1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
#! /bin/sh /usr/share/dpatch/dpatch-run
## 013CVE-2008-4796.dpatch by Giuseppe Iuculano <giuseppe@iuculano.it>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Fixed CVE-2008-4796: missing input sanitising in embedded copy of Snoopy.class.php (Closes: #504234)
@DPATCH@
diff -urNad wordpress~/wp-includes/class-snoopy.php wordpress/wp-includes/class-snoopy.php
--- wordpress~/wp-includes/class-snoopy.php 2009-08-14 18:57:39.000000000 +0200
+++ wordpress/wp-includes/class-snoopy.php 2009-08-14 19:39:36.000000000 +0200
@@ -1013,8 +1013,7 @@
$headerfile = tempnam($temp_dir, "sno");
- $safer_URI = strtr( $URI, "\"", " " ); // strip quotes from the URI to avoid shell access
- exec(escapeshellcmd($this->curl_path." -D \"$headerfile\"".$cmdline_params." \"".$safer_URI."\""),$results,$return);
+ exec($this->curl_path." -k -D \"$headerfile\"".$cmdline_params." \"".escapeshellcmd($URI)."\"",$results,$return);
if($return)
{
|
