[0/2] Dpkg: fixing CVE-2014-0471

Submitted by wenzong.fan@windriver.com on June 16, 2014, 5:20 a.m.


Message ID cover.1402895653.git.wenzong.fan@windriver.com
State New
Headers show


git://git.pokylinux.org/poky-contrib wenzong/dpkg

Commit Message

wenzong.fan@windriver.com June 16, 2014, 5:20 a.m.
From: Wenzong Fan <wenzong.fan@windriver.com>

Directory traversal vulnerability in the unpacking functionality in dpkg before 1.15.9, 1.16.x before 1.16.13, and 1.17.x before 1.17.8 allows remote attackers to write arbitrary files via a crafted source package, related to "C-style filename quoting."

The following changes since commit 8e0c54cd0e82ffe120f84f495101cd29e6fd06bf:

  bitbake: bb/utils: fix contains_any() (2014-06-12 17:47:59 +0100)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib wenzong/dpkg

Guillem Jover (2):
  Dpkg::Source::Patch: Correctly parse C-style diff filenames
  Dpkg::Source::Patch: Outright reject C-style filenames in patches

 .../dpkg-1.17.4-CVE-2014-0471-CVE-2014-3127.patch  |   49 ++++++++++++
 .../dpkg/dpkg/dpkg-1.17.4-CVE-2014-0471.patch      |   83 ++++++++++++++++++++
 meta/recipes-devtools/dpkg/dpkg_1.17.4.bb          |    2 +
 3 files changed, 134 insertions(+)
 create mode 100644 meta/recipes-devtools/dpkg/dpkg/dpkg-1.17.4-CVE-2014-0471-CVE-2014-3127.patch
 create mode 100644 meta/recipes-devtools/dpkg/dpkg/dpkg-1.17.4-CVE-2014-0471.patch