rpms/roundcubemail/F-9 roundcubemail-0.2-CVE-2009-0413.patch, NONE, 1.1 roundcubemail.spec, 1.15, 1.16 sources, 1.9, 1.10
Jon Ciesla
limb at fedoraproject.org
Wed Feb 4 16:37:16 UTC 2009
Author: limb
Update of /cvs/pkgs/rpms/roundcubemail/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv10470
Modified Files:
roundcubemail.spec sources
Added Files:
roundcubemail-0.2-CVE-2009-0413.patch
Log Message:
Patch for CVE-2009-0413, BZ 484052
roundcubemail-0.2-CVE-2009-0413.patch:
--- NEW FILE roundcubemail-0.2-CVE-2009-0413.patch ---
--- CHANGELOG~ 2009-02-04 09:58:46.000000000 -0600
+++ CHANGELOG 2009-02-04 09:58:46.000000000 -0600
@@ -3,0 +4,4 @@
+2009/01/20 (thomasb)
+----------
+- Fix XSS vulnerability through background attributes as reported by Julien Cayssol
+
--- program/lib/washtml.php~ 2009-02-04 10:01:02.000000000 -0600
+++ program/lib/washtml.php 2009-02-04 10:01:02.000000000 -0600
@@ -83 +83 @@
- static $html_attribs = array('name', 'class', 'title', 'alt', 'width', 'height', 'align', 'nowrap', 'col', 'row', 'id', 'rowspan', 'colspan', 'cellspacing', 'cellpadding', 'valign', 'bgcolor', 'color', 'border', 'bordercolorlight', 'bordercolordark', 'face', 'marginwidth', 'marginheight', 'axis', 'border', 'abbr', 'char', 'charoff', 'clear', 'compact', 'coords', 'vspace', 'hspace', 'cellborder', 'size', 'lang', 'dir', 'background');
+ static $html_attribs = array('name', 'class', 'title', 'alt', 'width', 'height', 'align', 'nowrap', 'col', 'row', 'id', 'rowspan', 'colspan', 'cellspacing', 'cellpadding', 'valign', 'bgcolor', 'color', 'border', 'bordercolorlight', 'bordercolordark', 'face', 'marginwidth', 'marginheight', 'axis', 'border', 'abbr', 'char', 'charoff', 'clear', 'compact', 'coords', 'vspace', 'hspace', 'cellborder', 'size', 'lang', 'dir');
@@ -163 +163 @@
- ($key == 'href' && preg_match('/^(http|https|ftp|mailto):.*/i', $value)))
+ ($key == 'href' && preg_match('/^(http|https|ftp|mailto):.+/i', $value)))
@@ -167 +167 @@
- else if($key == 'src' && strtolower($node->tagName) == 'img') { //check tagName anyway
+ else if($key == 'background' || ($key == 'src' && strtolower($node->tagName) == 'img')) { //check tagName anyway
@@ -171 +171 @@
- else if(preg_match('/^(http|https|ftp):.*/i', $value)) {
+ else if(preg_match('/^(http|https|ftp):.+/i', $value)) {
@@ -177 +177 @@
- $t .= ' src="' . htmlspecialchars($this->config['blocked_src'], ENT_QUOTES) . '"';
+ $t .= ' ' . $key . '="' . htmlspecialchars($this->config['blocked_src'], ENT_QUOTES) . '"';
Index: roundcubemail.spec
===================================================================
RCS file: /cvs/pkgs/rpms/roundcubemail/F-9/roundcubemail.spec,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- roundcubemail.spec 17 Dec 2008 21:02:49 -0000 1.15
+++ roundcubemail.spec 4 Feb 2009 16:36:46 -0000 1.16
@@ -1,21 +1,22 @@
%define roundcubedir %{_datadir}/roundcubemail
Name: roundcubemail
Version: 0.2
-Release: 5.beta%{?dist}
+Release: 7.stable%{?dist}
Summary: Round Cube Webmail is a browser-based multilingual IMAP client
Group: Applications/System
License: GPLv2
URL: http://www.roundcube.net
-Source0: roundcubemail-%{version}-beta-dep.tar.gz
+Source0: roundcubemail-%{version}-stable-dep.tar.gz
Source1: roundcubemail.conf
Source2: roundcubemail.logrotate
Source4: roundcubemail-README.fedora
Patch0: roundcubemail-0.2-beta-confpath.patch
# From upstream, not in a release yet, BZ 476223.
-Patch1: roundcubemail-0.2-beta-html2text.patch
+#Patch1: roundcubemail-0.2-beta-html2text.patch
# From upstream, not in a release yet, BZ 476830.
-Patch2: roundcubemail-0.2-beta-CVE-2008-5620.patch
+#Patch2: roundcubemail-0.2-beta-CVE-2008-5620.patch
+Patch3: roundcubemail-0.2-CVE-2009-0413.patch
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root%(%{__id_u} -n)
@@ -43,11 +44,12 @@
interface is fully skinnable using XHTML and CSS 2.
%prep
-%setup -q -n roundcubemail-0.2-beta-dep
+%setup -q -n roundcubemail-0.2-stable-dep
%patch0 -p0
-%patch1 -p0
-%patch2 -p0
+#%patch1 -p0
+#%patch2 -p0
+%patch3 -p0
# fix permissions and remove any .htaccess files
find . -type f -print | xargs chmod a-x
@@ -135,6 +137,13 @@
%config(noreplace) %{_sysconfdir}/logrotate.d/roundcubemail
%changelog
+* Wed Feb 04 2009 Jon Ciesla <limb at jcomserv.net> = 0.2-7.stable
+- Patch for CVE-2009-0413, BZ 484052.
+
+* Mon Jan 05 2009 Jon Ciesla <limb at jcomserv.net> = 0.2-6.stable
+- New upstream.
+- Dropped two most recent patches, applied upstream.
+
* Wed Dec 17 2008 Jon Ciesla <limb at jcomserv.net> = 0.2-5.beta
- Security fix, BZ 476830.
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/roundcubemail/F-9/sources,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- sources 12 Dec 2008 16:34:17 -0000 1.9
+++ sources 4 Feb 2009 16:36:46 -0000 1.10
@@ -1 +1 @@
-496f5c5645c9bc77c733622182d2fabe roundcubemail-0.2-beta-dep.tar.gz
+dac7776b063bf2314f7d7730af2b1b0f roundcubemail-0.2-stable-dep.tar.gz
More information about the fedora-extras-commits
mailing list