[Pkg-samba-maint] r3853 - in branches/samba/squeeze/debian: . patches

bubulle at alioth.debian.org bubulle at alioth.debian.org
Wed Jul 27 06:28:08 UTC 2011 

Author: bubulle
Date: 2011-07-27 06:28:07 +0000 (Wed, 27 Jul 2011)
New Revision: 3853

Added:
   branches/samba/squeeze/debian/patches/security-CVE-2011-2694.patch
Modified:
   branches/samba/squeeze/debian/changelog
   branches/samba/squeeze/debian/patches/series
Log:
* Security update, fixing the following issues:
  - CVE-2011-2694: possible XSS attack in SWAT

Modified: branches/samba/squeeze/debian/changelog
===================================================================
--- branches/samba/squeeze/debian/changelog	2011-07-26 21:45:54 UTC (rev 3852)
+++ branches/samba/squeeze/debian/changelog	2011-07-27 06:28:07 UTC (rev 3853)
@@ -1,3 +1,10 @@
+samba (2:3.5.6~dfsg-3squeeze5) stable-security-UNRELEASED; urgency=high
+
+  * Security update, fixing the following issues:
+    - CVE-2011-2694: possible XSS attack in SWAT
+
+ -- Christian Perrier <bubulle at debian.org>  Wed, 27 Jul 2011 08:25:27 +0200
+
 samba (2:3.5.6~dfsg-3squeeze4) stable-proposed-updates; urgency=low
 
   * Document the newly introduced "map untrusted to domain" parameter

Added: branches/samba/squeeze/debian/patches/security-CVE-2011-2694.patch
===================================================================
--- branches/samba/squeeze/debian/patches/security-CVE-2011-2694.patch	                        (rev 0)
+++ branches/samba/squeeze/debian/patches/security-CVE-2011-2694.patch	2011-07-27 06:28:07 UTC (rev 3853)
@@ -0,0 +1,41 @@
+Goal: Fix possible XSS attack in SWAT
+
+Fixes: Upstream security fix. CVE-2011-2694
+
+Status wrt upstream: Fixed in 3.5.10
+
+Author: Kai Blin <kai at samba.org>
+
+Index: squeeze/source3/web/swat.c
+===================================================================
+--- squeeze.orig/source3/web/swat.c
++++ squeeze/source3/web/swat.c
+@@ -1121,11 +1121,9 @@
+ 	if(cgi_variable(CHG_S_PASSWD_FLAG)) {
+ 		printf("<p>");
+ 		if (rslt == True) {
+-			printf(_(" The passwd for '%s' has been changed."), cgi_variable_nonull(SWAT_USER));
+-			printf("\n");
++			printf("%s\n", _(" The passwd has been changed."));
+ 		} else {
+-			printf(_(" The passwd for '%s' has NOT been changed."), cgi_variable_nonull(SWAT_USER));
+-			printf("\n");
++			printf("%s\n", _(" The passwd has NOT been changed."));
+ 		}
+ 	}
+ 	
+@@ -1139,14 +1137,6 @@
+ {
+ 	const char *new_name = cgi_user_name();
+ 
+-	/* 
+-	 * After the first time through here be nice. If the user
+-	 * changed the User box text to another users name, remember it.
+-	 */
+-	if (cgi_variable(SWAT_USER)) {
+-		new_name = cgi_variable_nonull(SWAT_USER);
+-	} 
+-
+ 	if (!new_name) new_name = "";
+ 
+ 	printf("<H2>%s</H2>\n", _("Server Password Management"));

Modified: branches/samba/squeeze/debian/patches/series
===================================================================
--- branches/samba/squeeze/debian/patches/series	2011-07-26 21:45:54 UTC (rev 3852)
+++ branches/samba/squeeze/debian/patches/series	2011-07-27 06:28:07 UTC (rev 3853)
@@ -27,3 +27,4 @@
 bug_613624_upstream_7777_0001-First-part-of-fix-for-bug-7777-When-requesting-looku.patch
 bug_613624_upstream_7777_0002-Second-part-of-fix-for-bug-7777-When-requesting-look.patch
 upstream_7880_0001-s3-rpcclient-Fix-bug-7880-cmd_spoolss_deletedriver-r.patch
+security-CVE-2011-2694.patch

More information about the Pkg-samba-maint mailing list