diff --git a/rdesktop-CVE-2011-1595.patch b/rdesktop-CVE-2011-1595.patch new file mode 100644 index 0000000..b83d68c --- /dev/null +++ b/rdesktop-CVE-2011-1595.patch @@ -0,0 +1,24 @@ +Index: disk.c +=================================================================== +--- disk.c (revision 1620) ++++ disk.c (arbetskopia) +@@ -356,6 +356,19 @@ + filename[strlen(filename) - 1] = 0; + sprintf(path, "%s%s", g_rdpdr_device[device_id].local_path, filename); + ++ /* Protect against mailicous servers: ++ somelongpath/.. not allowed ++ somelongpath/../b not allowed ++ somelongpath/..b in principle ok, but currently not allowed ++ somelongpath/b.. ok ++ somelongpath/b..b ok ++ somelongpath/b../c ok ++ */ ++ if (strstr(path, "/..")) ++ { ++ return RD_STATUS_ACCESS_DENIED; ++ } ++ + switch (create_disposition) + { + case CREATE_ALWAYS: diff --git a/rdesktop.spec b/rdesktop.spec index 9aad1a0..04a041c 100644 --- a/rdesktop.spec +++ b/rdesktop.spec @@ -1,12 +1,13 @@ Name: rdesktop Version: 1.6.0 -Release: 9%{?dist} +Release: 10%{?dist} Summary: X client for remote desktop into Windows Terminal Server Group: User Interface/Desktops License: GPLv2+ URL: http://www.rdesktop.org/ Source0: http://downloads.sourceforge.net/rdesktop/%{name}-%{version}.tar.gz +Patch0: %{name}-CVE-2011-1595.patch BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: libao-devel BuildRequires: libX11-devel @@ -21,6 +22,7 @@ desktop. Unlike Citrix ICA, no server extensions are required. %prep %setup -q +%patch0 -p0 -b .CVE-2011-1595 %build %configure --with-ipv6 --enable-smartcard --with-sound=libao @@ -41,6 +43,9 @@ rm -rf $RPM_BUILD_ROOT %{_mandir}/man1/* %changelog +* Mon May 30 2011 Kalev Lember - 1.6.0-10 +- Prevent remote file access (CVE-2011-1595) + * Sat Nov 20 2010 Dominik Mierzejewski - 1.6.0-9 - add libao support (supports ALSA and PulseAudio, should fix bugs #503431 and #577878)