rpms/wordpress/FC-6 wordpress-bz213985.patch, NONE, 1.1 wordpress.spec, 1.6, 1.7
John Berninger (jwb)
fedora-extras-commits at redhat.com
Sun Dec 3 18:09:48 UTC 2006
- Previous message (by thread): rpms/wordpress/FC-5 wordpress-bz213985.patch, NONE, 1.1 wordpress.spec, 1.6, 1.7
- Next message (by thread): rpms/wordpress/devel .cvsignore, 1.3, 1.4 sources, 1.3, 1.4 wordpress.spec, 1.6, 1.7
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: jwb
Update of /cvs/extras/rpms/wordpress/FC-6
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27417
Modified Files:
wordpress.spec
Added Files:
wordpress-bz213985.patch
Log Message:
Fix for BZ 213985
wordpress-bz213985.patch:
--- NEW FILE wordpress-bz213985.patch ---
diff -ruN wp-204/wp-content/plugins/wp-db-backup.php wp-205/wp-content/plugins/wp-db-backup.php
--- wp-204/wp-content/plugins/wp-db-backup.php 2006-07-26 18:56:56.000000000 -0400
+++ wp-205/wp-content/plugins/wp-db-backup.php 2006-09-25 14:51:54.000000000 -0400
@@ -4,7 +4,7 @@
Plugin URI: http://www.skippy.net/blog/plugins/
Description: On-demand backup of your WordPress database.
Author: Scott Merrill
-Version: 1.7
+Version: 1.8
Author URI: http://www.skippy.net/
Much of this was modified from Mark Ghosh's One Click Backup, which
@@ -69,7 +69,8 @@
$via = isset($_GET['via']) ? $_GET['via'] : 'http';
$this->backup_file = $_GET['backup'];
-
+ $this->validate_file($this->backup_file);
+
switch($via) {
case 'smtp':
case 'email':
@@ -95,6 +96,7 @@
}
if (isset($_GET['fragment'] )) {
list($table, $segment, $filename) = explode(':', $_GET['fragment']);
+ $this->validate_file($filename);
$this->backup_fragment($table, $segment, $filename);
}
@@ -881,6 +883,18 @@
return;
} // wp_cron_db_backup
+
+ function validate_file($file) {
+ if (false !== strpos($file, '..'))
+ die(__("Cheatin' uh ?"));
+
+ if (false !== strpos($file, './'))
+ die(__("Cheatin' uh ?"));
+
+ if (':' == substr($file, 1, 1))
+ die(__("Cheatin' uh ?"));
+ }
+
}
function wpdbBackup_init() {
Index: wordpress.spec
===================================================================
RCS file: /cvs/extras/rpms/wordpress/FC-6/wordpress.spec,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- wordpress.spec 27 Oct 2006 01:18:40 -0000 1.6
+++ wordpress.spec 3 Dec 2006 18:09:18 -0000 1.7
@@ -3,7 +3,7 @@
Name: wordpress
Version: 2.0.4
Group: Applications/Publishing
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPL
# Source0 with name-version does not work for web retrieval,
# latest.tar.gz does not work for build
@@ -11,6 +11,7 @@
Source0: http://wordpress.org/%{name}-%{version}.tar.gz
Source1: wordpress-httpd-conf
Source2: README.fedora.wordpress
+Patch0: wordpress-bz213985.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Requires: php >= 4.1.0, httpd, mysql-server, php-mysql
BuildArch: noarch
@@ -21,6 +22,7 @@
%prep
%setup -q -n wordpress
+%patch0 -p1
%install
mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/wordpress
@@ -72,6 +74,9 @@
%dir %{_sysconfdir}/wordpress
%changelog
+* Sun Dec 3 2006 John Berninger <jwb at redhat dot com> - 2.0.4-2
+- Fix wp-db-backup.php vuln in BZ 213985
+
* Thu Oct 26 2006 John Berninger <jwb at redhat dot com> - 2.0.4-1
- Doc fix for BZ 207822
- Previous message (by thread): rpms/wordpress/FC-5 wordpress-bz213985.patch, NONE, 1.1 wordpress.spec, 1.6, 1.7
- Next message (by thread): rpms/wordpress/devel .cvsignore, 1.3, 1.4 sources, 1.3, 1.4 wordpress.spec, 1.6, 1.7
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list