Package: logwatch
Version: 7.3.6.cvs20090906-1
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu natty ubuntu-patch
*** /home/steve/tmp/tmpOr5E13
In Ubuntu, we've applied the attached patch to achieve the following:
* SECURITY UPDATE: privileged code execution via badly named logfiles
- scripts/logwatch.pl: encapsulate logfiles in 's and ensure logfile
names don't contain '.
-
http://logwatch.svn.sourceforge.net/viewvc/logwatch?view=revisionrevision=26
- CVE-2011-1018
We thought you might be interested in doing the same.
-- System Information:
Debian Release: squeeze/sid
APT prefers maverick-updates
APT policy: (500, 'maverick-updates'), (500, 'maverick-security'), (500,
'maverick-proposed'), (500, 'maverick')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.35-27-server (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -u logwatch-7.3.6.cvs20090906/scripts/logwatch.pl logwatch-7.3.6.cvs20090906/scripts/logwatch.pl
--- logwatch-7.3.6.cvs20090906/scripts/logwatch.pl
+++ logwatch-7.3.6.cvs20090906/scripts/logwatch.pl
@@ -738,6 +738,10 @@
my $DestFile = $TempDir . $LogFile . -archive;
my $Archive;
foreach $Archive (@{$LogFileData{$LogFile}{'archives'}}) {
+ if ($Archive =~ /'/) {
+ print File $Archive has invalid embedded quotes. File ignored.\n;
+ next;
+ }
my $CheckTime;
# We need to find out what's the earliest log we need
my @time_t = TimeBuild();
@@ -765,15 +769,15 @@
my @FileStat = stat($Archive);
if ($CheckTime = ($FileStat[9])) {
if (($Archive =~ m/gz$/) (-f $Archive) (-s $Archive)) {
-my $arguments = $Archive $DestFile;
+my $arguments = '${Archive}' $DestFile;
system($Config{'pathtozcat'} $arguments) == 0
or die system '$Config{'pathtozcat'} $arguments' failed: $?
} elsif (($Archive =~ m/bz2$/) (-f $Archive) (-s $Archive)) {
-my $arguments = $Archive 2/dev/null $DestFile;
+my $arguments = '${Archive}' 2/dev/null $DestFile;
system($Config{'pathtobzcat'} $arguments) == 0
or die system '$Config{'pathtobzcat'} $arguments' failed: $?
} elsif ((-f $Archive) (-s $Archive)) {
-my $arguments = $Archive $DestFile;
+my $arguments = '${Archive}' $DestFile;
system($Config{'pathtocat'} $arguments) == 0
or die system '$Config{'pathtocat'} $arguments' failed: $?
} #End if/elsif existence
@@ -785,6 +789,10 @@
foreach my $ThisFile (@FileList) {
#Existence check for files -mgt
next unless (-f $ThisFile);
+ if ($ThisFile =~ /'/) {
+ print File $ThisFile has invalid embedded quotes. File ignored.\n;
+ next;
+ }
if (! -r $ThisFile) {
print File $ThisFile is not readable. Check permissions.;
if ($ != 0) {
@@ -794,7 +802,7 @@
next;
}
#FIXME - We have a bug report for filenames with spaces, can be caught here needs test -mgt
- $FileText .= ($ThisFile . );
+ $FileText .= (' . $ThisFile . ' );
} #End foreach ThisFile
# remove the ENV entries set by previous service