diff options
author | Stefan Ghinea <stefan.ghinea@windriver.com> | 2021-05-25 21:24:58 +0300 |
---|---|---|
committer | Armin Kuster <akuster808@gmail.com> | 2021-06-13 12:35:48 -0700 |
commit | aca88908fd329f5cef6f19995b072397fb2d8ec6 (patch) | |
tree | f471abc8707a648f8deb14f175997b7a8548b928 /meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-1.patch | |
parent | e9f5cef789014e60d49b66af639bf1191374f5e6 (diff) | |
download | meta-openembedded-contrib-aca88908fd329f5cef6f19995b072397fb2d8ec6.tar.gz |
thunar: fix CVE-2021-32563
An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2.
When called with a regular file as a command-line argument, it delegates
to a different program (based on the file type) without user confirmation.
This could be used to achieve code execution.
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-32563
Upstream patches:
https://gitlab.xfce.org/xfce/thunar/-/commit/9165a61f95e43cc0b5abf9b98eee2818a0191e0b
https://gitlab.xfce.org/xfce/thunar/-/commit/3b54d9d7dbd7fd16235e2141c43a7f18718f5664
Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit baa9453d57aa06554c823b5c7bd9c029e1858f89)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-1.patch')
-rw-r--r-- | meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-1.patch | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-1.patch b/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-1.patch new file mode 100644 index 0000000000..f942f990bd --- /dev/null +++ b/meta-xfce/recipes-xfce/thunar/thunar/CVE-2021-32563-1.patch @@ -0,0 +1,97 @@ +From 9165a61f95e43cc0b5abf9b98eee2818a0191e0b Mon Sep 17 00:00:00 2001 +From: Alexander Schwinn <alexxcons@xfce.org> +Date: Sat, 1 May 2021 00:40:44 +0200 +Subject: [PATCH 1/2] Dont execute files, passed via command line due to + security risks + +Instead open the containing folder and select the file. + +Fixes #121 + +Upstream-Status: Backport +CVE: CVE-2021-32563 + +Reference to upstream patch: +[https://gitlab.xfce.org/xfce/thunar/-/commit/9165a61f95e43cc0b5abf9b98eee2818a0191e0b] + +Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com> +--- + thunar/thunar-application.c | 25 +++++++++++++++++++++++-- + thunar/thunar-window.c | 4 +--- + thunar/thunar-window.h | 2 ++ + 3 files changed, 26 insertions(+), 5 deletions(-) + +diff --git a/thunar/thunar-application.c b/thunar/thunar-application.c +index df862fd..1243940 100644 +--- a/thunar/thunar-application.c ++++ b/thunar/thunar-application.c +@@ -1512,8 +1512,29 @@ thunar_application_process_files_finish (ThunarBrowser *browser, + } + else + { +- /* try to open the file or directory */ +- thunar_file_launch (target_file, screen, startup_id, &error); ++ if (thunar_file_is_directory (file)) ++ { ++ thunar_application_open_window (application, file, screen, startup_id, FALSE); ++ } ++ else ++ { ++ /* Note that for security reasons we do not execute files passed via command line */ ++ /* Lets rather open the containing directory and select the file */ ++ ThunarFile *parent = thunar_file_get_parent (file, NULL); ++ ++ if (G_LIKELY (parent != NULL)) ++ { ++ GList* files = NULL; ++ GtkWidget *window; ++ ++ window = thunar_application_open_window (application, parent, screen, startup_id, FALSE); ++ g_object_unref (parent); ++ ++ files = g_list_append (files, thunar_file_get_file (file)); ++ thunar_window_select_files (THUNAR_WINDOW (window), files); ++ g_list_free (files); ++ } ++ } + + /* remove the file from the list */ + application->files_to_launch = g_list_delete_link (application->files_to_launch, +diff --git a/thunar/thunar-window.c b/thunar/thunar-window.c +index b330a87..b234fd3 100644 +--- a/thunar/thunar-window.c ++++ b/thunar/thunar-window.c +@@ -243,8 +243,6 @@ static void thunar_window_update_go_menu (ThunarWindow + GtkWidget *menu); + static void thunar_window_update_help_menu (ThunarWindow *window, + GtkWidget *menu); +-static void thunar_window_select_files (ThunarWindow *window, +- GList *path_list); + static void thunar_window_binding_create (ThunarWindow *window, + gpointer src_object, + const gchar *src_prop, +@@ -891,7 +889,7 @@ thunar_window_screen_changed (GtkWidget *widget, + * + * Visually selects the files, given by the list + **/ +-static void ++void + thunar_window_select_files (ThunarWindow *window, + GList *files_to_selected) + { +diff --git a/thunar/thunar-window.h b/thunar/thunar-window.h +index 9cbcc85..3c1aad2 100644 +--- a/thunar/thunar-window.h ++++ b/thunar/thunar-window.h +@@ -126,6 +126,8 @@ void thunar_window_redirect_menu_tooltips_to_statusbar (Thu + GtkMenu *menu); + const XfceGtkActionEntry* thunar_window_get_action_entry (ThunarWindow *window, + ThunarWindowAction action); ++ void thunar_window_select_files (ThunarWindow *window, ++ GList *path_list); + G_END_DECLS; + + #endif /* !__THUNAR_WINDOW_H__ */ +-- +2.17.1 + |