Viewing all changes in revision 585.1.1.
- Committer: sebi at glatzor
- Date: 2011-02-22 11:04:32 UTC
- mto: This revision was merged to the branch mainline in revision 586.
- Revision ID: sebi@glatzor.de-20110222110432-67qd769bt6kjxve6
Fix the security issue CVE-2011-0725 tracked in LP #722228 and add a
regression test.
The UpdateCache method allows to specify an alternative sources.list
snippet to only update the repositories specified in the corresponding
configuration file.
Aptdaemon did not restrict the path to the sources.list.d directory and
allowed to inject packages from malicious sources specified in a custom
sources.list and even to read every file on the system.
Thanks to Michael Vogt for the inital patch and test!
regression test.
The UpdateCache method allows to specify an alternative sources.list
snippet to only update the repositories specified in the corresponding
configuration file.
Aptdaemon did not restrict the path to the sources.list.d directory and
allowed to inject packages from malicious sources specified in a custom
sources.list and even to read every file on the system.
Thanks to Michael Vogt for the inital patch and test!
- files added:
- tests/regressions
- tests/regressions/aptdaemon
- files modified:
- aptdaemon/worker.py
expand all
collapse all
added
removed
