diff options
| author | Leo Famulari <leo@famulari.name> | 2017-03-02 17:35:43 -0500 |
|---|---|---|
| committer | Leo Famulari <leo@famulari.name> | 2017-03-04 18:35:17 -0500 |
| commit | c35745edc4e78defba4a82e32974d729cf159c34 (patch) | |
| tree | 6fed78aeba3c97885dceebd6cfaea05f7e6a690c | |
| parent | 5e0535a7e6b0ca292a792c45bf3e432059a06a2b (diff) | |
| download | guix-c35745edc4e78defba4a82e32974d729cf159c34.tar.gz | |
gnu: kio: Fix CVE-2017-6410.
* gnu/packages/patches/kio-CVE-2017-6410.patch: New file. * gnu/local.mk (dist_patch_DATA): Add it. * gnu/packages/kde-frameworks.scm (kio)[source]: Use it.
| -rw-r--r-- | gnu/local.mk | 1 | ||||
| -rw-r--r-- | gnu/packages/kde-frameworks.scm | 1 | ||||
| -rw-r--r-- | gnu/packages/patches/kio-CVE-2017-6410.patch | 53 |
3 files changed, 55 insertions, 0 deletions
diff --git a/gnu/local.mk b/gnu/local.mk index ce8ea3d37b..a44c4072b0 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -648,6 +648,7 @@ dist_patch_DATA = \ %D%/packages/patches/jq-CVE-2015-8863.patch \ %D%/packages/patches/kdbusaddons-kinit-file-name.patch \ %D%/packages/patches/khmer-use-libraries.patch \ + %D%/packages/patches/kio-CVE-2017-6410.patch \ %D%/packages/patches/kmod-module-directory.patch \ %D%/packages/patches/kobodeluxe-paths.patch \ %D%/packages/patches/kobodeluxe-enemies-pipe-decl.patch \ diff --git a/gnu/packages/kde-frameworks.scm b/gnu/packages/kde-frameworks.scm index 36c2851567..ba4ead2d67 100644 --- a/gnu/packages/kde-frameworks.scm +++ b/gnu/packages/kde-frameworks.scm @@ -2206,6 +2206,7 @@ makes starting KDE applications faster and reduces memory consumption.") "mirror://kde/stable/frameworks/" (version-major+minor version) "/" name "-" version ".tar.xz")) + (patches (search-patches "kio-CVE-2017-6410.patch")) (sha256 (base32 "1hqc88c2idi9fkb7jy82csb0i740lghv0p2fg1gaglcarjdz7nia")))) diff --git a/gnu/packages/patches/kio-CVE-2017-6410.patch b/gnu/packages/patches/kio-CVE-2017-6410.patch new file mode 100644 index 0000000000..748636f806 --- /dev/null +++ b/gnu/packages/patches/kio-CVE-2017-6410.patch @@ -0,0 +1,53 @@ +Fix CVE-2017-6410, "Information Leak when accessing https when using a +malicious PAC file": + +https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6410 +https://www.kde.org/info/security/advisory-20170228-1.txt + +Patch copied from upstream source repository: + +https://cgit.kde.org/kio.git/commit/?id=f9d0cb47cf94e209f6171ac0e8d774e68156a6e4 + +From f9d0cb47cf94e209f6171ac0e8d774e68156a6e4 Mon Sep 17 00:00:00 2001 +From: Albert Astals Cid <aacid@kde.org> +Date: Tue, 28 Feb 2017 19:00:48 +0100 +Subject: Sanitize URLs before passing them to FindProxyForURL + +Remove user/password information +For https: remove path and query + +Thanks to safebreach.com for reporting the problem + +CCMAIL: yoni.fridburg@safebreach.com +CCMAIL: amit.klein@safebreach.com +CCMAIL: itzik.kotler@safebreach.com +--- + src/kpac/script.cpp | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/src/kpac/script.cpp b/src/kpac/script.cpp +index a0235f7..2485c54 100644 +--- a/src/kpac/script.cpp ++++ b/src/kpac/script.cpp +@@ -754,9 +754,16 @@ QString Script::evaluate(const QUrl &url) + } + } + ++ QUrl cleanUrl = url; ++ cleanUrl.setUserInfo(QString()); ++ if (cleanUrl.scheme() == QLatin1String("https")) { ++ cleanUrl.setPath(QString()); ++ cleanUrl.setQuery(QString()); ++ } ++ + QScriptValueList args; +- args << url.url(); +- args << url.host(); ++ args << cleanUrl.url(); ++ args << cleanUrl.host(); + + QScriptValue result = func.call(QScriptValue(), args); + if (result.isError()) { +-- +cgit v0.11.2 + |