[Pkg-samba-maint] r3857 - in branches/samba/lenny/debian: . patches

bubulle at alioth.debian.org bubulle at alioth.debian.org
Wed Jul 27 07:23:19 UTC 2011 

Author: bubulle
Date: 2011-07-27 07:23:18 +0000 (Wed, 27 Jul 2011)
New Revision: 3857

Added:
   branches/samba/lenny/debian/patches/security-CVE-2011-2694.patch
Modified:
   branches/samba/lenny/debian/changelog
   branches/samba/lenny/debian/patches/series
Log:
* Security update, fixing the following issue:
  - CVE-2011-2694: possible XSS attack in SWAT

Modified: branches/samba/lenny/debian/changelog
===================================================================
--- branches/samba/lenny/debian/changelog	2011-07-27 07:18:51 UTC (rev 3856)
+++ branches/samba/lenny/debian/changelog	2011-07-27 07:23:18 UTC (rev 3857)
@@ -1,3 +1,10 @@
+samba (2:3.2.5-4lenny15) UNRELEASED; urgency=low
+
+  * Security update, fixing the following issue:
+    - CVE-2011-2694: possible XSS attack in SWAT
+
+ -- Christian Perrier <bubulle at debian.org>  Wed, 27 Jul 2011 09:20:22 +0200
+
 samba (2:3.2.5-4lenny14) oldstable-security; urgency=high
 
   * Security update, fixing the following issue:

Added: branches/samba/lenny/debian/patches/security-CVE-2011-2694.patch
===================================================================
--- branches/samba/lenny/debian/patches/security-CVE-2011-2694.patch	                        (rev 0)
+++ branches/samba/lenny/debian/patches/security-CVE-2011-2694.patch	2011-07-27 07:23:18 UTC (rev 3857)
@@ -0,0 +1,41 @@
+Goal: Fix possible XSS attack in SWAT
+
+Fixes: Upstream security fix. CVE-2011-2694
+
+Status wrt upstream: Fixed in 3.5.10
+
+Author: Kai Blin <kai at samba.org>
+
+Index: lenny/source/web/swat.c
+===================================================================
+--- lenny.orig/source/web/swat.c
++++ lenny/source/web/swat.c
+@@ -1116,11 +1116,9 @@
+ 	if(cgi_variable(CHG_S_PASSWD_FLAG)) {
+ 		printf("<p>");
+ 		if (rslt == True) {
+-			printf(_(" The passwd for '%s' has been changed."), cgi_variable_nonull(SWAT_USER));
+-			printf("\n");
++			printf("%s\n", _(" The passwd has been changed."));
+ 		} else {
+-			printf(_(" The passwd for '%s' has NOT been changed."), cgi_variable_nonull(SWAT_USER));
+-			printf("\n");
++			printf("%s\n", _(" The passwd has NOT been changed."));
+ 		}
+ 	}
+ 	
+@@ -1134,14 +1132,6 @@
+ {
+ 	const char *new_name = cgi_user_name();
+ 
+-	/* 
+-	 * After the first time through here be nice. If the user
+-	 * changed the User box text to another users name, remember it.
+-	 */
+-	if (cgi_variable(SWAT_USER)) {
+-		new_name = cgi_variable_nonull(SWAT_USER);
+-	} 
+-
+ 	if (!new_name) new_name = "";
+ 
+ 	printf("<H2>%s</H2>\n", _("Server Password Management"));

Modified: branches/samba/lenny/debian/patches/series
===================================================================
--- branches/samba/lenny/debian/patches/series	2011-07-27 07:18:51 UTC (rev 3856)
+++ branches/samba/lenny/debian/patches/series	2011-07-27 07:23:18 UTC (rev 3857)
@@ -46,3 +46,4 @@
 security-CVE-2010-2063.patch
 security-CVE-2010-3069.patch
 security-CVE-2011-0719.patch
+security-CVE-2011-2694.patch

More information about the Pkg-samba-maint mailing list