tags 429205 patch thanks Hi
Attached you will find the uploaded NMU patch. It should cover the major issue. For the other issues, I suggest filling a normal bug and leaving it open, until someone definetely confirms that they are fixed (I looked over them and a few seem to be fixed, others I could not get enough information). Cheers Steffen
diff -u moin-1.5.8/debian/changelog moin-1.5.8/debian/changelog
--- moin-1.5.8/debian/changelog
+++ moin-1.5.8/debian/changelog
@@ -1,3 +1,12 @@
+moin (1.5.8-4.1) unstable; urgency=high
+
+ * Non-maintainer upload by the testing-security team
+ * Include upstream patch to enable whitelisting, instead of
+ insufficient blacklisting for file uploads (Closes: #429205)
+ Fixes: CVE-2007-5156, CVE-2007-3163, CVE-2007-2630, CVE-2006-0658
+
+ -- Steffen Joeris <[EMAIL PROTECTED]> Sun, 21 Oct 2007 14:43:37 +0000
+
moin (1.5.8-4) unstable; urgency=low
* Sync with upstream HG development source as of today (patchset 851):
diff -u moin-1.5.8/debian/patches/series moin-1.5.8/debian/patches/series
--- moin-1.5.8/debian/patches/series
+++ moin-1.5.8/debian/patches/series
@@ -14,0 +15 @@
+020_CVE-whitelist.patch
only in patch2:
unchanged:
--- moin-1.5.8.orig/debian/patches/020_CVE-whitelist.patch
+++ moin-1.5.8/debian/patches/020_CVE-whitelist.patch
@@ -0,0 +1,60 @@
+--- config.php.orig 2007-10-21 16:24:57.000000000 +0200
++++ moin-1.5.3/wiki/htdocs/applets/FCKeditor/editor/filemanager/upload/php/config.php 2007-10-21 16:25:30.000000000 +0200
+@@ -26,8 +26,8 @@
+ // Path to uploaded files relative to the document root.
+ $Config['UserFilesPath'] = '/UserFiles/' ;
+
+-$Config['AllowedExtensions']['File'] = array() ;
+-$Config['DeniedExtensions']['File'] = array('php','php3','php5','phtml','asp','aspx','ascx','jsp','cfm','cfc','pl','bat','exe','dll','reg','cgi') ;
++$Config['AllowedExtensions']['File'] = array('7z', 'aiff', 'asf', 'avi', 'bmp', 'csv', 'doc', 'flv', 'gif', 'gz', 'gzip', 'jpeg', 'jpg', 'mid', 'mov', 'mp3', 'mp4', 'mpc', 'mpeg', 'mpg', 'ods', 'odt', 'pdf', 'png', 'ppt', 'pxd', 'qt', 'ram', 'rar', 'rm', 'rmi', 'rmvb', 'rtf', 'sdc', 'sitd', 'swf', 'sxc', 'sxw', 'tar', 'tgz', 'tif', 'tiff', 'txt', 'vsd', 'wav', 'wma', 'wmv', 'xls', 'xml', 'zip') ;
++$Config['DeniedExtensions']['File'] = array() ;
+
+ $Config['AllowedExtensions']['Image'] = array('jpg','gif','jpeg','png') ;
+ $Config['DeniedExtensions']['Image'] = array() ;
+@@ -35,4 +35,4 @@
+ $Config['AllowedExtensions']['Flash'] = array('swf','fla') ;
+ $Config['DeniedExtensions']['Flash'] = array() ;
+
+-?>
+\ No newline at end of file
++?>
+--- config.php.orig 2007-10-21 16:26:27.000000000 +0200
++++ moin-1.5.3/wiki/htdocs/applets/FCKeditor/editor/filemanager/browser/default/connectors/php/config.php 2007-10-21 16:27:16.000000000 +0200
+@@ -32,8 +32,8 @@
+ // Attention: The above 'UserFilesPath' must point to the same directory.
+ $Config['UserFilesAbsolutePath'] = '' ;
+
+-$Config['AllowedExtensions']['File'] = array() ;
+-$Config['DeniedExtensions']['File'] = array('php','php3','php5','phtml','asp','aspx','ascx','jsp','cfm','cfc','pl','bat','exe','dll','reg','cgi') ;
++$Config['AllowedExtensions']['File'] = array('7z', 'aiff', 'asf', 'avi', 'bmp', 'csv', 'doc', 'flv', 'gif', 'gz', 'gzip', 'jpeg', 'jpg', 'mid', 'mov', 'mp3', 'mp4', 'mpc', 'mpeg', 'mpg', 'ods', 'odt', 'pdf', 'png', 'ppt', 'pxd', 'qt', 'ram', 'rar', 'rm', 'rmi', 'rmvb', 'rtf', 'sdc', 'sitd', 'swf', 'sxc', 'sxw', 'tar', 'tgz', 'tif', 'tiff', 'txt', 'vsd', 'wav', 'wma', 'wmv', 'xls', 'xml', 'zip') ;
++$Config['DeniedExtensions']['File'] = array() ;
+
+ $Config['AllowedExtensions']['Image'] = array('jpg','gif','jpeg','png') ;
+ $Config['DeniedExtensions']['Image'] = array() ;
+@@ -44,4 +44,4 @@
+ $Config['AllowedExtensions']['Media'] = array('swf','fla','jpg','gif','jpeg','png','avi','mpg','mpeg') ;
+ $Config['DeniedExtensions']['Media'] = array() ;
+
+-?>
+\ No newline at end of file
++?>
+--- fckconfig.js.orig 2007-10-21 16:28:02.000000000 +0200
++++ moin-1.5.3/wiki/htdocs/applets/FCKeditor/fckconfig.js 2007-10-21 16:28:46.000000000 +0200
+@@ -153,8 +153,8 @@
+
+ FCKConfig.LinkUpload = true ;
+ FCKConfig.LinkUploadURL = FCKConfig.BasePath + 'filemanager/upload/' + FCKConfig.QuickUploadLanguage + '/upload.' + _QuickUploadLanguage ;
+-FCKConfig.LinkUploadAllowedExtensions = "" ; // empty for all
+-FCKConfig.LinkUploadDeniedExtensions = ".(php|php3|php5|phtml|asp|aspx|ascx|jsp|cfm|cfc|pl|bat|exe|dll|reg|cgi)$" ; // empty for no one
++FCKConfig.LinkUploadAllowedExtensions = ".('7z', 'aiff', 'asf', 'avi', 'bmp', 'csv', 'doc', 'flv', 'gif', 'gz', 'gzip', 'jpeg', 'jpg', 'mid', 'mov', 'mp3', 'mp4', 'mpc', 'mpeg', 'mpg', 'ods', 'odt', 'pdf', 'png', 'ppt', 'pxd', 'qt', 'ram', 'rar', 'rm', 'rmi', 'rmvb', 'rtf', 'sdc', 'sitd', 'swf', 'sxc', 'sxw', 'tar', 'tgz', 'tif', 'tiff', 'txt', 'vsd', 'wav', 'wma', 'wmv', 'xls', 'xml', 'zip')$" ; // empty for all
++FCKConfig.LinkUploadDeniedExtensions = "" ; // empty for no one
+
+ FCKConfig.ImageUpload = true ;
+ FCKConfig.ImageUploadURL = FCKConfig.BasePath + 'filemanager/upload/' + FCKConfig.QuickUploadLanguage + '/upload.' + _QuickUploadLanguage + '?Type=Image' ;
+@@ -172,4 +172,4 @@
+ FCKConfig.SmileyWindowWidth = 320 ;
+ FCKConfig.SmileyWindowHeight = 240 ;
+
+-if( window.console ) window.console.log( 'Config is loaded!' ) ; // @Packager.Compactor.RemoveLine
+\ No newline at end of file
++if( window.console ) window.console.log( 'Config is loaded!' ) ; // @Packager.Compactor.RemoveLine
signature.asc
Description: This is a digitally signed message part.
