rpms/kdewebdev/FC-3 post-3.3.2-kdewebdev-kommander.diff, NONE, 1.1 kdewebdev.spec, 1.2, 1.3
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Apr 27 17:58:59 UTC 2005
Author: than
Update of /cvs/dist/rpms/kdewebdev/FC-3
In directory cvs.devel.redhat.com:/tmp/cvs-serv3888
Modified Files:
kdewebdev.spec
Added Files:
post-3.3.2-kdewebdev-kommander.diff
Log Message:
apply patch to fix CAN-2005-0754, Kommander untrusted code execution
post-3.3.2-kdewebdev-kommander.diff:
instance.cpp | 29 +++++++++++++++++++++++++++++
1 files changed, 29 insertions(+)
--- NEW FILE post-3.3.2-kdewebdev-kommander.diff ---
Index: kommander/executor/instance.cpp
===================================================================
RCS file: /home/kde/kdewebdev/kommander/executor/instance.cpp,v
retrieving revision 1.42
retrieving revision 1.42.2.1
diff -u -3 -d -p -r1.42 -r1.42.2.1
--- kommander/executor/instance.cpp 20 Jul 2004 19:04:40 -0000 1.42
+++ kommander/executor/instance.cpp 21 Apr 2005 23:35:59 -0000 1.42.2.1
@@ -131,6 +131,35 @@ bool Instance::build(QFile *a_file)
bool Instance::run(QFile *a_file)
{
+ // Check whether extension is *.kmdr
+ if (!m_uiFileName.fileName().endsWith(".kmdr")) {
+ KMessageBox::error(0, i18n("<qt>This file does not have a <b>.kmdr</b> extension. As a security precaution "
+ "Kommander will only run Kommander scripts with a clear identity.</qt>"),
+ i18n("Wrong Extension"));
+ return false;
+ }
+
+ // Check whether file is not in some temporary directory.
+ QStringList tmpDirs = KGlobal::dirs()->resourceDirs("tmp");
+ tmpDirs += KGlobal::dirs()->resourceDirs("cache");
+ tmpDirs.append("/tmp/");
+ tmpDirs.append("/var/tmp/");
+
+ bool inTemp = false;
+ for (QStringList::ConstIterator I = tmpDirs.begin(); I != tmpDirs.end(); ++I)
+ if (m_uiFileName.directory().startsWith(*I))
+ inTemp = true;
+
+ if (inTemp)
+ {
+ if (KMessageBox::warningYesNo(0, i18n("<qt>This dialog is running from your <i>/tmp</i> directory. "
+ " This may mean that it was run from a KMail attachment or from a webpage. "
+ "<p>Any script contained in this dialog will have write access to all of your home directory; "
+ "<b>running such dialogs may be dangerous: </b>"
+ "<p>are you sure you want to continue?</qt>")) == KMessageBox::No)
+ return false;
+ }
+
/* add runtime arguments */
if (m_cmdArguments) {
QString args;
Index: kdewebdev.spec
===================================================================
RCS file: /cvs/dist/rpms/kdewebdev/FC-3/kdewebdev.spec,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- kdewebdev.spec 18 Oct 2004 19:44:18 -0000 1.2
+++ kdewebdev.spec 27 Apr 2005 17:58:57 -0000 1.3
@@ -7,7 +7,7 @@
%define kde_version 3.3.1
Version: 3.3.1
-Release: 2
+Release: 2.1
Summary: WEB Development package for the K Desktop Environment.
Name: kdewebdev
Url: http://quanta.sourceforge.net/
@@ -24,6 +24,8 @@
Source4: http://download.sourceforge.net/quanta/javascript.tar.bz2
Patch0: javascript.patch
+# KDE Security Advisory: Kommander untrusted code execution CAN-2005-0754
+Patch1: post-3.3.2-kdewebdev-kommander.diff
Prereq: /sbin/ldconfig
Requires: kdelibs >= %{kde_version}
@@ -54,6 +56,7 @@
%prep
%setup -q -a 1 -a 2 -a 3 -a 4
%patch0 -p0 -b .javascript
+%patch1 -p0 -b .CAN-2005-0754
%build
QTDIR="" && . /etc/profile.d/qt.sh
@@ -133,6 +136,10 @@
%{_includedir}/*
%changelog
+* Wed Apr 27 2005 Than Ngo <than at redhat.com> 6:3.3.1-2.1
+- apply patch to fix CAN-2005-0754, Kommander untrusted code execution,
+ thanks to KDE security team
+
* Mon Oct 18 2004 Than Ngo <than at redhat.com> 6:3.3.1-2
- rebuilt
More information about the fedora-cvs-commits
mailing list