gnu: kio: Fix CVE-2017-6410.
* gnu/packages/patches/kio-CVE-2017-6410.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/kde-frameworks.scm (kio)[source]: Use it.
This commit is contained in:
parent
5e0535a7e6
commit
c35745edc4
|
@ -648,6 +648,7 @@ dist_patch_DATA = \
|
|||
%D%/packages/patches/jq-CVE-2015-8863.patch \
|
||||
%D%/packages/patches/kdbusaddons-kinit-file-name.patch \
|
||||
%D%/packages/patches/khmer-use-libraries.patch \
|
||||
%D%/packages/patches/kio-CVE-2017-6410.patch \
|
||||
%D%/packages/patches/kmod-module-directory.patch \
|
||||
%D%/packages/patches/kobodeluxe-paths.patch \
|
||||
%D%/packages/patches/kobodeluxe-enemies-pipe-decl.patch \
|
||||
|
|
|
@ -2206,6 +2206,7 @@ makes starting KDE applications faster and reduces memory consumption.")
|
|||
"mirror://kde/stable/frameworks/"
|
||||
(version-major+minor version) "/"
|
||||
name "-" version ".tar.xz"))
|
||||
(patches (search-patches "kio-CVE-2017-6410.patch"))
|
||||
(sha256
|
||||
(base32
|
||||
"1hqc88c2idi9fkb7jy82csb0i740lghv0p2fg1gaglcarjdz7nia"))))
|
||||
|
|
|
@ -0,0 +1,53 @@
|
|||
Fix CVE-2017-6410, "Information Leak when accessing https when using a
|
||||
malicious PAC file":
|
||||
|
||||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6410
|
||||
https://www.kde.org/info/security/advisory-20170228-1.txt
|
||||
|
||||
Patch copied from upstream source repository:
|
||||
|
||||
https://cgit.kde.org/kio.git/commit/?id=f9d0cb47cf94e209f6171ac0e8d774e68156a6e4
|
||||
|
||||
From f9d0cb47cf94e209f6171ac0e8d774e68156a6e4 Mon Sep 17 00:00:00 2001
|
||||
From: Albert Astals Cid <aacid@kde.org>
|
||||
Date: Tue, 28 Feb 2017 19:00:48 +0100
|
||||
Subject: Sanitize URLs before passing them to FindProxyForURL
|
||||
|
||||
Remove user/password information
|
||||
For https: remove path and query
|
||||
|
||||
Thanks to safebreach.com for reporting the problem
|
||||
|
||||
CCMAIL: yoni.fridburg@safebreach.com
|
||||
CCMAIL: amit.klein@safebreach.com
|
||||
CCMAIL: itzik.kotler@safebreach.com
|
||||
---
|
||||
src/kpac/script.cpp | 11 +++++++++--
|
||||
1 file changed, 9 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/src/kpac/script.cpp b/src/kpac/script.cpp
|
||||
index a0235f7..2485c54 100644
|
||||
--- a/src/kpac/script.cpp
|
||||
+++ b/src/kpac/script.cpp
|
||||
@@ -754,9 +754,16 @@ QString Script::evaluate(const QUrl &url)
|
||||
}
|
||||
}
|
||||
|
||||
+ QUrl cleanUrl = url;
|
||||
+ cleanUrl.setUserInfo(QString());
|
||||
+ if (cleanUrl.scheme() == QLatin1String("https")) {
|
||||
+ cleanUrl.setPath(QString());
|
||||
+ cleanUrl.setQuery(QString());
|
||||
+ }
|
||||
+
|
||||
QScriptValueList args;
|
||||
- args << url.url();
|
||||
- args << url.host();
|
||||
+ args << cleanUrl.url();
|
||||
+ args << cleanUrl.host();
|
||||
|
||||
QScriptValue result = func.call(QScriptValue(), args);
|
||||
if (result.isError()) {
|
||||
--
|
||||
cgit v0.11.2
|
||||
|
Loading…
Reference in New Issue