~ubuntu-branches/ubuntu/oneiric/nova/oneiric-updates

Committer: Package Import Robot
Author(s): Jamie Strandboge
Date: 2012-08-17 13:55:33 UTC
Revision ID: package-import@ubuntu.com-20120817135533-987ztcloeqahiv01

Tags: 2011.3-0ubuntu6.10

* SECURITY UPDATE: Prohibit file injection writing to host filesystem
  - debian/patches/CVE-2012-3447.patch: update to perform the file name
    canonicalization as the root user
  - CVE-2012-3447

files added:
.pc/CVE-2012-3447.patch

.pc/CVE-2012-3447.patch/nova

.pc/CVE-2012-3447.patch/nova/tests

.pc/CVE-2012-3447.patch/nova/tests/test_virt.py

.pc/CVE-2012-3447.patch/nova/tests/test_xenapi.py

.pc/CVE-2012-3447.patch/nova/virt

.pc/CVE-2012-3447.patch/nova/virt/disk.py

debian/patches/CVE-2012-3447.patch

files modified:
.pc/applied-patches

debian/changelog

debian/patches/series

nova/tests/test_virt.py

nova/tests/test_xenapi.py

nova/virt/disk.py

Show diffs side-by-side

added added

removed removed

nova/virt/disk.py

275

mounted guest fs. Trying to be clever and specifying a

276

path with '..' in it will hit this safeguard.

277

'''

278

absolute_path = os.path.realpath(os.path.join(fs, *args))

278

absolute_path, _err = utils.execute('readlink', '-nm',

279

os.path.join(fs, *args),

280

run_as_root=True)

279

281

if not absolute_path.startswith(os.path.realpath(fs) + '/'):

280

282

raise exception.Invalid()

281

283

return absolute_path

Older »