Dear maintainer,
Here is the NMU diff according to DevRef 5.11.1[1][2] for bug: #598309.
See the debian/patches directory for the important fixes.
Please let me know if it's ok to proceed with the NMU.
Thank you for maintaining the package,
Jari Aalto
[1] http://www.debian.org/doc/developers-reference/pkgs.html#nmu
[2] http://dep.debian.net/deps/dep1.html
lsdiff(1) of changes:
ust-0.7/debian/changelog
ust-0.7/debian/patches/CVE-2010-3386--bug598309.patch
ust-0.7/debian/patches/series
diffstat for ust-0.7 ust-0.7
changelog | 10 +++++
patches/CVE-2010-3386--bug598309.patch | 60 +++++++++++++++++++++++++++++++++
patches/series | 2 -
3 files changed, 71 insertions(+), 1 deletion(-)
diff -Nru ust-0.7/debian/changelog ust-0.7/debian/changelog
--- ust-0.7/debian/changelog 2010-09-27 11:28:16.000000000 +0300
+++ ust-0.7/debian/changelog 2010-10-18 18:55:42.000000000 +0300
@@ -1,3 +1,13 @@
+ust (0.7-2.1) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * debian/patches
+ - (CVE-2010-3386--bug598309): New. Fix LD_LIBRARY_PATH. Initial patch
+ idea thanks to Etienne Millon <etienne.mil...@gmail.com> (grave,
+ security; Closes: #598309).
+
+ -- Jari Aalto <jari.aa...@cante.net> Mon, 18 Oct 2010 18:55:42 +0300
+
ust (0.7-2) unstable; urgency=low
* [7d6a5c] Remove sparc and alpha from supported architectures
diff -Nru ust-0.7/debian/patches/CVE-2010-3386--bug598309.patch ust-0.7/debian/patches/CVE-2010-3386--bug598309.patch
--- ust-0.7/debian/patches/CVE-2010-3386--bug598309.patch 1970-01-01 02:00:00.000000000 +0200
+++ ust-0.7/debian/patches/CVE-2010-3386--bug598309.patch 2010-10-18 18:54:03.000000000 +0300
@@ -0,0 +1,60 @@
+From deaf85d7aa5f074ba18bfe5deb5605dfa22bf772 Mon Sep 17 00:00:00 2001
+From: Jari Aalto <jari.aa...@cante.net>
+Date: Sat, 16 Oct 2010 18:35:58 +0300
+Subject: [PATCH] CVE-2010-3386 insecure library loading Bug#598309
+Organization: Private
+Content-Type: text/plain; charset="utf-8"
+Content-Transfer-Encoding: 8bit
+
+
+Signed-off-by: Jari Aalto <jari.aa...@cante.net>
+---
+ usttrace | 18 ++++++++++++++++--
+ 1 files changed, 16 insertions(+), 2 deletions(-)
+
+diff --git a/usttrace b/usttrace
+index dc159f2..7e0f7bc 100755
+--- a/usttrace
++++ b/usttrace
+@@ -3,6 +3,16 @@
+ # usttrace by Pierre-Marc Fournier 2009
+ # Distributed under the GPLv2.
+
++pathclean() {
++ # Vulnerability fix for insecure path content
++ # Make sure "::", "^:" or ":$" is not left in path arg $1
++
++ local tmp
++ tmp=$(echo "$1" | sed -e 's/::\+// ; s/^:// ; s/:$//' )
++
++ [ "$tmp" ] && echo "$tmp"
++}
++
+ function error() {
+ echo "$0: error: $1" 2>/dev/stderr
+ }
+@@ -133,7 +143,9 @@ fi
+ if [ "$arg_preload_libust" = "1" ];
+ then
+ if [ -n "${LIBUST_PATH%libust.so}" ] ; then
+- export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:${LIBUST_PATH%libust.so}"
++ LD_LIBRARY_PATH="${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}${LIBUST_PATH%libust.so}"
++ LD_LIBRARY_PATH=$(pathclean "$LD_LIBRARY_PATH")
++ export LD_LIBRARY_PATH
+ fi
+ export LD_PRELOAD="$LD_PRELOAD:$LIBUST_PATH"
+ fi
+@@ -141,7 +153,9 @@ fi
+ if [ "$arg_ld_std_ust" = "1" ];
+ then
+ if [ -n "$${LIBUST_PATH%libust.so}" ] ; then
+- export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:${LIBUST_PATH%libust.so}"
++ LD_LIBRARY_PATH="${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}${LIBUST_PATH%libust.so}"
++ LD_LIBRARY_PATH=$(pathclean "$LD_LIBRARY_PATH")
++ export LD_LIBRARY_PATH
+ fi
+ fi
+
+--
+1.7.1
+
diff -Nru ust-0.7/debian/patches/series ust-0.7/debian/patches/series
--- ust-0.7/debian/patches/series 2010-09-27 11:28:16.000000000 +0300
+++ ust-0.7/debian/patches/series 2010-10-18 18:49:26.000000000 +0300
@@ -1 +1 @@
-info-dir-section.diff
+CVE-2010-3386--bug598309.patch
