X-Loop [email protected]: Resent-Date: Wed, 19 Aug 2009 03:45:02 +0000 Resent-Message-ID: <[email protected]> Resent-Sender: [email protected] X-Debian-PR-Message: report 542329 X-Debian-PR-Package: burn X-Debian-PR-Keywords: security X-Debian-PR-Source: burn Received: via spool by [email protected] id=B.125065338117423 (code B ref -1); Wed, 19 Aug 2009 03:45:02 +0000 Received: (at submit) by bugs.debian.org; 19 Aug 2009 03:43:01 +0000 X-Spam-Checker-Version: SpamAssassin 3.2.3-bugs.debian.org_2005_01_02 (2007-08-08) on rietz.debian.org X-Spam-Level: X-Spam-Bayes: score:0.0000 Tokens: new, 45; hammy, 150; neutral, 110; spammy, 1. spammytokens:0.995-1--quotation hammytokens:0.000-+--H*u:1.5.20, 0.000-+--H*UA:1.5.20, 0.000-+--H*u:2009-06-14, 0.000-+--H*UA:2009-06-14, 0.000-+--Severity X-Spam-Status: No, score=-11.9 required=4.0 tests=BAYES_00,FOURLA,HAS_PACKAGE, MURPHY_DRUGS_REL8,UNPARSEABLE_RELAY,X_DEBBUGS_CC autolearn=ham version=3.2.3-bugs.debian.org_2005_01_02 Received: from arthur2.pweis.com ([87.106.5.233]) by rietz.debian.org with esmtp (Exim 4.63) (envelope-from <[email protected]>) id 1Mdc4j-0004WL-8R for [email protected]; Wed, 19 Aug 2009 03:43:01 +0000 Received: from zaphod (authenticated) by s15342663.onlinehome-server.info with esmtps (Exim 4.63 #1 (Debian)) id 1Mdc4h-0006IQ-7k for <[email protected]>; Wed, 19 Aug 2009 03:42:59 +0000 Received: from pweis by zaphod with local (Exim 4.69 #1 (Debian)) id 1Mdc4f-00039s-00 for <[email protected]>; Tue, 18 Aug 2009 23:42:57 -0400 Date: Tue, 18 Aug 2009 23:42:56 -0400 From: Philipp Weis <[email protected]> To: Debian Bug Tracking System <[email protected]> Message-ID: <[email protected]> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="fUYQa+Pmc3FrFX/N" Content-Disposition: inline X-Reportbug-Version: 4.6 User-Agent: Mutt/1.5.20 (2009-06-14) Delivered-To: [email protected]
--fUYQa+Pmc3FrFX/N Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Package: burn Version: 0.4.4-1 Severity: normal Tags: security Hey there, I just discovered that burn has trouble with quotation marks in file names, and on a closer inspection it seems as if this actually has security implications. I attached a tiny patch that fixes three of the quotation problems, but there seem to be more issues like this in the code, and I don't have the time right now to look closely at all of them. For a demonstration of the problem, create a valid ogg file and name it " | date #".ogg Then run burn -A -a *.ogg, and burn will happily print the current date. Philipp -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (600, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.30 (SMP w/2 CPU cores) Locale: LANG=3Den_US.UTF-8, LC_CTYPE=3Den_US.UTF-8 (charmap=3DUTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages burn depends on: ii cdrdao 1:1.2.2-17 records CDs in Disk-At-Once (D= AO)=20 ii genisoimage 9:1.1.9-1 Creates ISO-9660 CD-ROM filesy= stem ii mpg321 0.2.10.6 mpg123 clone that doesn't use = floa ii python 2.5.4-2 An interactive high-level obje= ct-o ii python-eyed3 0.6.17-1 Python module for id3-tags man= ipul ii python-pyao 0.82-2.1 A Python interface to the Audi= o Ou ii python-pymad 0.5.4-3.2+b1 Python wrapper to the MPEG Aud= io D ii python-pyvorbis 1.4-2 Python interface to the Ogg Vo= rbis ii python-support 1.0.3 automated rebuilding support f= or P ii wodim 9:1.1.9-1 command line CD/DVD writing to= ol burn recommends no packages. burn suggests no packages. -- no debconf information -- debsums errors found: debsums: checksum mismatch burn file /usr/share/pyshared/burnlib/burn.py --=20 Philipp Weis --fUYQa+Pmc3FrFX/N Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEARECAAYFAkqLdMAACgkQzxf2HvbDMknPDgCgkBP0iGJzSmiYJIQgCiG4kHUN YW0AnRee8Wcd2KmFcmpiapY5fmCzTRrH =N8r8 -----END PGP SIGNATURE----- --fUYQa+Pmc3FrFX/N-- _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
