From 3386c6f6b57e37d0bbc9e6b833525327c1172127 Mon Sep 17 00:00:00 2001 From: Andy Lutomirski Date: Aug 12 2014 01:26:23 +0000 Subject: Fix the fixes --- diff --git a/fish-webconfig-CVE-2014-2914-followup-4.patch b/fish-webconfig-CVE-2014-2914-followup-4.patch new file mode 100644 index 0000000..c0a2603 --- /dev/null +++ b/fish-webconfig-CVE-2014-2914-followup-4.patch @@ -0,0 +1,28 @@ +commit a7f1e81e6ac23fe4b6fd86023681e2975703078d +Author: Andy Lutomirski +Date: Mon Aug 11 18:18:21 2014 -0700 + + webconfig: Convert authkey to hex correctly + +diff --git a/share/tools/web_config/webconfig.py b/share/tools/web_config/webconfig.py +index 5c7d2b9..43d2ced 100755 +--- a/share/tools/web_config/webconfig.py ++++ b/share/tools/web_config/webconfig.py +@@ -17,7 +17,7 @@ else: + from urllib.parse import parse_qs + import webbrowser + import subprocess +-import re, socket, os, sys, cgi, select, time, glob, random, string ++import re, socket, os, sys, cgi, select, time, glob, random, string, binascii + try: + import json + except ImportError: +@@ -654,7 +654,7 @@ where = os.path.dirname(sys.argv[0]) + os.chdir(where) + + # Generate a 16-byte random key as a hexadecimal string +-authkey = hex(os.urandom(16))[2:] ++authkey = binascii.b2a_hex(os.urandom(16)) + + # Try to find a suitable port + PORT = 8000 diff --git a/fish.spec b/fish.spec index 8a96b26..e5760f2 100644 --- a/fish.spec +++ b/fish.spec @@ -18,6 +18,7 @@ Patch7: fish-upstream-CVE-2014-2906.patch Patch8: fish-webconfig-CVE-2014-2914-followup-1.patch Patch9: fish-webconfig-CVE-2014-2914-followup-2.patch Patch10: fish-webconfig-CVE-2014-2914-followup-3.patch +Patch11: fish-webconfig-CVE-2014-2914-followup-4.patch BuildRequires: ncurses-devel gettext groff doxygen @@ -39,6 +40,12 @@ nothing to learn or configure. %patch3 -p1 %patch4 -p1 %patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 # This is unused. If we fiddle with Python versions, its presence will # be confusing.