Bug#651204: CVE-2011-4405 fixed in wheezy, not in squeeze
Guido Günther
agx at sigxcpu.org
Tue Jul 24 10:43:29 UTC 2012
On Tue, Jul 24, 2012 at 10:09:27AM +0200, Didier 'OdyX' Raboud wrote:
> tags 651204 +patch
> thanks
>
> Le mercredi, 30 mai 2012 11.47:05, Thijs Kinkhorst a écrit :
> > Hi,
> >
> > Wheezy and sid contain a patch for this issue. Squeeze seems still
> > affected. Are you able to provide an updated package for squeeze?
>
> Would the attached patch do the job for Squeeze?
It looks good to me. I didn't get around to implement something similar
since ages since I didn't have a test system to run this on. Could you
test this on a Squeeze box? If so I'd be happy about an NMU.
Cheers,
-- Guido
>
> OdyX
> From: Till Kamppeter <till.kamppeter at gmail.com>
> Date: Tue, 13 Dec 2011 20:54:26 +0100
> Subject: Fix MITM via unencrypted metadata download
>
> Adapted to Squeeze by Didier Raboud <odyx at debian.org> on Tue Jul 24 10:09:16 CEST 2012.
>
> Closes: #651204
> ---
> cupshelpers/openprinting.py | 35 +++++++++++++++++++++++------------
> 1 files changed, 23 insertions(+), 12 deletions(-)
>
> --- a/cupshelpers/openprinting.py
> +++ b/cupshelpers/openprinting.py
> @@ -19,7 +19,7 @@
> ## along with this program; if not, write to the Free Software
> ## Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
>
> -import urllib, httplib, platform, threading, tempfile, traceback
> +import pycurl,urllib, httplib, platform, threading, tempfile, traceback
> import os, sys
> from xml.etree.ElementTree import XML
> from . import Device
> @@ -42,10 +42,18 @@
> self.parameters = parameters
> self.callback = callback
> self.user_data = user_data
> + self.result = ""
>
> self.setDaemon (True)
>
> def run (self):
> +
> + # Callback function for pycURL collecting the data coming from
> + # the web server
> + def collect_data(result):
> + self.result += result;
> + return len(result)
> +
> # CGI script to be executed
> query_command = "/query.cgi"
> # Headers for the post request
> @@ -55,26 +63,26 @@
> (urllib.urlencode (self.parameters),
> self.parent.language[0],
> self.parent.language[0]))
> - self.url = "http://%s%s?%s" % (self.parent.base_url, query_command, params)
> + self.url = "https://%s%s?%s" % (self.parent.base_url, query_command, params)
> # Send request
> - result = None
> + self.result = ""
> status = 1
> try:
> - conn = httplib.HTTPConnection(self.parent.base_url)
> - conn.request("POST", query_command, params, headers)
> - resp = conn.getresponse()
> - status = resp.status
> - if status == 200:
> - result = resp.read()
> - conn.close()
> + curl = pycurl.Curl()
> + curl.setopt(pycurl.SSL_VERIFYPEER, 1)
> + curl.setopt(pycurl.SSL_VERIFYHOST, 2)
> + curl.setopt(pycurl.WRITEFUNCTION, collect_data)
> + curl.setopt(pycurl.URL, self.url)
> + status = curl.perform()
> + if status == None: status = 0
> + if (status != 0):
> + self.result = sys.exc_info ()
> except:
> - result = sys.exc_info ()
> -
> - if status == 200:
> - status = 0
> + self.result = sys.exc_info ()
> + if status == None: status = 0
>
> if self.callback != None:
> - self.callback (status, self.user_data, result)
> + self.callback (status, self.user_data, self.result)
>
> class OpenPrinting:
> def __init__(self, language=None):
More information about the pkg-gnome-maintainers
mailing list