Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  news  community  lists  wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list] 
Date: Tue, 2 Sep 2008 14:28:18 +0200
From: Nico Golde <oss-security+ml@...lde.de>
To: oss-security@...ts.openwall.com
Subject: Re: CVE id request: newsbeuter

Hi,
* Nico Golde <oss-security+ml@...lde.de> [2008-09-01 12:09]:
> newsbeuter (http://www.newsbeuter.org) 1.1 fixes a security 
> issue that was discovered by J.H.M. Dassen (Ray) and is 
> fixed in svn revision 1429.
> 
> The previous version allowed to execute arbitrary code by a 
> crafted feed URL that is passed as a command line parameter 
> if the URL is opened by an external browser.
> 
> Upstream changelog:
>  1.1:
>         Added a line wrap for the article view's headers and the link list on the bottom (fixes Debian issue #491122)
>         Added test suite for functional tests of the user interface
>         Fixed quoting issue in open-in-browser command
>         ^^^^^
> 
> This issue should affect all newsbeuter versions < 1.1.

Update, it also affects 1.1, the fix is not sufficient, see 
Debian bug #497495. r1445 and r1447 is needed as an 
additional fix which now replaces all ' by their hex 
representations so this affects < 1.2.

Kind regards
Nico
-- 
Nico Golde - http://www.ngolde.de - nion@...ber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux