aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFrancesco Colista <fcolista@alpinelinux.org>2020-08-31 07:12:26 +0000
committerFrancesco Colista <fcolista@alpinelinux.org>2020-08-31 07:12:26 +0000
commite3dcbc68fa5a3a71c9d36ba30b139cbedc428de1 (patch)
tree4b52d6e777dea84bcfb3ea74de9c4fb993846e18
parent207c4f917f17baa00a5cfdf1c68dfbf8149ff904 (diff)
community/icingaweb2: security fix for CVE-2020-24368. Fixes #11897
-rw-r--r--community/icingaweb2/APKBUILD12
-rw-r--r--community/icingaweb2/CVE-2020-24368.patch36
2 files changed, 45 insertions, 3 deletions
diff --git a/community/icingaweb2/APKBUILD b/community/icingaweb2/APKBUILD
index 9e3e1d601b0..a8e29cbeb6a 100644
--- a/community/icingaweb2/APKBUILD
+++ b/community/icingaweb2/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
pkgname=icingaweb2
pkgver=2.7.3
-pkgrel=1
+pkgrel=2
pkgdesc="Web Interface for Icinga2"
url="http://www.icinga.org"
arch="noarch !armhf !armv7 !s390x !mips !mips64"
@@ -17,9 +17,14 @@ pkggroups="icingaweb2"
options="!check"
install="$pkgname.pre-install $pkgname.post-install"
subpackages="$pkgname-doc $pkgname-bash-completion:bashcomp:noarch"
-source="$pkgname-$pkgver.tar.gz::https://github.com/Icinga/${pkgname}/archive/v$pkgver.tar.gz"
+source="$pkgname-$pkgver.tar.gz::https://github.com/Icinga/${pkgname}/archive/v$pkgver.tar.gz
+CVE-2020-24368.patch"
builddir="$srcdir"/$pkgname-$pkgver
+# secfixes:
+# 2.7.3-r2:
+# - CVE-2020-24368
+
build() {
cd "$builddir"
return 0
@@ -66,4 +71,5 @@ bashcomp() {
mv etc/bash_completion.d/icingacli "$subpkgdir"/usr/share/bash-completion/completions/icingacli
}
-sha512sums="eee3f81bb3eb29eeaeffe2f890639a12d75f9acf3b7c6649faaff3ab817ab2a5b6cd93b31637794969817f2d42ef5a46704fdc09488642caf6380f57c90d97cb icingaweb2-2.7.3.tar.gz"
+sha512sums="eee3f81bb3eb29eeaeffe2f890639a12d75f9acf3b7c6649faaff3ab817ab2a5b6cd93b31637794969817f2d42ef5a46704fdc09488642caf6380f57c90d97cb icingaweb2-2.7.3.tar.gz
+61bd4e4f1508f12a83e75f95cfc3947304b9c9d481477437ccdd622a65eb2114da67e5480b2bf49378b1122951e593338550ccc398dbf257e26f28bdb47480a6 CVE-2020-24368.patch"
diff --git a/community/icingaweb2/CVE-2020-24368.patch b/community/icingaweb2/CVE-2020-24368.patch
new file mode 100644
index 00000000000..a374a673de7
--- /dev/null
+++ b/community/icingaweb2/CVE-2020-24368.patch
@@ -0,0 +1,36 @@
+From 3035efac65ca2f7977916bd117056aa411776dfd Mon Sep 17 00:00:00 2001
+From: Johannes Meyer <johannes.meyer@icinga.com>
+Date: Fri, 14 Aug 2020 11:46:19 +0200
+Subject: [PATCH] static/img: Make sure to correctly access module images
+
+fixes #4226
+---
+ application/controllers/StaticController.php | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/application/controllers/StaticController.php b/application/controllers/StaticController.php
+index 3667ef67fc..d75ef7243a 100644
+--- a/application/controllers/StaticController.php
++++ b/application/controllers/StaticController.php
+@@ -68,16 +68,16 @@ public function gravatarAction()
+ */
+ public function imgAction()
+ {
+- $moduleRoot = Icinga::app()
++ $imgRoot = Icinga::app()
+ ->getModuleManager()
+ ->getModule($this->getParam('module_name'))
+- ->getBaseDir();
++ ->getBaseDir() . '/public/img/';
+
+ $file = $this->getParam('file');
+- $filePath = realpath($moduleRoot . '/public/img/' . $file);
++ $filePath = realpath($imgRoot . $file);
+
+- if ($filePath === false) {
+- $this->httpNotFound('%s does not exist', $filePath);
++ if ($filePath === false || substr($filePath, 0, strlen($imgRoot)) !== $imgRoot) {
++ $this->httpNotFound('%s does not exist', $file);
+ }
+
+ if (preg_match('/\.([a-z]+)$/i', $file, $m)) {