Details: https://nvd.nist.gov/vuln/detail/CVE-2025-67738
Backport the patch that is referenced by the NVD advisory as the solution. Signed-off-by: Gyorgy Sarvari <[email protected]> --- .../webmin/files/CVE-2025-67738.patch | 37 +++++++++++++++++++ .../recipes-webadmin/webmin/webmin_2.501.bb | 3 +- 2 files changed, 39 insertions(+), 1 deletion(-) create mode 100644 meta-webserver/recipes-webadmin/webmin/files/CVE-2025-67738.patch diff --git a/meta-webserver/recipes-webadmin/webmin/files/CVE-2025-67738.patch b/meta-webserver/recipes-webadmin/webmin/files/CVE-2025-67738.patch new file mode 100644 index 0000000000..b29f813e72 --- /dev/null +++ b/meta-webserver/recipes-webadmin/webmin/files/CVE-2025-67738.patch @@ -0,0 +1,37 @@ +From 8729e319979290fea6f4bd8a1664fa41fde24d17 Mon Sep 17 00:00:00 2001 +From: Jamie Cameron <[email protected]> +Date: Wed, 29 Oct 2025 22:02:29 -0700 +Subject: [PATCH] Fix quoting of args + +CVE: CVE-2025-67738 +Upstream-Status: Backport [https://github.com/webmin/webmin/commit/1a52bf4d72f9da6d79250c66e51f41c6f5b880ee] +Signed-off-by: Gyorgy Sarvari <[email protected]> +--- + squid/cachemgr.cgi | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/squid/cachemgr.cgi b/squid/cachemgr.cgi +index 10548b50..59a4009d 100755 +--- a/squid/cachemgr.cgi ++++ b/squid/cachemgr.cgi +@@ -14,6 +14,7 @@ my ($mgr) = glob($config{'cachemgr_path'}); + if (&has_command($mgr)) { + $| = 1; + my $temp; ++ my $args = join(" ", map { quotemeta($_) } @ARGV); + if ($ENV{'REQUEST_METHOD'} eq 'POST') { + # Deal with POST data + my $post; +@@ -23,10 +24,10 @@ if (&has_command($mgr)) { + &open_tempfile($fh, ">$temp", 0, 1); + &print_tempfile($fh, $post); + &close_tempfile($fh); +- open(MGR, "$mgr ".join(" ", @ARGV)." <$temp |"); ++ open(MGR, "$mgr $args <$temp |"); + } + else { +- open(MGR, "$mgr ".join(" ", @ARGV)." |"); ++ open(MGR, "$mgr $args |"); + } + while(<MGR>) { + print; diff --git a/meta-webserver/recipes-webadmin/webmin/webmin_2.501.bb b/meta-webserver/recipes-webadmin/webmin/webmin_2.501.bb index 2c807947e4..7e09ec3664 100644 --- a/meta-webserver/recipes-webadmin/webmin/webmin_2.501.bb +++ b/meta-webserver/recipes-webadmin/webmin/webmin_2.501.bb @@ -18,7 +18,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/webadmin/webmin-${PV}.tar.gz \ file://media-tomb.patch \ file://mysql-config-fix.patch \ file://webmin.service \ - " + file://CVE-2025-67738.patch \ + " SRC_URI[sha256sum] = "0f2772a582d4c4cf24085993729cfc94df2a64d619cefede5400c24b02efb08f" UPSTREAM_CHECK_URI = "http://www.webmin.com/download.html"; UPSTREAM_CHECK_REGEX = "webmin-(?P<pver>\d+(\.\d+)+).tar.gz"
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#124567): https://lists.openembedded.org/g/openembedded-devel/message/124567 Mute This Topic: https://lists.openembedded.org/mt/117963238/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
