Apply patch to avoid truncating of arbitrary files. Thanks to Bryan

Donlan <bdonlan@fushizen.net> for the patch. Closes: #482476

diff --git a/apt-pkg/contrib/fileutl.cc b/apt-pkg/contrib/fileutl.cc
index 2b7e25080ef52578fbf672331a0e549ec5476073..a5976cf3af811fb3abe6b3d0c966a6b2b6779b02 100644 (file)
--- a/apt-pkg/contrib/fileutl.cc
+++ b/apt-pkg/contrib/fileutl.cc
@@ -138,7 +138,9 @@ bool CopyFile(FileFd &From,FileFd &To)
    close at some time. */
 int GetLock(string File,bool Errors)
 {
    close at some time. */
 int GetLock(string File,bool Errors)
 {

-   int FD = open(File.c_str(),O_RDWR | O_CREAT | O_TRUNC,0640);
+   // GetLock() is used in aptitude on directories with public-write access
+   // Use O_NOFOLLOW here to prevent symlink traversal attacks
+   int FD = open(File.c_str(),O_RDWR | O_CREAT | O_NOFOLLOW,0640);

    if (FD < 0)
    {
       // Read only .. cant have locking problems there.
    if (FD < 0)
    {
       // Read only .. cant have locking problems there.

diff --git a/debian/changelog b/debian/changelog
index 3f08fda43deee8b72bcd27aabbccad39b0cadf11..20f9c6a9fc12acdf645c4fb41d5ec55b5cf2de71 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -27,6 +27,10 @@ apt (0.7.14) UNRELEASED; urgency=low
   * Brazilian Portuguese updated. Closes: #480561
   * Hungarian updated. Closes: #480662
 
   * Brazilian Portuguese updated. Closes: #480561
   * Hungarian updated. Closes: #480662
 

+  [ Otavio Salvador ]
+  * Apply patch to avoid truncating of arbitrary files. Thanks to Bryan
+    Donlan <bdonlan@fushizen.net> for the patch. Closes: #482476
+

  -- Christian Perrier <bubulle@debian.org>  Sun, 04 May 2008 08:31:06 +0200
 
 apt (0.7.13) unstable; urgency=low
  -- Christian Perrier <bubulle@debian.org>  Sun, 04 May 2008 08:31:06 +0200
 
 apt (0.7.13) unstable; urgency=low