security issues

Colin Watson cjwatson at ubuntu.com
Tue Mar 14 12:35:28 UTC 2006


On Tue, Mar 14, 2006 at 12:29:41PM +0000, Colin Watson wrote:
> The attached diff fixes the core of the problem, although some other
> changes were necessary to fix a related problem with preseeded
> passwords.

Of course I forgot to actually attach the diff. Done now.

-- 
Colin Watson                                       [cjwatson at ubuntu.com]
-------------- next part --------------
Index: debian/changelog
===================================================================
--- debian/changelog	(revision 35398)
+++ debian/changelog	(revision 35399)
@@ -16,6 +16,12 @@
     it's on the initrd and packages will get correct deps as they're
     recompiled against this.
 
+  [ Colin Watson ]
+  * Honour accept_types/reject_types for questions registered against
+    templates that were received in DATA commands over passthrough. This was
+    one of the root causes of Ubuntu's recent installer password disclosure
+    vulnerability.
+
  -- Attilio Fiandrotti <fiandro at tiscali.it>  Wed,  8 Mar 2006 22:40:40 +0100
 
 cdebconf (0.97) unstable; urgency=low
Index: src/commands.c
===================================================================
--- src/commands.c	(revision 35398)
+++ src/commands.c	(revision 35399)
@@ -804,11 +804,12 @@
             q->template = t;
             template_ref(t);
         }
+        t->lset(t, NULL, item, value);
         mod->questions->methods.set(mod->questions, q);
     }
+    else
+        t->lset(t, NULL, item, value);
 
-    t->lset(t, NULL, item, value);
-
     asprintf(&out, "%u OK", CMDSTATUS_SUCCESS);
     return out;
 }


More information about the ubuntu-users mailing list