From: W.C.A. Wijngaards Date: Wed, 20 Nov 2019 11:02:19 +0000 (+0100) Subject: - Fix Config Injection in create_unbound_ad_servers.sh, X-Git-Tag: release-1.9.6rc1~49 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f887552763477a606a9608b0f6b498685e0f6587;p=thirdparty%2Funbound.git - Fix Config Injection in create_unbound_ad_servers.sh, reported by X41 D-Sec. --- diff --git a/contrib/create_unbound_ad_servers.sh b/contrib/create_unbound_ad_servers.sh index d31f078b3..49fdbffed 100644 --- a/contrib/create_unbound_ad_servers.sh +++ b/contrib/create_unbound_ad_servers.sh @@ -9,12 +9,13 @@ # Variables dst_dir="/etc/opt/csw/unbound" work_dir="/tmp" -list_addr="http://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml&showintro=1&startdate%5Bday%5D=&startdate%5Bmonth%5D=&startdate%5Byear%5D=" +list_addr="https://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml&showintro=1&startdate%5Bday%5D=&startdate%5Bmonth%5D=&startdate%5Byear%5D=" # OS commands CAT=`which cat` ECHO=`which echo` WGET=`which wget` +TR=`which tr` # Check Wget installed if [ ! -f $WGET ]; then @@ -22,8 +23,10 @@ if [ ! -f $WGET ]; then exit 1 fi +# remove special characters with tr to protect unbound.conf $WGET -O $work_dir/yoyo_ad_servers "$list_addr" && \ $CAT $work_dir/yoyo_ad_servers | \ +$TR -d '";$\\' | \ while read line ; \ do \ $ECHO "local-zone: \"$line\" redirect" ;\ @@ -36,4 +39,4 @@ echo "Done." # the unbound_ad_servers file: # # include: $dst_dir/unbound_ad_servers -# \ No newline at end of file +# diff --git a/doc/Changelog b/doc/Changelog index e6562e98c..a4f6d873c 100644 --- a/doc/Changelog +++ b/doc/Changelog @@ -12,6 +12,8 @@ reported by X41 D-Sec. - Fix Out-of-Bounds Read in dname_valid(), reported by X41 D-Sec. + - Fix Config Injection in create_unbound_ad_servers.sh, + reported by X41 D-Sec. 19 November 2019: Wouter - Fix CVE-2019-18934, shell execution in ipsecmod.