From 2dd9b50183f71eb1519d212cb6f398ad1f1e7432 Mon Sep 17 00:00:00 2001 From: Toshio くらとみ Date: Jan 06 2008 19:12:46 +0000 Subject: - Fix a security bug with a backport of http://www.cherrypy.org/changeset/1775 - Include the egginfo files as well as the python files. --- diff --git a/cherrypy-2.2.1-security-sessionfilter.patch b/cherrypy-2.2.1-security-sessionfilter.patch new file mode 100644 index 0000000..f523501 --- /dev/null +++ b/cherrypy-2.2.1-security-sessionfilter.patch @@ -0,0 +1,12 @@ +diff -up CherryPy-2.2.1/cherrypy/filters/sessionfilter.py.sessionfix CherryPy-2.2.1/cherrypy/filters/sessionfilter.py +--- CherryPy-2.2.1/cherrypy/filters/sessionfilter.py.sessionfix 2008-01-06 08:54:39.000000000 -0800 ++++ CherryPy-2.2.1/cherrypy/filters/sessionfilter.py 2008-01-06 08:55:31.000000000 -0800 +@@ -326,6 +326,8 @@ class FileStorage: + raise SessionStoragePathNotConfiguredError() + fileName = self.SESSION_PREFIX + id + file_path = os.path.join(storage_path, fileName) ++ if not os.path.normpath(filePath).startswith(storagePath): ++ raise cherrypy.HTTPError(400, "Invalid session id in cookie.") + return file_path + + def _lock_file(self, path): diff --git a/python-cherrypy.spec b/python-cherrypy.spec index eb86079..942a6c8 100644 --- a/python-cherrypy.spec +++ b/python-cherrypy.spec @@ -2,7 +2,7 @@ Name: python-cherrypy Version: 2.2.1 -Release: 7%{?dist} +Release: 8%{?dist} Summary: A pythonic, object-oriented web development framework Group: Development/Libraries License: BSD @@ -12,6 +12,7 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Patch0: %{name}-tutorial-doc.patch Patch1: %{name}-regression-test.patch Patch2: %{name}-%{version}-EINTR.patch +Patch3: cherrypy-2.2.1-security-sessionfilter.patch BuildArch: noarch @@ -27,7 +28,9 @@ results in smaller source code developed in less time. %patch0 %patch1 %patch2 +%patch3 -p1 +%{__sed} -i 's/\r//' CHANGELOG.txt README.txt CHERRYPYTEAM.txt cherrypy/tutorial/README.txt %build %{__python} setup.py build @@ -47,16 +50,13 @@ rm -rf $RPM_BUILD_ROOT %defattr(-,root,root,-) %doc CHANGELOG.txt CHERRYPYTEAM.txt README.txt %doc cherrypy/tutorial -%dir %{python_sitelib}/cherrypy -%dir %{python_sitelib}/cherrypy/lib -%dir %{python_sitelib}/cherrypy/lib/filter -%{python_sitelib}/cherrypy/favicon.ico -%{python_sitelib}/cherrypy/*.py* -%{python_sitelib}/cherrypy/lib/*.py* -%{python_sitelib}/cherrypy/lib/filter/*.py* -%{python_sitelib}/cherrypy/filters/*.py* +%{python_sitelib}/* %changelog +* Sun Jan 6 2008 Toshio Kuratomi 2.2.1-8 +- Fix a security bug with a backport of http://www.cherrypy.org/changeset/1775 +- Include the egginfo files as well as the python files. + * Sat Nov 3 2007 Luke Macken 2.2.1-7 - Apply backported fix from http://www.cherrypy.org/changeset/1766 to improve CherryPy's SIGSTOP/SIGCONT handling (Bug #364911).