CVE-2011-3201
This commit is contained in:
parent
a4cc095e60
commit
b9461f095d
2 changed files with 64 additions and 1 deletions
56
evolution-3.2.2-CVE-2011-3201.patch
Normal file
56
evolution-3.2.2-CVE-2011-3201.patch
Normal file
|
|
@ -0,0 +1,56 @@
|
|||
diff -up evolution-3.2.2/composer/e-msg-composer.c.CVE-2011-3201 evolution-3.2.2/composer/e-msg-composer.c
|
||||
--- evolution-3.2.2/composer/e-msg-composer.c.CVE-2011-3201 2011-10-20 05:38:02.000000000 -0500
|
||||
+++ evolution-3.2.2/composer/e-msg-composer.c 2011-11-30 07:30:00.504101491 -0600
|
||||
@@ -4003,6 +4003,35 @@ merge_always_cc_and_bcc (EComposerHeader
|
||||
e_destination_freev (addrv);
|
||||
}
|
||||
|
||||
+static const gchar *blacklist[] = { ".", "etc", ".." };
|
||||
+
|
||||
+static gboolean
|
||||
+file_is_blacklisted (const gchar *filename)
|
||||
+{
|
||||
+ gboolean blacklisted = FALSE;
|
||||
+ guint ii, jj, n_parts;
|
||||
+ gchar **parts;
|
||||
+
|
||||
+ parts = g_strsplit (filename, G_DIR_SEPARATOR_S, -1);
|
||||
+ n_parts = g_strv_length (parts);
|
||||
+
|
||||
+ for (ii = 0; ii < G_N_ELEMENTS (blacklist); ii++) {
|
||||
+ for (jj = 0; jj < n_parts; jj++) {
|
||||
+ if (g_str_has_prefix (parts[jj], blacklist[ii])) {
|
||||
+ blacklisted = TRUE;
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ g_strfreev (parts);
|
||||
+
|
||||
+ if (blacklisted)
|
||||
+ g_message ("Skipping suspicious attachment: %s", filename);
|
||||
+
|
||||
+ return blacklisted;
|
||||
+}
|
||||
+
|
||||
static void
|
||||
handle_mailto (EMsgComposer *composer,
|
||||
const gchar *mailto)
|
||||
@@ -4096,6 +4125,8 @@ handle_mailto (EMsgComposer *composer,
|
||||
EAttachment *attachment;
|
||||
|
||||
camel_url_decode (content);
|
||||
+ if (file_is_blacklisted (content))
|
||||
+ goto next;
|
||||
if (g_ascii_strncasecmp (content, "file:", 5) == 0)
|
||||
attachment = e_attachment_new_for_uri (content);
|
||||
else
|
||||
@@ -4115,6 +4146,7 @@ handle_mailto (EMsgComposer *composer,
|
||||
e_msg_composer_add_header (composer, header, content);
|
||||
}
|
||||
|
||||
+next:
|
||||
g_free (content);
|
||||
|
||||
p += clen;
|
||||
|
|
@ -28,7 +28,7 @@
|
|||
|
||||
Name: evolution
|
||||
Version: 3.2.2
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
Group: Applications/Productivity
|
||||
Summary: Mail and calendar client for GNOME
|
||||
License: GPLv2+ and GFDL
|
||||
|
|
@ -47,6 +47,9 @@ Patch10: evolution-1.4.4-ldap-x86_64-hack.patch
|
|||
# RH bug #589555
|
||||
Patch11: evolution-2.30.1-help-contents.patch
|
||||
|
||||
# CVE-2011-3201
|
||||
Patch12: evolution-3.2.2-CVE-2011-3201.patch
|
||||
|
||||
## Dependencies ###
|
||||
|
||||
Requires(pre): GConf2
|
||||
|
|
@ -203,6 +206,7 @@ This package contains the plugin to import Microsoft Personal Storage Table
|
|||
%setup -q -n evolution-%{version}
|
||||
%patch10 -p1 -b .ldaphack
|
||||
%patch11 -p1 -b .help-contents
|
||||
%patch12 -p1 -b .CVE-2011-3201
|
||||
|
||||
mkdir -p krb5-fakeprefix/include
|
||||
mkdir -p krb5-fakeprefix/lib
|
||||
|
|
@ -648,6 +652,9 @@ rm -rf $RPM_BUILD_ROOT
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Nov 30 2011 Matthew Barnes <mbarnes@redhat.com> - 3.2.2-2
|
||||
- Add patch for RH bug #757164 (CVE-2011-3201).
|
||||
|
||||
* Mon Nov 14 2011 Milan Crha <mcrha@redhat.com> - 3.2.2-1
|
||||
- Update to 3.2.2
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue