[Bug 782705] Re: command injection in ckbcomp
Launchpad Bug Tracker
782705 at bugs.launchpad.net
Tue Mar 20 04:30:17 UTC 2012
This bug was fixed in the package console-setup - 1.70ubuntu4
---------------
console-setup (1.70ubuntu4) precise; urgency=low
* Add definitions for four (ignored) dead-keys: dead_belowcomma,
dead_currency, dead_doublegrave, and dead_invertedbreve. Cherrypick
from Debian git.
(LP: #738314)
* Fix command injection in ckbcomp (thanks to Emanuel Bronshtein)
(LP: #782705)
-- Bryce Harrington <bryce at ubuntu.com> Mon, 19 Mar 2012 21:13:39 -0700
** Changed in: console-setup (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to console-setup in Ubuntu.
https://bugs.launchpad.net/bugs/782705
Title:
command injection in ckbcomp
Status in “console-setup” package in Ubuntu:
Fix Released
Bug description:
Binary package hint: console-setup
/usr/bin/ckbcomp have command injection bug .
test case :
root at emanuel-desktop:/tmp# touch "/etc/console-setup/compose.a;echo Systeminj;#.inc" "/usr/share/consoletrans/a;echo Systeminj;#.acm" "/tmp/CKB"
root at emanuel-desktop:/tmp# /usr/bin/ckbcomp "/tmp/CKB" -symbols "/tmp/CKB" -charmap "a;echo Systeminj;#"
WARNING: Can not find "" in "/tmp/CKB".
keymaps 0-127
strings as usual
cat: /etc/console-setup/compose.a: No such file or directory
Systeminj
the bug can be found at :
if ($charmap && -f "/etc/console-setup/compose.${charmap}.inc") {
system("cat /etc/console-setup/compose.${charmap}.inc");
}
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/console-setup/+bug/782705/+subscriptions
More information about the foundations-bugs
mailing list