oss-sec mailing list archives

Koji CVE-2019-17109: koji hub allows arbitrary upload destinations

From: Patrick Uiterwijk <puiterwijk () redhat com>
Date: Wed, 9 Oct 2019 16:57:52 +0200

Description
===========

The way that the hub code validates upload paths allows for an attacker to choose an arbitrary destination for the 
uploaded file. 


Affected versions
=================

All prior versions of Koji are vulnerable.


Patched versions
================

Koji versions 1.14.3, 1.15.3, 1.16.3, 1.17.1, and 1.18.1 are available on the website, and all include patches to solve 
this problem.


Credits
=======

This issue was discovered by Yu Ming Zhu of Red Hat.


References
=========

https://docs.pagure.org/koji/CVE-2019-17109/

Current thread:

Koji CVE-2019-17109: koji hub allows arbitrary upload destinations Patrick Uiterwijk (Oct 09)