Re: upload processing resumed
On ven., 2012-12-07 at 22:01 +0100, Joerg Jaspert wrote:
> On 13053 March 1977, Arno Töll wrote:
> >> Thanks for securing it quickly :) Is there any danger of the vulnerable
> >> code being in use on other systems, e.g. as part of a dak install?
> > Indeed, thanks for fixing the issue so fast.
>
> > But full disclosure FTW. Now, that the problem is fixed please share
> > some details about the nature of the vulnerability.
>
> All our commits are open and get to the -dak list too.
> The basic summary is "really old code that needs to be replaced,
> really". In this case - a possible attack using the help of shell
> metacharacters by a specially prepared filename due to not checking if
> such characters are in the filename AND using perls open function in the
> way it lets shell help it.
>
> My quick fix only ensured we don't have meta characters, Ansgar invested
> some more time and rewrote the code in question much more. And fixed a
> number of other issues too. For details there: read the commits. :)
>
Is dak is present in a “released” state somewhere? Do other people use
those releases? Meaning, should we ask for a CVE for this?
Regards,
--
Yves-Alexis
Reply to: