Hi, as a security fix can be aplied to stable clients too? 5.0.X and 6.X Thanks
-- Eduard Carreras i Nadal On 04/07/2011, at 7:46, "Naresh\(OpenERP\)" <[email protected]> wrote: > Hello, > > Thanks for reporting ! > > It has been fixed at lp:~openerp-dev/openobject-client/trunk- > bug-671926-nch and will be merged soon to the trunk client. > > > Thanks ! > > ** Changed in: openobject-client > Status: In Progress => Fix Committed > > -- > You received this bug notification because you are subscribed to the bug > report. > https://bugs.launchpad.net/bugs/671926 > > Title: > NET-RPC client-side stack should sanitize pickled data > > Status in OpenERP GTK Client: > Fix Committed > Status in OpenERP GTK Client 5.0 series: > Confirmed > Status in OpenERP Web Client: > Confirmed > Status in OpenERP Web Client 5.0 series: > Confirmed > > Bug description: > It's possible to execute arbritrary code on client using net-rpc > (pickle protocol) see http://nadiana.com/python-pickle-insecure > > If you use the client to connect to some demo server and this demo > server is malicious, it can send malicious code which is executed in > client side. > > I attach a exploit server who sends code to execute to client. Run a > ls -l and redirect the output to proof_of_exploit.txt file. > > This bug was fixed in the server, but not in the client. > Affects versions 4.2, 5.X and 6.X > > To manage notifications about this bug go to: > https://bugs.launchpad.net/openobject-client/+bug/671926/+subscriptions -- You received this bug notification because you are a member of OpenERP sa GTK client R&D, which is a bug assignee. https://bugs.launchpad.net/bugs/671926 Title: NET-RPC client-side stack should sanitize pickled data Status in OpenERP GTK Client: Fix Committed Status in OpenERP GTK Client 5.0 series: Confirmed Status in OpenERP Web Client: Confirmed Status in OpenERP Web Client 5.0 series: Confirmed Bug description: It's possible to execute arbritrary code on client using net-rpc (pickle protocol) see http://nadiana.com/python-pickle-insecure If you use the client to connect to some demo server and this demo server is malicious, it can send malicious code which is executed in client side. I attach a exploit server who sends code to execute to client. Run a ls -l and redirect the output to proof_of_exploit.txt file. This bug was fixed in the server, but not in the client. Affects versions 4.2, 5.X and 6.X To manage notifications about this bug go to: https://bugs.launchpad.net/openobject-client/+bug/671926/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~openerp-dev-gtk Post to : [email protected] Unsubscribe : https://launchpad.net/~openerp-dev-gtk More help : https://help.launchpad.net/ListHelp
