[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#790940: marked as done (wheezy-pu: package wesnoth-1.10/1:1.10.3-3+deb7u2)

Your message dated Sat, 05 Sep 2015 14:33:54 +0100
with message-id <1441460034.2151.33.camel@adam-barratt.org.uk>
and subject line Closing bugs for 7.9
has caused the Debian Bug report #790940,
regarding wheezy-pu: package wesnoth-1.10/1:1.10.3-3+deb7u2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
790940: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790940
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
User: release.debian.org@packages.debian.org
Usertags: pu
Tags: wheezy
Severity: normal
X-Debbugs-CC: rhonda@debian.org

Hi,

I'd like to upload wesnoth-1.10/1:1.10.3-3+deb7u2 to wheezy-pu to fix
CVE-2015-5069 and CVE-2015-5070 (these CVEs are marked no-dsa in the
security tracker and the security team has asked me to get these CVEs
fixed via a point update instead). These CVEs have already been fixed
in sid as of wesnoth-1.12/1:1.12.4-1. Debdiff below, thanks!

Regards,
Vincent


diff -Nru wesnoth-1.10-1.10.3/debian/changelog
wesnoth-1.10-1.10.3/debian/changelog
--- wesnoth-1.10-1.10.3/debian/changelog 2015-04-09 07:00:48.000000000 -0700
+++ wesnoth-1.10-1.10.3/debian/changelog 2015-07-01 13:51:32.000000000 -0700
@@ -1,3 +1,10 @@
+wesnoth-1.10 (1:1.10.3-3+deb7u2) wheezy; urgency=medium
+
+  * Security fix: Disallowed inclusion of .pbl files from WML, independent of
+    extension case (CVE-2015-5069, CVE-2015-5070).
+
+ -- Vincent Cheng <vcheng@debian.org>  Wed, 01 Jul 2015 13:30:12 -0700
+
 wesnoth-1.10 (1:1.10.3-3+deb7u1) wheezy-security; urgency=high

   * Pull af61f9fd from upstream to fix "Private file disclosure through
diff -Nru wesnoth-1.10-1.10.3/debian/patches/CVE-2015-5069-CVE-2015-5070.patch
wesnoth-1.10-1.10.3/debian/patches/CVE-2015-5069-CVE-2015-5070.patch
--- wesnoth-1.10-1.10.3/debian/patches/CVE-2015-5069-CVE-2015-5070.patch
1969-12-31 16:00:00.000000000 -0800
+++ wesnoth-1.10-1.10.3/debian/patches/CVE-2015-5069-CVE-2015-5070.patch
2015-07-01 13:32:55.000000000 -0700
@@ -0,0 +1,23 @@
+Description: Disallowed inclusion of .pbl files from WML, independent of
+ extension case (CVE-2015-5069, CVE-2015-5070).
+Origin: upstream, commits 055fea16479a755d6744a52f78f63548b692c440
+ and d20f8015bc3653a10d6d4dfd751e62651d1180b7
+Bug: https://gna.org/bugs/?23504
+Last-Update: 2015-07-01
+
+diff --git a/src/filesystem.cpp b/src/filesystem.cpp
+index 7b4bd95..510da80 100644
+--- a/src/filesystem.cpp
++++ b/src/filesystem.cpp
+@@ -1157,6 +1157,11 @@ std::string get_wml_location(const std::string
&filename, const std::string &cur
+ return result;
+ }
+
++ if (looks_like_pbl(filename)) {
++ ERR_FS << "Illegal path '" << filename << "' (.pbl files are not
allowed)." << std::endl;
++ return result;
++ }
++
+ bool already_found = false;
+
+ if (filename[0] == '~')
diff -Nru wesnoth-1.10-1.10.3/debian/patches/series
wesnoth-1.10-1.10.3/debian/patches/series
--- wesnoth-1.10-1.10.3/debian/patches/series 2015-04-08
10:14:12.000000000 -0700
+++ wesnoth-1.10-1.10.3/debian/patches/series 2015-07-01
13:51:48.000000000 -0700
@@ -1,3 +1,4 @@
 02wesnoth-nolog-desktop-file
 03wesnothd-name
 af61f9fdd15cd439da9e2fe5fa39d174c923eaae.patch
+CVE-2015-5069-CVE-2015-5070.patch

--- End Message ---
--- Begin Message --- 
Version: 7.9

Hi,

These bugs relate to updates which were included in the 7.9 point
release.

Regards,

Adam

--- End Message ---
Reply to: