Your message dated Sat, 05 Sep 2015 14:31:07 +0100
with message-id <1441459867.2151.32.ca...@adam-barratt.org.uk>
and subject line Closing p-u bugs for 8.2
has caused the Debian Bug report #790939,
regarding jessie-pu: package wesnoth-1.10/1:1.10.7-2+deb8u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
790939: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=790939
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
User: release.debian....@packages.debian.org
Usertags: pu
Tags: jessie
Severity: normal
X-Debbugs-CC: rho...@debian.org

Hi,

I'd like to upload wesnoth-1.10/1:1.10.7-2+deb8u1 to jessie-pu to fix
CVE-2015-5069 and CVE-2015-5070 (these CVEs are marked no-dsa in the
security tracker and the security team has asked me to get these CVEs
fixed via a point update instead). These CVEs have already been fixed
in sid as of wesnoth-1.12/1:1.12.4-1. Debdiff below, thanks!

Regards,
Vincent


diff -Nru wesnoth-1.10-1.10.7/debian/changelog
wesnoth-1.10-1.10.7/debian/changelog
--- wesnoth-1.10-1.10.7/debian/changelog 2015-04-09 03:12:42.000000000 -0700
+++ wesnoth-1.10-1.10.7/debian/changelog 2015-07-01 13:31:50.000000000 -0700
@@ -1,3 +1,10 @@
+wesnoth-1.10 (1:1.10.7-2+deb8u1) jessie; urgency=medium
+
+  * Security fix: Disallowed inclusion of .pbl files from WML, independent of
+    extension case (CVE-2015-5069, CVE-2015-5070).
+
+ -- Vincent Cheng <vch...@debian.org>  Wed, 01 Jul 2015 13:30:12 -0700
+
 wesnoth-1.10 (1:1.10.7-2) unstable; urgency=high

   * Pull af61f9fd from upstream to fix "Private file disclosure through
diff -Nru wesnoth-1.10-1.10.7/debian/patches/CVE-2015-5069-CVE-2015-5070.patch
wesnoth-1.10-1.10.7/debian/patches/CVE-2015-5069-CVE-2015-5070.patch
--- wesnoth-1.10-1.10.7/debian/patches/CVE-2015-5069-CVE-2015-5070.patch
1969-12-31 16:00:00.000000000 -0800
+++ wesnoth-1.10-1.10.7/debian/patches/CVE-2015-5069-CVE-2015-5070.patch
2015-07-01 13:32:55.000000000 -0700
@@ -0,0 +1,23 @@
+Description: Disallowed inclusion of .pbl files from WML, independent of
+ extension case (CVE-2015-5069, CVE-2015-5070).
+Origin: upstream, commits 055fea16479a755d6744a52f78f63548b692c440
+ and d20f8015bc3653a10d6d4dfd751e62651d1180b7
+Bug: https://gna.org/bugs/?23504
+Last-Update: 2015-07-01
+
+diff --git a/src/filesystem.cpp b/src/filesystem.cpp
+index 7b4bd95..510da80 100644
+--- a/src/filesystem.cpp
++++ b/src/filesystem.cpp
+@@ -1157,6 +1157,11 @@ std::string get_wml_location(const std::string
&filename, const std::string &cur
+ return result;
+ }
+
++ if (looks_like_pbl(filename)) {
++ ERR_FS << "Illegal path '" << filename << "' (.pbl files are not
allowed)." << std::endl;
++ return result;
++ }
++
+ bool already_found = false;
+
+ if (filename[0] == '~')
diff -Nru wesnoth-1.10-1.10.7/debian/patches/series
wesnoth-1.10-1.10.7/debian/patches/series
--- wesnoth-1.10-1.10.7/debian/patches/series 2015-04-08
10:14:12.000000000 -0700
+++ wesnoth-1.10-1.10.7/debian/patches/series 2015-07-01
13:30:05.000000000 -0700
@@ -1,3 +1,4 @@
 02wesnoth-nolog-desktop-file
 03wesnothd-name
 af61f9fdd15cd439da9e2fe5fa39d174c923eaae.patch
+CVE-2015-5069-CVE-2015-5070.patch

--- End Message ---
--- Begin Message ---
Version: 8.2

Hi,

These bugs correspond to updates which were included in the 8.2 point
release.

Regards,

Adam

--- End Message ---

Reply via email to