Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 175628 Details for
Bug 251343
dev-util/git <1.6.0.6 gitweb privilege escalation (CVE-2008-{5516,5517,5916})
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
gitweb hotfix for 1.5.[456].X
0001-gitweb-do-not-run-git-diff-that-is-Porcelain.txt (text/plain), 2.26 KB, created by
Robert Buchholz (RETIRED)
on 2008-12-17 18:48:33 UTC
(
hide
)
Description:
gitweb hotfix for 1.5.[456].X
Filename:
MIME Type:
Creator:
Robert Buchholz (RETIRED)
Created:
2008-12-17 18:48:33 UTC
Size:
2.26 KB
patch
obsolete
>>From dfff4b7aa42de7e7d58caeebe2c6128449f09b76 Mon Sep 17 00:00:00 2001 >From: Junio C Hamano <gitster@pobox.com> >Date: Tue, 16 Dec 2008 19:42:02 -0800 >Subject: [PATCH] gitweb: do not run "git diff" that is Porcelain > >Jakub says that legacy-style URI to view two blob differences are never >generated since 1.4.3. This codepath runs "git diff" Porcelain from the >gitweb, which is a no-no. It can trigger diff.external command that is >specified in the configuration file of the repository being viewed. > >This patch applies to v1.5.4 and later. > >Signed-off-by: Junio C Hamano <gitster@pobox.com> >--- > gitweb/gitweb.perl | 38 ++------------------------------------ > 1 files changed, 2 insertions(+), 36 deletions(-) > >diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl >index b582332..86a6ced 100755 >--- a/gitweb/gitweb.perl >+++ b/gitweb/gitweb.perl >@@ -4809,43 +4809,9 @@ sub git_blobdiff { > or die_error(undef, "Open git-diff-tree failed"); > } > >- # old/legacy style URI >- if (!%diffinfo && # if new style URI failed >- defined $hash && defined $hash_parent) { >- # fake git-diff-tree raw output >- $diffinfo{'from_mode'} = $diffinfo{'to_mode'} = "blob"; >- $diffinfo{'from_id'} = $hash_parent; >- $diffinfo{'to_id'} = $hash; >- if (defined $file_name) { >- if (defined $file_parent) { >- $diffinfo{'status'} = '2'; >- $diffinfo{'from_file'} = $file_parent; >- $diffinfo{'to_file'} = $file_name; >- } else { # assume not renamed >- $diffinfo{'status'} = '1'; >- $diffinfo{'from_file'} = $file_name; >- $diffinfo{'to_file'} = $file_name; >- } >- } else { # no filename given >- $diffinfo{'status'} = '2'; >- $diffinfo{'from_file'} = $hash_parent; >- $diffinfo{'to_file'} = $hash; >- } >- >- # non-textual hash id's can be cached >- if ($hash =~ m/^[0-9a-fA-F]{40}$/ && >- $hash_parent =~ m/^[0-9a-fA-F]{40}$/) { >- $expires = '+1d'; >- } >- >- # open patch output >- open $fd, "-|", git_cmd(), "diff", @diff_opts, >- '-p', ($format eq 'html' ? "--full-index" : ()), >- $hash_parent, $hash, "--" >- or die_error(undef, "Open git-diff failed"); >- } else { >+ # old/legacy style URI -- not generated anymore since 1.4.3. >+ if (!%diffinfo) { > die_error('404 Not Found', "Missing one of the blob diff parameters") >- unless %diffinfo; > } > > # header >-- >1.6.1.rc3.19.g66a9 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=175628">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 251343
: 175628 |
175629
|
176214
