oss-sec mailing list archives

Re: CVE Request: incomplete fix for CVE-2010-1000 in KDE network

From: Josh Bressers <bressers () redhat com>
Date: Fri, 15 Apr 2011 14:52:34 -0400 (EDT)

Please use CVE-2011-1586

Thanks.

-- 
    JB



----- Original Message -----

A bug was filed in Ubuntu[1] for patches[2][3] that went into KDE
Network for an incomplete fix for CVE-2010-1000. The commit message
is:

"Further addresses CVE-2010-1000. The file name of Metalink File is
checked a better way, making it work under more conditions."

While the previous patch fixed things like '../../tmp/gotcha', it did
not fix a single leading '../'.

[1]https://bugs.launchpad.net/ubuntu/+source/kdenetwork/+bug/757526
[2]http://websvn.kde.org/?view=revision&revision=1227468 (4.4)
[3]http://websvn.kde.org/?view=revision&revision=1227469 (4.5)

--
Jamie Strandboge | http://www.canonical.com

Current thread:

CVE Request: incomplete fix for CVE-2010-1000 in KDE network Jamie Strandboge (Apr 15)
- Re: CVE Request: incomplete fix for CVE-2010-1000 in KDE network Josh Bressers (Apr 15)