SELECTED="$&(type)">all types
+        <OPTION VALUE="text/html"  SELECTED="$&(type)">text/html
+        <OPTION VALUE="text/plain" SELECTED="$&(type)">text/plain
       </SELECT>
     </TD>
     <TD>
@@ -213,10 +213,10 @@
     <TD>Search through:</TD>
     <TD>
       <SELECT NAME="t">
-        <OPTION VALUE=""  SELECTED="$(t)">All sites
-        <OPTION VALUE="1" SELECTED="$(t)">Sport
-        <OPTION VALUE="2" SELECTED="$(t)">Technology
-        <OPTION VALUE="3" SELECTED="$(t)">Shopping
+        <OPTION VALUE=""  SELECTED="$&(t)">All sites
+        <OPTION VALUE="1" SELECTED="$&(t)">Sport
+        <OPTION VALUE="2" SELECTED="$&(t)">Technology
+        <OPTION VALUE="3" SELECTED="$&(t)">Shopping
       </SELECT>
     </TD>
    </TR>
only in patch2:
unchanged:
--- mnogosearch-3.3.4.orig/src/template.c
+++ mnogosearch-3.3.4/src/template.c
@@ -814,7 +814,7 @@
 
   if(vname)
   {
-    var = UdmVarListFindWithValue(vars, UdmTrim(vname, "$()"), value ? value:"");
+    var = UdmVarListFindWithValue(vars, UdmTrim(vname, "$&()"), value ? value:"");
   }
 
   sprintf(UDM_STREND(opt), "%s>", var ? " selected=\"selected\"":"");

Attachment: pgp9GFwKOV09Z.pgp
Description: PGP signature

Reply via email to