← Back to branch summary

~ubuntu-branches/ubuntu/gutsy/awstats/gutsy-updates

« back to all changes in this revision

Viewing changes to debian/patches/1001_sanitize_more.patch

  • Committer: Bazaar Package Importer
  • Author(s): Martin Pitt, CVE-2006-2237
  • Date: 2006-05-22 21:51:34 UTC
  • Revision ID: james.westby@ubuntu.com-20060522215134-wfjebcfggqkgsvf9
Tags: 6.5-1ubuntu1
* SECURITY UPDATE: Cross-site scripting.
* debian/patches/1001_sanitize_more.patch:
  - Use the Sanitize function to filter out arbitrary HTML from 'diricons'
    parameter (analoguous to CVE-2006-1945, which is already fixed in this
    version).
  - Sanitize MigrateStats parameter (XSS if statistics updates are enabled).
    [CVE-2006-2237]
  - Patch from upstream CVS, taken from Debian's 6.5-2 version.

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/1001_sanitize_more.patch
1
 
diff -urNad awstats~/wwwroot/cgi-bin/awstats.pl awstats/wwwroot/cgi-bin/awstats.pl
2
 
--- awstats~/wwwroot/cgi-bin/awstats.pl 2005-11-24 15:11:19.000000000 -0500
3
 
+++ awstats/wwwroot/cgi-bin/awstats.pl  2006-01-04 00:41:10.957371836 -0500
4
 
@@ -5542,7 +5542,7 @@
 
1
Index: awstats-6.5/wwwroot/cgi-bin/awstats.pl
 
2
===================================================================
 
3
--- awstats-6.5.orig/wwwroot/cgi-bin/awstats.pl 2005-11-24 15:11:19.000000000 -0500
 
4
+++ awstats-6.5/wwwroot/cgi-bin/awstats.pl      2006-05-05 16:43:12.000000000 -0400
 
5
@@ -5542,8 +5542,8 @@
5
6
        # No update but report by default when run from a browser
6
7
        $UpdateStats=($QueryString=~/update=1/i?1:0);
7
8
 
8
9
-       if ($QueryString =~ /config=([^&]+)/i)                          { $SiteConfig=&DecodeEncodedString("$1"); }
 
10
-       if ($QueryString =~ /diricons=([^&]+)/i)                        { $DirIcons=&DecodeEncodedString("$1"); }
9
11
+       if ($QueryString =~ /config=([^&]+)/i)                          { $SiteConfig=&Sanitize(&DecodeEncodedString("$1")); }
10
 
        if ($QueryString =~ /diricons=([^&]+)/i)                        { $DirIcons=&DecodeEncodedString("$1"); }
 
12
+       if ($QueryString =~ /diricons=([^&]+)/i)                        { $DirIcons=&Sanitize(&DecodeEncodedString("$1")); }
11
13
        if ($QueryString =~ /pluginmode=([^&]+)/i)                      { $PluginMode=&Sanitize(&DecodeEncodedString("$1"),1); }
12
14
        if ($QueryString =~ /configdir=([^&]+)/i)                       { $DirConfig=&Sanitize(&DecodeEncodedString("$1")); }
13
 
@@ -5591,7 +5591,7 @@
 
15
        # All filters
 
16
@@ -5561,7 +5561,7 @@
 
17
 
 
18
        # If migrate
 
19
        if ($QueryString =~ /(^|-|&|&)migrate=([^&]+)/i)    {
 
20
-               $MigrateStats=&DecodeEncodedString("$2"); 
 
21
+               $MigrateStats=&Sanitize(&DecodeEncodedString("$2"));
 
22
                $MigrateStats =~ /^(.*)$PROG(\d{0,2})(\d\d)(\d\d\d\d)(.*)\.txt$/;
 
23
                $SiteConfig=$5?$5:'xxx'; $SiteConfig =~ s/^\.//;                # SiteConfig is used to find config file
 
24
        }
 
25
@@ -5591,8 +5591,8 @@
14
26
        # Update with no report by default when run from command line
15
27
        $UpdateStats=1;
16
28
 
17
29
-       if ($QueryString =~ /config=([^&]+)/i)                          { $SiteConfig="$1"; }
 
30
-       if ($QueryString =~ /diricons=([^&]+)/i)                        { $DirIcons="$1"; }
18
31
+       if ($QueryString =~ /config=([^&]+)/i)                          { $SiteConfig=&Sanitize("$1"); }
19
 
        if ($QueryString =~ /diricons=([^&]+)/i)                        { $DirIcons="$1"; }
 
32
+       if ($QueryString =~ /diricons=([^&]+)/i)                        { $DirIcons=&Sanitize("$1"); }
20
33
        if ($QueryString =~ /pluginmode=([^&]+)/i)                      { $PluginMode=&Sanitize("$1",1); }
21
34
        if ($QueryString =~ /configdir=([^&]+)/i)                       { $DirConfig=&Sanitize("$1"); }
 
35
        # All filters