OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Thomas Lotterer
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 21-May-2004 18:06:04
Branch: OPENPKG_1_3_SOLID Handle: 2004052117060400
Modified files: (Branch: OPENPKG_1_3_SOLID)
openpkg-src/rsync rsync.patch rsync.spec
Log:
SA-2004.025-rsync; CAN-2004-0426
Summary:
Revision Changes Path
1.3.2.1.2.2 +75 -0 openpkg-src/rsync/rsync.patch
1.39.2.3.2.3+1 -1 openpkg-src/rsync/rsync.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/rsync/rsync.patch
============================================================================
$ cvs diff -u -r1.3.2.1.2.1 -r1.3.2.1.2.2 rsync.patch
--- openpkg-src/rsync/rsync.patch 4 Dec 2003 15:41:42 -0000 1.3.2.1.2.1
+++ openpkg-src/rsync/rsync.patch 21 May 2004 16:06:04 -0000 1.3.2.1.2.2
@@ -579,3 +579,78 @@
+ return malloc(size * num);
+ return realloc(ptr, size * num);
+}
+
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0426
+ rsync before 2.6.1 does not properly sanitize paths when running
+ a read/write daemon without using chroot, which allows remote
+ attackers to write files outside of the module's path.
+
+Index: util.c
+--- util.c.256 2003-01-19 22:37:11.000000000 +0100
++++ util.c 2004-05-21 15:16:56.000000000 +0200
+@@ -699,7 +692,7 @@
+ }
+
+
+-static char curr_dir[MAXPATHLEN];
++char curr_dir[MAXPATHLEN];
+
+ /**
+ * Like chdir() but can be reversed with pop_dir() if @p save is set.
+
+Index: options.c
+--- options.c.256 2003-01-28 04:11:57.000000000 +0100
++++ options.c 2004-05-21 14:40:47.000000000 +0200
+@@ -21,6 +21,8 @@
+ #include "rsync.h"
+ #include "popt.h"
+
++extern int sanitize_paths;
++extern char curr_dir[MAXPATHLEN];
+ int make_backups = 0;
+
+ /**
+@@ -450,6 +452,7 @@
+ {
+ int opt;
+ char *ref = lp_refuse_options(module_id);
++ char *arg;
+ poptContext pc;
+
+ /* TODO: Call poptReadDefaultConfig; handle errors. */
+@@ -504,11 +507,17 @@
+ break;
+
+ case OPT_EXCLUDE_FROM:
+- add_exclude_file(poptGetOptArg(pc), 1, 0);
++ arg = (char *)poptGetOptArg(pc);
++ if (sanitize_paths)
++ sanitize_path(arg, curr_dir);
++ add_exclude_file(arg, 1, 0);
+ break;
+
+ case OPT_INCLUDE_FROM:
+- add_exclude_file(poptGetOptArg(pc), 1, 1);
++ arg = (char *)poptGetOptArg(pc);
++ if (sanitize_paths)
++ sanitize_path(arg, curr_dir);
++ add_exclude_file(arg, 1, 1);
+ break;
+
+ case OPT_WHOLE_FILE:
+@@ -637,6 +646,15 @@
+ else
+ *argc = 0;
+
++ if (sanitize_paths) {
++ if (tmpdir)
++ sanitize_path(tmpdir, curr_dir);
++ if (compare_dest)
++ sanitize_path(compare_dest, curr_dir);
++ if (backup_dir)
++ sanitize_path(backup_dir, curr_dir);
++ }
++
+ return 1;
+ }
+
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/rsync/rsync.spec
============================================================================
$ cvs diff -u -r1.39.2.3.2.2 -r1.39.2.3.2.3 rsync.spec
--- openpkg-src/rsync/rsync.spec 4 Dec 2003 15:41:42 -0000 1.39.2.3.2.2
+++ openpkg-src/rsync/rsync.spec 21 May 2004 16:06:04 -0000 1.39.2.3.2.3
@@ -33,7 +33,7 @@
Group: Filesystem
License: GPL
Version: 2.5.6
-Release: 1.3.1
+Release: 1.3.2
# list of sources
Source0: http://rsync.samba.org/ftp/rsync/rsync-%{version}.tar.gz
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
