rpms/ikiwiki/F-10 ikiwiki-2.72-teximg.patch, NONE, 1.1 ikiwiki.spec, 1.12, 1.13
Thomas Moschny
thm at fedoraproject.org
Tue Sep 1 22:55:18 UTC 2009
Author: thm
Update of /cvs/pkgs/rpms/ikiwiki/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv21192
Modified Files:
ikiwiki.spec
Added Files:
ikiwiki-2.72-teximg.patch
Log Message:
* Wed Sep 2 2009 Thomas Moschny <thomas.moschny at gmx.de> - 2.72-2
- Add patch for teximg plugin: Make TeX handle preventing unsafe
things; remove insufficient blacklist (fixes CVE-2009-2944, see
bz 520543).
ikiwiki-2.72-teximg.patch:
teximg.pm | 41 ++---------------------------------------
1 file changed, 2 insertions(+), 39 deletions(-)
--- NEW FILE ikiwiki-2.72-teximg.patch ---
>From f41d51c825450c5f423b35d887e99820369402f9 Mon Sep 17 00:00:00 2001
From: Joey Hess <joey at gnu.kitenet.net>
Date: Tue, 1 Sep 2009 15:31:21 -0400
Subject: [PATCH] teximg: Make TeX handle preventing unsafe things; remove insufficient blacklist
TeX has configuration options that prevent unsafe things like shell
escapes and insecure file reads/writes. Turn all of them on.
teximg's regex-based blacklist does not suffice. For instance:
[[!teximg code="""
\catcode`\%=0
%input{/etc/passwd}
"""]]
Remove the blacklist, since the TeX configuration options seal off the
underlying mechanisms more safely, and the blacklist blocks other TeX
commands that can prove useful.
Conflicts:
debian/changelog
---
IkiWiki/Plugin/teximg.pm | 40 ++--------------------------------------
1 files changed, 2 insertions(+), 38 deletions(-)
diff --git a/IkiWiki/Plugin/teximg.pm b/IkiWiki/Plugin/teximg.pm
index 57b2314..099ec63 100644
--- a/IkiWiki/Plugin/teximg.pm
+++ b/IkiWiki/Plugin/teximg.pm
@@ -69,13 +69,7 @@ sub preprocess (@) {
if (! defined $code && ! length $code) {
error gettext("missing tex code");
}
-
- if (check($code)) {
- return create($code, check_height($height), \%params);
- }
- else {
- error gettext("code includes disallowed latex commands")
- }
+ return create($code, check_height($height), \%params);
}
sub check_height ($) {
@@ -155,7 +149,7 @@ sub gen_image ($$$$) {
my $tmp = eval { create_tmp_dir($digest) };
if (! $@ &&
writefile("$digest.tex", $tmp, $tex) &&
- system("cd $tmp; latex --interaction=nonstopmode $tmp/$digest.tex > /dev/null") == 0 &&
+ system("cd $tmp; shell_escape=f openout_any=p openin_any=p latex --interaction=nonstopmode $digest.tex < /dev/null > /dev/null") == 0 &&
# ensure destination directory exists
writefile("$imagedir/$digest.png", $config{destdir}, "") &&
(($config{teximg_dvipng} &&
@@ -191,34 +185,4 @@ sub create_tmp_dir ($) {
return $tmpdir;
}
-sub check ($) {
- # Check if the code is ok
- my $code = shift;
-
- my @badthings = (
- qr/\$\$/,
- qr/\\include/,
- qr/\\includegraphic/,
- qr/\\usepackage/,
- qr/\\newcommand/,
- qr/\\renewcommand/,
- qr/\\def/,
- qr/\\input/,
- qr/\\open/,
- qr/\\loop/,
- qr/\\errorstopmode/,
- qr/\\scrollmode/,
- qr/\\batchmode/,
- qr/\\read/,
- qr/\\write/,
- );
-
- foreach my $thing (@badthings) {
- if ($code =~ m/$thing/ ) {
- return 0;
- }
- }
- return 1;
-}
-
1
--
1.6.3.3
Index: ikiwiki.spec
===================================================================
RCS file: /cvs/pkgs/rpms/ikiwiki/F-10/ikiwiki.spec,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -p -r1.12 -r1.13
--- ikiwiki.spec 2 Jan 2009 11:32:27 -0000 1.12
+++ ikiwiki.spec 1 Sep 2009 22:55:17 -0000 1.13
@@ -1,6 +1,6 @@
Name: ikiwiki
Version: 2.72
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: A wiki compiler
Group: Applications/Internet
@@ -8,6 +8,7 @@ License: GPLv2+
URL: http://ikiwiki.info/
Source0: http://ftp.debian.org/debian/pool/main/i/%{name}/%{name}_%{version}.tar.gz
Patch0: ikiwiki-2.72-libexecdir.patch
+Patch1: ikiwiki-2.72-teximg.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch
@@ -49,6 +50,7 @@ array of plugins.
%prep
%setup0 -q -n %{name}
%patch0 -p1 -b .libexecdir
+%patch1 -p1
# Filter unwanted Provides:
%{__cat} << \EOF > %{name}-prov
@@ -143,6 +145,11 @@ meta-wrapper in this package.
%changelog
+* Wed Sep 2 2009 Thomas Moschny <thomas.moschny at gmx.de> - 2.72-2
+- Add patch for teximg plugin: Make TeX handle preventing unsafe
+ things; remove insufficient blacklist (fixes CVE-2009-2944, see
+ bz 520543).
+
* Fri Jan 2 2009 Thomas Moschny <thomas.moschny at gmx.de> - 2.72-1
- Update to 2.72.
- Patch for mtn plugin has been applied upstream.
More information about the fedora-extras-commits
mailing list