Hello community, here is the log from the commit of package python-feedparser for openSUSE:11.2 checked in at Thu Apr 7 17:00:47 CEST 2011. -------- --- old-versions/11.2/all/python-feedparser/python-feedparser.changes 2009-09-03 15:56:52.000000000 +0200 +++ 11.2/python-feedparser/python-feedparser.changes 2011-03-17 02:35:42.000000000 +0100 @@ -1,0 +2,12 @@ +Thu Mar 17 01:23:51 UTC 2011 - jfunk@funktronics.ca + +- Fix issue 91: invalid text in XML declaration causes sanitizer to crash + (CVE-2011-1156 bnc#680074) +- Fix issue 254: sanitization can be bypassed by malformed XML comments + (CVE-2011-1157 bnc#680074) +- Fix issue 255: sanitizer doesn't strip unsafe URI schemes (CVE-2011-1158 + bnc#680074) +- Fix issue 195: XSS vulnerability in feedparser (bnc#680074) + + +------------------------------------------------------------------- Package does not exist at destination yet. Using Fallback old-versions/11.2/all/python-feedparser Destination is old-versions/11.2/UPDATES/all/python-feedparser calling whatdependson for 11.2-i586 New: ---- feedparser-issue195.patch feedparser-issue254-CVE-2011-1157.patch feedparser-issue255-CVE-2011-1158.patch feedparser-issue91-CVE-2011-1156.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-feedparser.spec ++++++ --- /var/tmp/diff_new_pack.XefRaZ/_old 2011-04-07 17:00:29.000000000 +0200 +++ /var/tmp/diff_new_pack.XefRaZ/_new 2011-04-07 17:00:29.000000000 +0200 @@ -1,7 +1,7 @@ # -# spec file for package python-feedparser (Version 4.1) +# spec file for package python-feedparser # -# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,12 +20,16 @@ Name: python-feedparser Version: 4.1 -Release: 1 +Release: 2.<RELEASE3> Summary: Universal Feed Parser Module for Python Url: http://sourceforge.net/projects/feedparser/ License: BSD Group: Development/Libraries/Python Source: %{modname}-%{version}.tar.bz2 +Patch0: feedparser-issue195.patch +Patch1: feedparser-issue255-CVE-2011-1158.patch +Patch2: feedparser-issue254-CVE-2011-1157.patch +Patch3: feedparser-issue91-CVE-2011-1156.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %{py_requires} BuildRequires: python-devel python-setuptools @@ -44,6 +48,10 @@ %prep %setup -q -n %{modname}-%{version} +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 chmod 0644 README %build ++++++ feedparser-issue195.patch ++++++ Index: feedparser-4.1/tests/wellformed/sanitize/item_content_encoded_script_nested_cdata.xml =================================================================== --- /dev/null +++ feedparser-4.1/tests/wellformed/sanitize/item_content_encoded_script_nested_cdata.xml @@ -0,0 +1,11 @@ +<!-- +Description: ensure nested CDATA sections are sanitized properly +Expect: not bozo and entries[0]['content'][0]['value'] == u'<![CDATA[]]>' +--> +<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0"> +<channel> + <item> + content:encoded<![CDATA[<![CDATA[<script></script>]]>]]> + </item> +</channel> +</rss> Index: feedparser-4.1/tests/illformed/sanitize/item_content_encoded_script_nested_cdata.xml =================================================================== --- /dev/null +++ feedparser-4.1/tests/illformed/sanitize/item_content_encoded_script_nested_cdata.xml @@ -0,0 +1,11 @@ +<!-- +Description: ensure nested CDATA sections are sanitized properly +Expect: bozo and entries[0]['content'][0]['value'] == u'<![CDATA[]]>' +--> +<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0"> +<channel> + <item> + content:encoded<![CDATA[<![CDATA[<script></script>]]>]]> + </item> +</channel> += 0: + return ret + # if ret == -1, this may be a malicious attempt to circumvent + # sanitization, or a page-destroying unclosed comment + match = re.compile(r'--[^>]*>').search(self.rawdata, i+4) + if match: + return match.end() + # unclosed comment; deliberately fail to handle_data() + return len(self.rawdata) + + def _sanitizeHTML(htmlSource, encoding): p = _HTMLSanitizer(encoding) htmlSource = htmlSource.replace('