rpms/roundcubemail/devel roundcubemail-0.2-beta-CVE-2008-5620.patch, NONE, 1.1 roundcubemail.spec, 1.16, 1.17
Jon Ciesla
limb at fedoraproject.org
Wed Dec 17 17:37:42 UTC 2008
Author: limb
Update of /cvs/pkgs/rpms/roundcubemail/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19393
Modified Files:
roundcubemail.spec
Added Files:
roundcubemail-0.2-beta-CVE-2008-5620.patch
Log Message:
CVE-2008-5620.
roundcubemail-0.2-beta-CVE-2008-5620.patch:
--- NEW FILE roundcubemail-0.2-beta-CVE-2008-5620.patch ---
--- /home/limb/rpmbuild/BUILD/roundcubemail-0.2-beta-dep/bin/html2text.php 2008-09-12 06:22:43.000000000 -0500
+++ html2text.php 2008-12-16 11:21:24.000000000 -0600
@@ -1,0 +2 @@
+/*
@@ -3 +4,19 @@
-define('INSTALL_PATH', realpath('./../') . '/');
+ +-----------------------------------------------------------------------+
+ | bin/html2text.php |
+ | |
+ | This file is part of the RoundCube Webmail client |
+ | Copyright (C) 2005-2008, RoundCube Dev. - Switzerland |
+ | Licensed under the GNU GPL |
+ | |
+ | PURPOSE: |
+ | Convert HTML message to plain text |
+ | |
+ +-----------------------------------------------------------------------+
+ | Author: Thomas Bruederli <roundcube at gmail.com> |
+ +-----------------------------------------------------------------------+
+
+ $Id: html2text.php 2070 2008-11-20 10:29:34Z alec $
+
+*/
+
+define('INSTALL_PATH', realpath(dirname(__FILE__) . '/..') . '/');
@@ -6 +25 @@
-$converter = new html2text(html_entity_decode($HTTP_RAW_POST_DATA, ENT_COMPAT, 'UTF-8'));
+$converter = new html2text($HTTP_RAW_POST_DATA);
--- /home/limb/rpmbuild/BUILD/roundcubemail-0.2-beta-dep/bin/quotaimg.php 2008-09-12 11:48:23.000000000 -0500
+++ quotaimg.php 2008-12-16 11:21:30.000000000 -0600
@@ -4 +4 @@
- | program/bin/quotaimg.php |
+ | bin/quotaimg.php |
@@ -7 +7 @@
- | Copyright (C) 2005-2007, RoundCube Dev. - Switzerland |
+ | Copyright (C) 2005-2008, RoundCube Dev. - Switzerland |
@@ -17 +17 @@
- $Id: $
+ $Id$
@@ -21,4 +21,4 @@
-$used = ((isset($_GET['u']) && !empty($_GET['u'])) || $_GET['u']=='0')?(int)$_GET['u']:'??';
-$quota = ((isset($_GET['q']) && !empty($_GET['q'])) || $_GET['q']=='0')?(int)$_GET['q']:'??';
-$width = empty($_GET['w']) ? 100 : (int)$_GET['w'];
-$height = empty($_GET['h']) ? 14 : (int)$_GET['h'];
+$used = isset($_GET['u']) ? intval($_GET['u']) : '??';
+$quota = isset($_GET['q']) ? intval($_GET['q']) : '??';
+$width = empty($_GET['w']) ? 100 : min(300, intval($_GET['w']));
+$height = empty($_GET['h']) ? 14 : min(50, intval($_GET['h']));
@@ -99 +99 @@
- }
+ }
@@ -101,2 +101 @@
- if (strpos($used, '?') !== false || strpos($total, '?') !== false
- && $used != 0) {
+ if (strpos($used, '?') !== false || strpos($total, '?') !== false && $used != 0) {
@@ -104 +103 @@
- }
+ }
@@ -156 +155 @@
- // if($quota >= $limit['low'])
+ // if($quota >= $limit['low'])
@@ -166 +165 @@
- // Print percent in black
+ // Print percent in black
@@ -171,5 +170,5 @@
-
- // @todo is harcoding GMT necessary?
- header('Expires: ' . gmdate('D, d M Y H:i:s', mktime()+86400) . ' GMT');
- header('Cache-Control: ');
- header('Pragma: ');
+
+ // cache for 1 hour
+ $maxage = 3600;
+ header('Expires: ' . gmdate('D, d M Y H:i:s', time()+$maxage). ' GMT');
+ header('Cache-Control: max-age=' . $maxage);
@@ -181 +180,7 @@
-genQuota($used, $quota, $width, $height);
+if ($width > 1 && $height > 1) {
+ genQuota($used, $quota, $width, $height);
+}
+else {
+ header("HTTP/1.0 404 Not Found");
+}
+
@@ -183 +188 @@
-?>
\ No newline at end of file
+?>
Index: roundcubemail.spec
===================================================================
RCS file: /cvs/pkgs/rpms/roundcubemail/devel/roundcubemail.spec,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- roundcubemail.spec 12 Dec 2008 16:30:28 -0000 1.16
+++ roundcubemail.spec 17 Dec 2008 17:37:12 -0000 1.17
@@ -1,7 +1,7 @@
%define roundcubedir %{_datadir}/roundcubemail
Name: roundcubemail
Version: 0.2
-Release: 4.beta%{?dist}
+Release: 5.beta%{?dist}
Summary: Round Cube Webmail is a browser-based multilingual IMAP client
Group: Applications/System
@@ -14,6 +14,8 @@
Patch0: roundcubemail-0.2-beta-confpath.patch
# From upstream, not in a release yet, BZ 476223.
Patch1: roundcubemail-0.2-beta-html2text.patch
+# From upstream, not in a release yet, BZ 476830.
+Patch2: roundcubemail-0.2-beta-CVE-2008-5620.patch
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root%(%{__id_u} -n)
@@ -45,6 +47,7 @@
%patch0 -p0
%patch1 -p0
+%patch2 -p0
# fix permissions and remove any .htaccess files
find . -type f -print | xargs chmod a-x
@@ -132,6 +135,9 @@
%config(noreplace) %{_sysconfdir}/logrotate.d/roundcubemail
%changelog
+* Wed Dec 17 2008 Jon Ciesla <limb at jcomserv.net> = 0.2-5.beta
+- Security fix, BZ 476830.
+
* Fri Dec 12 2008 Jon Ciesla <limb at jcomserv.net> = 0.2-4.beta
- Security fix, BZ 476223.
More information about the fedora-extras-commits
mailing list