mirror of https://github.com/fail2ban/fail2ban
CVE-2012-5642: Escape the content of <matches> since its value could contain arbitrary symbols (Closes: #696184)
Yaroslav Halchenko
parent
826f53f92d
commit
9b85c6ec4e
|
|
@ -1,3 +1,10 @@
|
||||||
|
fail2ban (0.8.6-3wheezy1) unstable; urgency=high
|
||||||
|
|
||||||
|
* CVE-2012-5642: Escape the content of <matches> since its value could
|
||||||
|
contain arbitrary symbols (Closes: #696184)
|
||||||
|
|
||||||
|
-- Yaroslav Halchenko <debian@onerussian.com> Mon, 17 Dec 2012 13:19:32 -0500
|
||||||
|
|
||||||
fail2ban (0.8.6-3) unstable; urgency=low
|
fail2ban (0.8.6-3) unstable; urgency=low
|
||||||
|
|
||||||
* Added dovecot section to Debian's jail.conf. Thanks to Laurent
|
* Added dovecot section to Debian's jail.conf. Thanks to Laurent
|
||||||
|
|
|
||||||
|
|
@ -1 +1,2 @@
|
||||||
|
up_escape-the-content-of-matches.patch
|
||||||
deb_manpages_reportbug
|
deb_manpages_reportbug
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,47 @@
|
||||||
|
From: Yaroslav Halchenko <debian@onerussian.com>
|
||||||
|
Date: Mon, 8 Oct 2012 22:14:51 -0400
|
||||||
|
Subject: [PATCH] BF: escape the content of <matches> since its value could contain arbitrary symbols
|
||||||
|
|
||||||
|
Contains two commits 83109bce144f443a48ef31165a5389b7b83f4e0e and 09355663f7a3c0409e08efdebf98b1bbf47d1d9c
|
||||||
|
|
||||||
|
Bug-Debian: http://bugs.debian.org/696184
|
||||||
|
Origin: upstream
|
||||||
|
|
||||||
|
---
|
||||||
|
server/action.py | 18 +++++++++++++++---
|
||||||
|
1 file changed, 15 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
--- a/server/action.py
|
||||||
|
+++ b/server/action.py
|
||||||
|
@@ -230,7 +230,14 @@ class Action:
|
||||||
|
def execActionStop(self):
|
||||||
|
stopCmd = Action.replaceTag(self.__actionStop, self.__cInfo)
|
||||||
|
return Action.executeCmd(stopCmd)
|
||||||
|
-
|
||||||
|
+
|
||||||
|
+ def escapeTag(tag):
|
||||||
|
+ for c in '\\#&;`|*?~<>^()[]{}$\n':
|
||||||
|
+ if c in tag:
|
||||||
|
+ tag = tag.replace(c, '\\' + c)
|
||||||
|
+ return tag
|
||||||
|
+ escapeTag = staticmethod(escapeTag)
|
||||||
|
+
|
||||||
|
##
|
||||||
|
# Replaces tags in query with property values in aInfo.
|
||||||
|
#
|
||||||
|
@@ -243,8 +250,13 @@ class Action:
|
||||||
|
""" Replace tags in query
|
||||||
|
"""
|
||||||
|
string = query
|
||||||
|
- for tag in aInfo:
|
||||||
|
- string = string.replace('<' + tag + '>', str(aInfo[tag]))
|
||||||
|
+ for tag, value in aInfo.iteritems():
|
||||||
|
+ value = str(value) # assure string
|
||||||
|
+ if tag == 'matches':
|
||||||
|
+ # That one needs to be escaped since its content is
|
||||||
|
+ # out of our control
|
||||||
|
+ value = Action.escapeTag(value)
|
||||||
|
+ string = string.replace('<' + tag + '>', value)
|
||||||
|
# New line
|
||||||
|
string = string.replace("<br>", '\n')
|
||||||
|
return string
|
||||||
Loading…
Reference in New Issue