- missed in previous:

- SECURITY FIX for SA42443, "multipart_init()" HTTP Header Injection Vulnerability from upstream git.
2010-12-06 07:59:34 +00:00 · 2010-12-06 07:59:34 +00:00 · 8db1cdf2d6
commit 8db1cdf2d6
parent 72e30b3c33
3 changed files with 66 additions and 0 deletions
--- a/www/p5-CGI-Simple/patches/patch-lib_CGI_Simple_pm
+++ b/www/p5-CGI-Simple/patches/patch-lib_CGI_Simple_pm
@ -0,0 +1,23 @@
+$OpenBSD: patch-lib_CGI_Simple_pm,v 1.1 2010/12/06 07:59:34 jasper Exp $
+
+Fix for SA42443, "multipart_init()" HTTP Header Injection Vulnerability
+From: https://github.com/AndyA/CGI--Simple/commit/e4942b871a26c1317a175a91ebb7262eea59b380
+
+--- lib/CGI/Simple.pm.orig	Sun May 31 12:43:05 2009
+++ lib/CGI/Simple.pm	Mon Dec  6 08:56:55 2010
+@@ -1105,7 +1105,14 @@ sub multipart_init {
+   my ( $self, @p ) = @_;
+   use CGI::Simple::Util qw(rearrange);
+   my ( $boundary, @other ) = rearrange( ['BOUNDARY'], @p );
+-  $boundary = $boundary || '------- =_aaaaaaaaaa0';
+  if ( !$boundary ) {
+    $boundary = '------- =_';
+    my @chrs = ( '0' .. '9', 'A' .. 'Z', 'a' .. 'z' );
+    for ( 1 .. 17 ) {
+      $boundary .= $chrs[ rand( scalar @chrs ) ];
+    }
+  }
+
+   my $CRLF = $self->crlf;    # get CRLF sequence
+   my $warning
+    = "WARNING: YOUR BROWSER DOESN'T SUPPORT THIS SERVER-PUSH TECHNOLOGY.";
--- a/www/p5-CGI-Simple/patches/patch-t_050_simple_t
+++ b/www/p5-CGI-Simple/patches/patch-t_050_simple_t
@ -0,0 +1,21 @@
+$OpenBSD: patch-t_050_simple_t,v 1.1 2010/12/06 07:59:34 jasper Exp $
+
+Fix for SA42443, "multipart_init()" HTTP Header Injection Vulnerability
+From: https://github.com/AndyA/CGI--Simple/commit/e4942b871a26c1317a175a91ebb7262eea59b380
+
+--- t/050.simple.t.orig	Mon Dec  6 08:55:29 2010
+++ t/050.simple.t	Mon Dec  6 08:55:35 2010
+@@ -945,10 +945,11 @@ $q = new CGI::Simple;
+ $sv = $q->multipart_init();
+ like(
+   $sv,
+-  qr|Content-Type: multipart/x-mixed-replace;boundary="------- =_aaaaaaaaaa0"|,
+  qr|Content-Type: multipart/x-mixed-replace;boundary="------- =_[a-zA-Z0-9]{17}"|,
+   'multipart_init(), 1'
+ );
+-like( $sv, qr/--------- =_aaaaaaaaaa0$CRLF/, 'multipart_init(), 2' );
+like( $sv, qr/--------- =_[a-zA-Z0-9]{17}$CRLF/,
+  'multipart_init(), 2' );
+ $sv = $q->multipart_init( 'this_is_the_boundary' );
+ like( $sv, qr/boundary="this_is_the_boundary"/, 'multipart_init(), 3' );
+ $sv = $q->multipart_init( -boundary => 'this_is_another_boundary' );
--- a/www/p5-CGI-Simple/patches/patch-t_070_standard_t
+++ b/www/p5-CGI-Simple/patches/patch-t_070_standard_t
@ -0,0 +1,22 @@
+$OpenBSD: patch-t_070_standard_t,v 1.1 2010/12/06 07:59:34 jasper Exp $
+
+Fix for SA42443, "multipart_init()" HTTP Header Injection Vulnerability
+From: https://github.com/AndyA/CGI--Simple/commit/e4942b871a26c1317a175a91ebb7262eea59b380
+
+--- t/070.standard.t.orig	Mon Dec  6 08:55:45 2010
+++ t/070.standard.t	Mon Dec  6 08:55:48 2010
+@@ -953,10 +953,12 @@ restore_parameters();
+ $sv = multipart_init();
+ like(
+   $sv,
+-  qr|Content-Type: multipart/x-mixed-replace;boundary="------- =_aaaaaaaaaa0"|,
+  qr|Content-Type: multipart/x-mixed-replace;boundary="------- =_[a-zA-Z0-9]{17}"|,
+   'multipart_init(), 1'
+ );
+-like( $sv, qr/--------- =_aaaaaaaaaa0$CRLF/, 'multipart_init(), 2' );
+
+like( $sv, qr/--------- =_[a-zA-Z0-9]{17}$CRLF/,
+  'multipart_init(), 2' );
+ $sv = multipart_init( 'this_is_the_boundary' );
+ like( $sv, qr/boundary="this_is_the_boundary"/, 'multipart_init(), 3' );
+ $sv = multipart_init( -boundary => 'this_is_another_boundary' );