Fix CVE-2014-2914

epel9
Andy Lutomirski 11 years ago
parent fa9ec4d735
commit fbcf04f8c5

@ -0,0 +1,47 @@
From 10642a34f17ae45bd93be3ae6021ee920d3da0c2 Mon Sep 17 00:00:00 2001
Message-Id: <10642a34f17ae45bd93be3ae6021ee920d3da0c2.1398707555.git.luto@amacapital.net>
In-Reply-To: <3c5d5b344ee945b99e4bb16a44af6f293601813d.1398707555.git.luto@amacapital.net>
References: <3c5d5b344ee945b99e4bb16a44af6f293601813d.1398707555.git.luto@amacapital.net>
From: Anders Bergh <anders1@gmail.com>
Date: Tue, 4 Mar 2014 09:59:26 +0100
Subject: [PATCH 2/4] fish_config: Listen on both IPv6 and IPv4.
A subclass of TCPServer was created to deny any non-local connections and to
listen using an IPv6 socket.
---
share/tools/web_config/webconfig.py | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/share/tools/web_config/webconfig.py b/share/tools/web_config/webconfig.py
index f735a02..1b9250b 100755
--- a/share/tools/web_config/webconfig.py
+++ b/share/tools/web_config/webconfig.py
@@ -250,6 +250,16 @@ class FishVar:
if self.exported: flags.append('exported')
return [self.name, self.value, ', '.join(flags)]
+class FishConfigTCPServer(SocketServer.TCPServer):
+ """TCPServer that only accepts connections from localhost (IPv4/IPv6)."""
+ WHITELIST = set(['::1', '::ffff:127.0.0.1', '127.0.0.1'])
+
+ address_family = socket.AF_INET6
+
+ def verify_request(self, request, client_address):
+ return client_address[0] in FishConfigTCPServer.WHITELIST
+
+
class FishConfigHTTPRequestHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
def write_to_wfile(self, txt):
@@ -613,7 +623,7 @@ PORT = 8000
while PORT <= 9000:
try:
Handler = FishConfigHTTPRequestHandler
- httpd = SocketServer.TCPServer(("", PORT), Handler)
+ httpd = FishConfigTCPServer(("::", PORT), Handler)
# Success
break
except socket.error:
--
1.9.0

@ -1,6 +1,6 @@
Name: fish Name: fish
Version: 2.1.0 Version: 2.1.0
Release: 8%{?dist} Release: 9%{?dist}
Summary: A friendly interactive shell Summary: A friendly interactive shell
Group: System Environment/Shells Group: System Environment/Shells
@ -10,8 +10,9 @@ Source0: http://fishshell.com/files/%{version}/fish-%{version}.ta
Patch0: fish-remove-usr-local.patch Patch0: fish-remove-usr-local.patch
Patch1: fish-add-link-cxxflags.patch Patch1: fish-add-link-cxxflags.patch
Patch2: fish-use-usrbinpython.patch Patch2: fish-use-usrbinpython.patch
Patch3: fish-upstream-CVE-2014-2905.patch Patch3: fish-upstream-CVE-2014-2914.patch
Patch4: fish-upstream-CVE-2014-2906.patch Patch4: fish-upstream-CVE-2014-2905.patch
Patch5: fish-upstream-CVE-2014-2906.patch
BuildRequires: ncurses-devel gettext groff doxygen BuildRequires: ncurses-devel gettext groff doxygen
@ -32,6 +33,7 @@ nothing to learn or configure.
%patch2 -p1 %patch2 -p1
%patch3 -p1 %patch3 -p1
%patch4 -p1 %patch4 -p1
%patch5 -p1
# This is unused. If we fiddle with Python versions, its presence will # This is unused. If we fiddle with Python versions, its presence will
# be confusing. # be confusing.
@ -84,6 +86,9 @@ fi
%changelog %changelog
* Mon Apr 28 2014 Andy Lutomirski <luto@mit.edu> - 2.1.0-9
- Fix CVE-2014-2914
* Mon Apr 28 2014 Andy Lutomirski <luto@mit.edu> - 2.1.0-8 * Mon Apr 28 2014 Andy Lutomirski <luto@mit.edu> - 2.1.0-8
- Fix build failure - Fix build failure

Loading…
Cancel
Save