Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

insufficient path escaping when opening fies

Related Vulnerabilities: CVE-2009-1440  

Source

Debian Bug report logs - #525078
insufficient path escaping when opening fies

version graph

Package: amule; Maintainer for amule is Sandro Tosi <morph@debian.org>; Source for amule is src:amule (PTS, buildd, popcon).

Reported by: Sam Hocevar <sam@zoy.org>

Date: Tue, 21 Apr 2009 22:45:01 UTC

Severity: important

Tags: security, upstream

Found in version amule/2.2.4-1

Fixed in versions amule/2.2.5-1.1, amule/2.2.1-1+lenny2

Done: Steffen Joeris <white@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Debian Security Team <team@security.debian.org>, Debian Testing Security Team <secure-testing-team@lists.alioth.debian.org>, Adeodato Simó <dato@net.com.org.es>:
Bug#525078; Package amule. (Tue, 21 Apr 2009 22:45:04 GMT) (full text, mbox, link).

Acknowledgement sent to Sam Hocevar <sam@zoy.org>:
New Bug report received and forwarded. Copy sent to Debian Security Team <team@security.debian.org>, Debian Testing Security Team <secure-testing-team@lists.alioth.debian.org>, Adeodato Simó <dato@net.com.org.es>. (Tue, 21 Apr 2009 22:45:04 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Sam Hocevar <sam@zoy.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: insufficient path escaping when opening fies
Date: Wed, 22 Apr 2009 00:42:30 +0200
Package: amule
Version: 2.2.4-1+b1
Severity: normal
Tags: security upstream

   src/DownloadListCtrl.cpp does the following (code edited for
clarification):

command = wxT("xterm -T \"aMule Preview\" -iconic -e mplayer '$file'");
[...]
wxString rawFileName = file->GetFullName().GetRaw();
command.Replace(wxT("$file"), rawFileName);
[...]
wxExecute(command, wxEXEC_ASYNC, p);

   Although file->GetFullName() is sanitised by removing :/<> and
probably other characters, the single tick (') is neither filtered
away nor escaped. Thus it is possible to craft a file name that
passes remotely defined arguments to the video player.

   A side effect is that it is impossible to open a downloaded file that
has a "'" character in its name.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.28.7 (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages amule depends on:
ii  amule-common           2.2.4-1           common files for the rest of aMule
ii  libc6                  2.9-7             GNU C Library: Shared libraries
ii  libcrypto++8           5.6.0-1           General purpose cryptographic libr
ii  libgcc1                1:4.3.3-8         GCC support library
ii  libgeoip1              1.4.6.dfsg-2      A non-DNS IP-to-country resolver l
ii  libstdc++6             4.3.3-8           The GNU Standard C++ Library v3
ii  libupnp3               1:1.6.6-3         Portable SDK for UPnP Devices (sha
ii  libwxbase2.8-0         2.8.7.1-1.1       wxBase library (runtime) - non-GUI
ii  libwxgtk2.8-0          2.8.7.1-1.1       wxWidgets Cross-platform C++ GUI t
ii  zlib1g                 1:1.2.3.3.dfsg-13 compression library - runtime

Versions of packages amule recommends:
ii  amule-utils                   2.2.4-1+b1 utilities for aMule (command-line 

Versions of packages amule suggests:
ii  amule-utils-gui               2.2.4-1+b1 graphic utilities for aMule

-- no debconf information

Severity set to `important' from `normal' Request was from Nico Golde <nion@debian.org> to control@bugs.debian.org. (Wed, 22 Apr 2009 00:12:02 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Adeodato Simó <dato@net.com.org.es>:
Bug#525078; Package amule. (Wed, 29 Apr 2009 18:36:05 GMT) (full text, mbox, link).

Acknowledgement sent to Nico Golde <nion@debian.org>:
Extra info received and forwarded to list. Copy sent to Adeodato Simó <dato@net.com.org.es>. (Wed, 29 Apr 2009 18:36:05 GMT) (full text, mbox, link).

Message #12 received at 525078@bugs.debian.org (full text, mbox, reply):

From: Nico Golde <nion@debian.org>
To: 525078@bugs.debian.org
Subject: cve id assigned
Date: Wed, 29 Apr 2009 20:32:01 +0200
[Message part 1 (text/plain, inline)]
Hi,
CVE-2009-1440 has been assigned to this.

Cheers
Nico

-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Adeodato Simó <dato@net.com.org.es>:
Bug#525078; Package amule. (Mon, 08 Jun 2009 04:36:02 GMT) (full text, mbox, link).

Acknowledgement sent to Steffen Joeris <steffen.joeris@skolelinux.de>:
Extra info received and forwarded to list. Copy sent to Adeodato Simó <dato@net.com.org.es>. (Mon, 08 Jun 2009 04:36:02 GMT) (full text, mbox, link).

Message #17 received at 525078@bugs.debian.org (full text, mbox, reply):

From: Steffen Joeris <steffen.joeris@skolelinux.de>
To: Sam Hocevar <sam@zoy.org>, 525078@bugs.debian.org
Subject: single tick escaping
Date: Mon, 8 Jun 2009 14:34:57 +1000
[Message part 1 (text/plain, inline)]
Hi Sam

How about the lines below (2300-2302)?
#ifndef __WXMSW__
                rawFileName.Replace(QUOTE, wxT("'\"'\"'"));
#endif

Wouldn't it be sufficient to just run this over rawFileName at any time and 
escape the single tick or am I missing something?

Cheers
Steffen

[Message part 2 (text/html, inline)]
[signature.asc (application/pgp-signature, inline)]

Reply sent to Steffen Joeris <steffen.joeris@skolelinux.de>:
You have taken responsibility. (Mon, 15 Jun 2009 10:18:11 GMT) (full text, mbox, link).

Notification sent to Sam Hocevar <sam@zoy.org>:
Bug acknowledged by developer. (Mon, 15 Jun 2009 10:18:12 GMT) (full text, mbox, link).

Message #22 received at 525078-done@bugs.debian.org (full text, mbox, reply):

From: Steffen Joeris <steffen.joeris@skolelinux.de>
To: 525078-done@bugs.debian.org
Subject: already fixed
Date: Mon, 15 Jun 2009 19:57:29 +1000
[Message part 1 (text/plain, inline)]
Version: 2.2.5-1

Hi

The code snippet is upstream's security fix. Testing it now and preparing DSA.

Cheers
Steffen

[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Adeodato Simó <dato@net.com.org.es>:
Bug#525078; Package amule. (Wed, 17 Jun 2009 22:30:12 GMT) (full text, mbox, link).

Acknowledgement sent to Sam Hocevar <sam@zoy.org>:
Extra info received and forwarded to list. Copy sent to Adeodato Simó <dato@net.com.org.es>. (Wed, 17 Jun 2009 22:30:12 GMT) (full text, mbox, link).

Message #27 received at 525078@bugs.debian.org (full text, mbox, reply):

From: Sam Hocevar <sam@zoy.org>
To: Steffen Joeris <steffen.joeris@skolelinux.de>
Cc: 525078@bugs.debian.org
Subject: Re: already fixed
Date: Thu, 18 Jun 2009 00:18:18 +0200
reopen 525078
thanks

On Mon, Jun 15, 2009, Steffen Joeris wrote:

> The code snippet is upstream's security fix. Testing it now and preparing DSA.

   Unfortunately it doesn't work properly. It looks like upstream didn't
even bother to test the fix.

   Quick (and harmless) way to simulate an attack and reproduce the bug:

    - run amule from the command line
    - set video player to "vlc" in the preferences
    - start downloading a file (use the search tool to find a small
      txt file)
    - pause download using right click -> Pause
    - rename file to '-vvvv.avi (with a leading tick) using right
      click -> Show File Details
    - resume download, wait for completion
    - double click on the file
    - you should see VLC's very verbose debug messages in amule's console,
      indicating that it has been called with -vvvv.avi as an extra
      argument, increasing its verbosity

   The following fix works, though (tested with 2.2.5):

     rawFileName.Replace(QUOTE, wxT("\\") QUOTE);

-- 
Sam.

Bug reopened, originator not changed. Request was from Sam Hocevar <sam@zoy.org> to control@bugs.debian.org. (Wed, 17 Jun 2009 22:30:15 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Adeodato Simó <dato@net.com.org.es>:
Bug#525078; Package amule. (Mon, 22 Jun 2009 02:12:02 GMT) (full text, mbox, link).

Acknowledgement sent to Steffen Joeris <steffen.joeris@skolelinux.de>:
Extra info received and forwarded to list. Copy sent to Adeodato Simó <dato@net.com.org.es>. (Mon, 22 Jun 2009 02:12:02 GMT) (full text, mbox, link).

Message #34 received at 525078@bugs.debian.org (full text, mbox, reply):

From: Steffen Joeris <steffen.joeris@skolelinux.de>
To: 525078@bugs.debian.org
Subject: NMU patch
Date: Mon, 22 Jun 2009 12:10:48 +1000
[Message part 1 (text/plain, inline)]
Hi

Attached is the NMU patch.

Cheers
Steffen

[nmu.patch (text/x-patch, attachment)]
[signature.asc (application/pgp-signature, inline)]

Reply sent to Steffen Joeris <white@debian.org>:
You have taken responsibility. (Mon, 22 Jun 2009 03:27:09 GMT) (full text, mbox, link).

Notification sent to Sam Hocevar <sam@zoy.org>:
Bug acknowledged by developer. (Mon, 22 Jun 2009 03:27:10 GMT) (full text, mbox, link).

Message #39 received at 525078-close@bugs.debian.org (full text, mbox, reply):

From: Steffen Joeris <white@debian.org>
To: 525078-close@bugs.debian.org
Subject: Bug#525078: fixed in amule 2.2.5-1.1
Date: Mon, 22 Jun 2009 03:17:47 +0000
Source: amule
Source-Version: 2.2.5-1.1

We believe that the bug you reported is fixed in the latest version of
amule, which is due to be installed in the Debian FTP archive:

amule-common_2.2.5-1.1_all.deb
  to pool/main/a/amule/amule-common_2.2.5-1.1_all.deb
amule-daemon_2.2.5-1.1_i386.deb
  to pool/main/a/amule/amule-daemon_2.2.5-1.1_i386.deb
amule-utils-gui_2.2.5-1.1_i386.deb
  to pool/main/a/amule/amule-utils-gui_2.2.5-1.1_i386.deb
amule-utils_2.2.5-1.1_i386.deb
  to pool/main/a/amule/amule-utils_2.2.5-1.1_i386.deb
amule_2.2.5-1.1.diff.gz
  to pool/main/a/amule/amule_2.2.5-1.1.diff.gz
amule_2.2.5-1.1.dsc
  to pool/main/a/amule/amule_2.2.5-1.1.dsc
amule_2.2.5-1.1_i386.deb
  to pool/main/a/amule/amule_2.2.5-1.1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 525078@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steffen Joeris <white@debian.org> (supplier of updated amule package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 18 Jun 2009 14:10:54 +0000
Source: amule
Binary: amule amule-common amule-utils amule-utils-gui amule-daemon
Architecture: source i386 all
Version: 2.2.5-1.1
Distribution: unstable
Urgency: high
Maintainer: Adeodato Simó <dato@net.com.org.es>
Changed-By: Steffen Joeris <white@debian.org>
Description: 
 amule      - client for the eD2k and Kad networks, like eMule
 amule-common - common files for the rest of aMule packages
 amule-daemon - non-graphic version of aMule, a client for the eD2k and Kad netwo
 amule-utils - utilities for aMule (command-line version)
 amule-utils-gui - graphic utilities for aMule
Closes: 525078
Changes: 
 amule (2.2.5-1.1) unstable; urgency=high
 .
   * Non-maintainer upload by the security team
   * Make sure that the single tick is handled properly in order to avoid
     code execution (Closes: #525078)
     Fixes: CVE-2009-1440
Checksums-Sha1: 
 eca69d1f728bd9eb5fd5d0166a2d22f07be2fbcb 1354 amule_2.2.5-1.1.dsc
 56fac5bec7be4578bc7ffe07abae977f358278b7 22380 amule_2.2.5-1.1.diff.gz
 7a79d557b4878073b8fa533cb41b1f407ec0de8a 1837034 amule_2.2.5-1.1_i386.deb
 ba992080be3299c7fc1fd72dc4160a1b34bf3fbb 453092 amule-utils_2.2.5-1.1_i386.deb
 9197ec36d05b0511701d2019614aa05ec47f740d 1279660 amule-utils-gui_2.2.5-1.1_i386.deb
 96facb3319ff3f7ecf7827a451b60648502a90ad 1172070 amule-daemon_2.2.5-1.1_i386.deb
 98b70cf45cb4d0884e474178312ff69e2c1ad9e5 2425196 amule-common_2.2.5-1.1_all.deb
Checksums-Sha256: 
 460e516e5695ff6e33470a072e0c907559269ed24483fedb6f01a24ff982d83a 1354 amule_2.2.5-1.1.dsc
 636474bed2a275f5509f6b4ad522beee09289ce9b21dc5334a4663d9b21a6248 22380 amule_2.2.5-1.1.diff.gz
 64fb96eb54652c10381bdb9da1e476ad208e82f36dd1ea4d87bb92c33a33ae90 1837034 amule_2.2.5-1.1_i386.deb
 c2d12441970e2e33c546c242aa3b84ba9707d10186a08efae8ee972ad9886d13 453092 amule-utils_2.2.5-1.1_i386.deb
 5ac7010b32f9d8627233f8dfae2d18013d1013511f4966332bdccae1c2c749cd 1279660 amule-utils-gui_2.2.5-1.1_i386.deb
 835813b9f0c5ac02de02dfe60ecdc9679986f1d05e0a8174ef86e2140080da6e 1172070 amule-daemon_2.2.5-1.1_i386.deb
 549b33e10eab33018df7cadde99e72afaa6d825a38f40b2bc0ef52b65e95b50a 2425196 amule-common_2.2.5-1.1_all.deb
Files: 
 449189bbe29936f917cbbee573ba4331 1354 net optional amule_2.2.5-1.1.dsc
 62d5abc386d341a0b8be0daf541ae2fe 22380 net optional amule_2.2.5-1.1.diff.gz
 d49bb32b073d7a26be12c8ceed44a9ba 1837034 net optional amule_2.2.5-1.1_i386.deb
 4fa5346969144acd9fe6bb8f4a9c226d 453092 net optional amule-utils_2.2.5-1.1_i386.deb
 89e2faffbfb72a3136fc6bbe76fc5d01 1279660 net optional amule-utils-gui_2.2.5-1.1_i386.deb
 3d37ccc83a5598918cd2bc10bf470e89 1172070 net optional amule-daemon_2.2.5-1.1_i386.deb
 1c2d31b3a69fe707e88a086d3c796305 2425196 net optional amule-common_2.2.5-1.1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAko+54wACgkQ62zWxYk/rQd0qACbBEP50smzGrX8F4sYPRyuthZ8
XhgAoMxh4U81v7fLaZ/r9lX2ImgZTjWp
=DGeX
-----END PGP SIGNATURE-----

Reply sent to Steffen Joeris <white@debian.org>:
You have taken responsibility. (Tue, 23 Jun 2009 13:57:05 GMT) (full text, mbox, link).

Notification sent to Sam Hocevar <sam@zoy.org>:
Bug acknowledged by developer. (Tue, 23 Jun 2009 13:57:05 GMT) (full text, mbox, link).

Message #44 received at 525078-close@bugs.debian.org (full text, mbox, reply):

From: Steffen Joeris <white@debian.org>
To: 525078-close@bugs.debian.org
Subject: Bug#525078: fixed in amule 2.2.1-1+lenny2
Date: Tue, 23 Jun 2009 13:54:19 +0000
Source: amule
Source-Version: 2.2.1-1+lenny2

We believe that the bug you reported is fixed in the latest version of
amule, which is due to be installed in the Debian FTP archive:

amule-common_2.2.1-1+lenny2_all.deb
  to pool/main/a/amule/amule-common_2.2.1-1+lenny2_all.deb
amule-daemon_2.2.1-1+lenny2_i386.deb
  to pool/main/a/amule/amule-daemon_2.2.1-1+lenny2_i386.deb
amule-utils-gui_2.2.1-1+lenny2_i386.deb
  to pool/main/a/amule/amule-utils-gui_2.2.1-1+lenny2_i386.deb
amule-utils_2.2.1-1+lenny2_i386.deb
  to pool/main/a/amule/amule-utils_2.2.1-1+lenny2_i386.deb
amule_2.2.1-1+lenny2.diff.gz
  to pool/main/a/amule/amule_2.2.1-1+lenny2.diff.gz
amule_2.2.1-1+lenny2.dsc
  to pool/main/a/amule/amule_2.2.1-1+lenny2.dsc
amule_2.2.1-1+lenny2_i386.deb
  to pool/main/a/amule/amule_2.2.1-1+lenny2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 525078@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steffen Joeris <white@debian.org> (supplier of updated amule package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 21 Jun 2009 06:34:26 +0200
Source: amule
Binary: amule amule-common amule-utils amule-utils-gui amule-daemon
Architecture: source i386 all
Version: 2.2.1-1+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Adeodato Simó <dato@net.com.org.es>
Changed-By: Steffen Joeris <white@debian.org>
Description: 
 amule      - client for the eD2k and Kad networks, like eMule
 amule-common - common files for the rest of aMule packages
 amule-daemon - non-graphic version of aMule, a client for the eD2k and Kad netwo
 amule-utils - utilities for aMule (command-line version)
 amule-utils-gui - graphic utilities for aMule
Closes: 525078
Changes: 
 amule (2.2.1-1+lenny2) stable-security; urgency=high
 .
   * Non-maintainer upload by the security team
   * Fix incomplete escaping of offending characters by including the
     single tick (') as well (Closes: #525078)
     Fixes: CVE-2009-1440
Checksums-Sha1: 
 05e57ecee06a46bc64af00728b0ce633a1c8ea99 1360 amule_2.2.1-1+lenny2.dsc
 f2aa9e81e5dc06a3a04d8e9b6c3b58432b07d7f6 5945095 amule_2.2.1.orig.tar.gz
 56a9683d7a6d526d227413d4fc119f1d215d0eb8 21192 amule_2.2.1-1+lenny2.diff.gz
 8fe85603bc4eac331b1bcaa05a597239e3aaa38d 1834186 amule_2.2.1-1+lenny2_i386.deb
 0665f4eb6106b6a89f59020f16b8f2a21da97435 441412 amule-utils_2.2.1-1+lenny2_i386.deb
 4d8147c825a4ffe0a07a64de3c208aa47a48268b 1282022 amule-utils-gui_2.2.1-1+lenny2_i386.deb
 ad525d5a793fe9dd1606350067dc5a0cd4ef880a 1160416 amule-daemon_2.2.1-1+lenny2_i386.deb
 5368ec26f28e2011f5c349370d54703f8359ba70 2253976 amule-common_2.2.1-1+lenny2_all.deb
Checksums-Sha256: 
 39970a7ecba1a5f25f103768766c364fb3e3a554c9101a0eccaca2c5bd59ca2f 1360 amule_2.2.1-1+lenny2.dsc
 d3a7c42a4edb8581c08f57d97e114a2d5d9bcd62268bf2221421df3071aa788a 5945095 amule_2.2.1.orig.tar.gz
 5b49f9119c51656955cbf786274a1d11d41ff0cb44cca85b7c49224a7bad63f3 21192 amule_2.2.1-1+lenny2.diff.gz
 76f3e2405af4f1907dbcb7e8f2159fdd214ac492de96c6a00bc544f6d67a5794 1834186 amule_2.2.1-1+lenny2_i386.deb
 709db7c96d1bc4a04d0bc4ee3107591f6011fb195af82963147ec32316815068 441412 amule-utils_2.2.1-1+lenny2_i386.deb
 d2f2a1d70648b694ae508be89f419ea7e3e19d6fc5bdd852622f21b73775710a 1282022 amule-utils-gui_2.2.1-1+lenny2_i386.deb
 7e53fa8a8f5bfa4355d09becfed4e49447940e651bc8565a83c05d9e52ac2d8b 1160416 amule-daemon_2.2.1-1+lenny2_i386.deb
 b971f7ba1179bb6ece39cbef4af9b01ed79ead3270242871a80f05443106eb70 2253976 amule-common_2.2.1-1+lenny2_all.deb
Files: 
 44eaea8c76492a09197b4764f6602c38 1360 x11 optional amule_2.2.1-1+lenny2.dsc
 4af457cf1112cd2c23f133f98d0b1123 5945095 x11 optional amule_2.2.1.orig.tar.gz
 cbae4dfde8c2ee4108354ae5a3b33b7c 21192 x11 optional amule_2.2.1-1+lenny2.diff.gz
 092acc92d4efd8f8cfcdfc20d91bf1e4 1834186 x11 optional amule_2.2.1-1+lenny2_i386.deb
 7d950e97f28fc52a2ad904c97d695647 441412 x11 optional amule-utils_2.2.1-1+lenny2_i386.deb
 41cb881f954cfee01544cc79cc637de9 1282022 x11 optional amule-utils-gui_2.2.1-1+lenny2_i386.deb
 59a189fcb605d3cd53c25157ac08775e 1160416 x11 optional amule-daemon_2.2.1-1+lenny2_i386.deb
 3a393eacd88cbe16e4c6714d244b600c 2253976 x11 optional amule-common_2.2.1-1+lenny2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAko+5ygACgkQ62zWxYk/rQcgwACbB7cX80xZqnv/GG9imn31hW1r
6iIAoLZvLK26fsSs2s9cn0C9EDS5krPW
=ZdCb
-----END PGP SIGNATURE-----

Reply sent to Steffen Joeris <white@debian.org>:
You have taken responsibility. (Sat, 27 Jun 2009 16:45:28 GMT) (full text, mbox, link).

Notification sent to Sam Hocevar <sam@zoy.org>:
Bug acknowledged by developer. (Sat, 27 Jun 2009 16:45:29 GMT) (full text, mbox, link).

Message #49 received at 525078-close@bugs.debian.org (full text, mbox, reply):

From: Steffen Joeris <white@debian.org>
To: 525078-close@bugs.debian.org
Subject: Bug#525078: fixed in amule 2.2.1-1+lenny2
Date: Sat, 27 Jun 2009 16:04:15 +0000
Source: amule
Source-Version: 2.2.1-1+lenny2

We believe that the bug you reported is fixed in the latest version of
amule, which is due to be installed in the Debian FTP archive:

amule-common_2.2.1-1+lenny2_all.deb
  to pool/main/a/amule/amule-common_2.2.1-1+lenny2_all.deb
amule-daemon_2.2.1-1+lenny2_i386.deb
  to pool/main/a/amule/amule-daemon_2.2.1-1+lenny2_i386.deb
amule-utils-gui_2.2.1-1+lenny2_i386.deb
  to pool/main/a/amule/amule-utils-gui_2.2.1-1+lenny2_i386.deb
amule-utils_2.2.1-1+lenny2_i386.deb
  to pool/main/a/amule/amule-utils_2.2.1-1+lenny2_i386.deb
amule_2.2.1-1+lenny2.diff.gz
  to pool/main/a/amule/amule_2.2.1-1+lenny2.diff.gz
amule_2.2.1-1+lenny2.dsc
  to pool/main/a/amule/amule_2.2.1-1+lenny2.dsc
amule_2.2.1-1+lenny2_i386.deb
  to pool/main/a/amule/amule_2.2.1-1+lenny2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 525078@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steffen Joeris <white@debian.org> (supplier of updated amule package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 21 Jun 2009 06:34:26 +0200
Source: amule
Binary: amule amule-common amule-utils amule-utils-gui amule-daemon
Architecture: source i386 all
Version: 2.2.1-1+lenny2
Distribution: stable-security
Urgency: high
Maintainer: Adeodato Simó <dato@net.com.org.es>
Changed-By: Steffen Joeris <white@debian.org>
Description: 
 amule      - client for the eD2k and Kad networks, like eMule
 amule-common - common files for the rest of aMule packages
 amule-daemon - non-graphic version of aMule, a client for the eD2k and Kad netwo
 amule-utils - utilities for aMule (command-line version)
 amule-utils-gui - graphic utilities for aMule
Closes: 525078
Changes: 
 amule (2.2.1-1+lenny2) stable-security; urgency=high
 .
   * Non-maintainer upload by the security team
   * Fix incomplete escaping of offending characters by including the
     single tick (') as well (Closes: #525078)
     Fixes: CVE-2009-1440
Checksums-Sha1: 
 05e57ecee06a46bc64af00728b0ce633a1c8ea99 1360 amule_2.2.1-1+lenny2.dsc
 f2aa9e81e5dc06a3a04d8e9b6c3b58432b07d7f6 5945095 amule_2.2.1.orig.tar.gz
 56a9683d7a6d526d227413d4fc119f1d215d0eb8 21192 amule_2.2.1-1+lenny2.diff.gz
 8fe85603bc4eac331b1bcaa05a597239e3aaa38d 1834186 amule_2.2.1-1+lenny2_i386.deb
 0665f4eb6106b6a89f59020f16b8f2a21da97435 441412 amule-utils_2.2.1-1+lenny2_i386.deb
 4d8147c825a4ffe0a07a64de3c208aa47a48268b 1282022 amule-utils-gui_2.2.1-1+lenny2_i386.deb
 ad525d5a793fe9dd1606350067dc5a0cd4ef880a 1160416 amule-daemon_2.2.1-1+lenny2_i386.deb
 5368ec26f28e2011f5c349370d54703f8359ba70 2253976 amule-common_2.2.1-1+lenny2_all.deb
Checksums-Sha256: 
 39970a7ecba1a5f25f103768766c364fb3e3a554c9101a0eccaca2c5bd59ca2f 1360 amule_2.2.1-1+lenny2.dsc
 d3a7c42a4edb8581c08f57d97e114a2d5d9bcd62268bf2221421df3071aa788a 5945095 amule_2.2.1.orig.tar.gz
 5b49f9119c51656955cbf786274a1d11d41ff0cb44cca85b7c49224a7bad63f3 21192 amule_2.2.1-1+lenny2.diff.gz
 76f3e2405af4f1907dbcb7e8f2159fdd214ac492de96c6a00bc544f6d67a5794 1834186 amule_2.2.1-1+lenny2_i386.deb
 709db7c96d1bc4a04d0bc4ee3107591f6011fb195af82963147ec32316815068 441412 amule-utils_2.2.1-1+lenny2_i386.deb
 d2f2a1d70648b694ae508be89f419ea7e3e19d6fc5bdd852622f21b73775710a 1282022 amule-utils-gui_2.2.1-1+lenny2_i386.deb
 7e53fa8a8f5bfa4355d09becfed4e49447940e651bc8565a83c05d9e52ac2d8b 1160416 amule-daemon_2.2.1-1+lenny2_i386.deb
 b971f7ba1179bb6ece39cbef4af9b01ed79ead3270242871a80f05443106eb70 2253976 amule-common_2.2.1-1+lenny2_all.deb
Files: 
 44eaea8c76492a09197b4764f6602c38 1360 x11 optional amule_2.2.1-1+lenny2.dsc
 4af457cf1112cd2c23f133f98d0b1123 5945095 x11 optional amule_2.2.1.orig.tar.gz
 cbae4dfde8c2ee4108354ae5a3b33b7c 21192 x11 optional amule_2.2.1-1+lenny2.diff.gz
 092acc92d4efd8f8cfcdfc20d91bf1e4 1834186 x11 optional amule_2.2.1-1+lenny2_i386.deb
 7d950e97f28fc52a2ad904c97d695647 441412 x11 optional amule-utils_2.2.1-1+lenny2_i386.deb
 41cb881f954cfee01544cc79cc637de9 1282022 x11 optional amule-utils-gui_2.2.1-1+lenny2_i386.deb
 59a189fcb605d3cd53c25157ac08775e 1160416 x11 optional amule-daemon_2.2.1-1+lenny2_i386.deb
 3a393eacd88cbe16e4c6714d244b600c 2253976 x11 optional amule-common_2.2.1-1+lenny2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAko+5ygACgkQ62zWxYk/rQcgwACbB7cX80xZqnv/GG9imn31hW1r
6iIAoLZvLK26fsSs2s9cn0C9EDS5krPW
=ZdCb
-----END PGP SIGNATURE-----

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 26 Jul 2009 07:37:30 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 17:49:02 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started