--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: opu: package kazehakase/0.4.2-1etch2
- From: Yavor Doganov <yavor@gnu.org>
- Date: Wed, 09 Dec 2009 17:22:24 +0200
- Message-id: <20091209152224.28858.38895.reportbug@keel.southway-varna.com>
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: opu
This is the same issue and fix as reported in #560185.
Please approve, thanks.
diff -u kazehakase-0.4.2/debian/patches/00list kazehakase-0.4.2/debian/patches/00list
--- kazehakase-0.4.2/debian/patches/00list
+++ kazehakase-0.4.2/debian/patches/00list
@@ -1,3 +1,4 @@
+CVE-2007-1084
05_add_missing
20_user_agent_tag
30_bookmarkbar_DSA
diff -u kazehakase-0.4.2/debian/changelog kazehakase-0.4.2/debian/changelog
--- kazehakase-0.4.2/debian/changelog
+++ kazehakase-0.4.2/debian/changelog
@@ -1,3 +1,11 @@
+kazehakase (0.4.2-1etch2) oldstable; urgency=low
+
+ * debian/patches/CVE-2007-1084.dpatch: New; disallow adding bookmarks
+ with data:/javascript: URIs (CVE-2007-1084, Closes: #556271).
+ * debian/patches/00list: Update.
+
+ -- Yavor Doganov <yavor@gnu.org> Wed, 09 Dec 2009 16:58:44 +0200
+
kazehakase (0.4.2-1etch1) stable-security; urgency=high
* Stop building against the bundled PCRE (v4.5) library, and instead
only in patch2:
unchanged:
--- kazehakase-0.4.2.orig/debian/patches/CVE-2007-1084.dpatch
+++ kazehakase-0.4.2/debian/patches/CVE-2007-1084.dpatch
@@ -0,0 +1,36 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## CVE-2007-1084.dpatch by Yavor Doganov <yavor@gnu.org>
+##
+## DP: Do not allow bookmarks with data:/javascript: URIs (CVE-2007-1084).
+
+@DPATCH@
+diff -urNad kazehakase-0.4.2~/src/actions/kz-actions.c kazehakase-0.4.2/src/actions/kz-actions.c
+--- kazehakase-0.4.2~/src/actions/kz-actions.c 2006-11-11 11:27:43.000000000 +0200
++++ kazehakase-0.4.2/src/actions/kz-actions.c 2009-12-09 16:57:58.000000000 +0200
+@@ -1133,6 +1133,26 @@
+
+ if (!uri) return;
+
++ /* Refuse to add a bookmark if the URI is data:/javascript:
++ (CVE-2007-1084). */
++ if (g_str_has_prefix(uri, "data:")
++ || g_str_has_prefix(uri, "javascript:"))
++ {
++ GtkWidget *dialog;
++
++ dialog = gtk_message_dialog_new(NULL,
++ GTK_DIALOG_DESTROY_WITH_PARENT,
++ GTK_MESSAGE_WARNING,
++ GTK_BUTTONS_CLOSE,
++ _("Adding this bookmark is disallowed for security reasons."));
++ gtk_window_set_title(GTK_WINDOW(dialog),
++ _("Security Warning"));
++ gtk_dialog_run(GTK_DIALOG(dialog));
++ gtk_widget_destroy(dialog);
++ return;
++ }
++
++
+ bookmark = kz_bookmark_new_with_attrs(title, uri, desc);
+ /* FIXME! show dialog */
+ if (sibling)
--- End Message ---