Bug 769388
| Summary: | pki-silent does not properly escape command-line arguments | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Dmitri Pal <dpal> |
| Component: | pki-core | Assignee: | Matthew Harmsen <mharmsen> |
| Status: | CLOSED ERRATA | QA Contact: | IDM QE LIST <seceng-idm-qe-list> |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 6.0 | CC: | jcholast, jgalipea, kchamart, mharmsen |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | pki-core-9.0.3-23.el6 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 741180 | Environment: | |
| Last Closed: | 2012-06-20 12:07:55 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 741180 | ||
| Bug Blocks: | 530474 | ||
| Attachments: | |||
Created attachment 567819 [details]
Applies fix for pki-silent does not properly escape command-line arguments
As this patch was previously reviewed for Dogtag 9 and Dogtag 10, the patches for RHEL 6 will not be reviewed a second time. # git am 0027-BZ-769388-pki-silent-does-not-properly-escape-command-line-arguments.patch Applying: BZ 769388 - pki-silent does not properly escape command-line arguments # git log -1 commit c4720b69e365a09fd2aaed4bfe0a342d8cadb9a7 Author: Matthew Harmsen <mharmsen> Date: Mon Mar 5 19:17:28 2012 -0800 BZ 769388 - pki-silent does not properly escape command-line arguments # git push Counting objects: 13, done. Delta compression using up to 4 threads. Compressing objects: 100% (6/6), done. Writing objects: 100% (7/7), 665 bytes, done. Total 7 (delta 4), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/pki.git f70660c..c4720b6 IPA_v2_RHEL_6_ERRATA_BRANCH -> IPA_v2_RHEL_6_ERRATA_BRANCH # git am 0001-Apply-pki-silent-escape-command-line-arguments.patch Applying: Apply pki-silent escape command-line arguments /home/mharmsen/DOGTAG/pkigit.ipa2/.git/rebase-apply/patch:30: trailing whitespace. /home/mharmsen/DOGTAG/pkigit.ipa2/.git/rebase-apply/patch:38: trailing whitespace. /home/mharmsen/DOGTAG/pkigit.ipa2/.git/rebase-apply/patch:40: trailing whitespace. -- /home/mharmsen/DOGTAG/pkigit.ipa2/.git/rebase-apply/patch:42: new blank line at EOF. + warning: 4 lines add whitespace errors. # git log -1 commit b39189d44da957b924d598712c5eb2f4ed167bd7 Author: Matthew Harmsen <mharmsen> Date: Mon Mar 5 20:09:20 2012 -0800 Apply pki-silent escape command-line arguments BZ 769388 - pki-silent does not properly escape command-line arguments # git push Counting objects: 12, done. Delta compression using up to 4 threads. Compressing objects: 100% (6/6), done. Writing objects: 100% (7/7), 1.34 KiB, done. Total 7 (delta 4), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/pki.git c4720b6..b39189d IPA_v2_RHEL_6_ERRATA_BRANCH -> IPA_v2_RHEL_6_ERRATA_BRANCH Created attachment 575470 [details]
pkisilent script which uses a password argument with quotes and slashes
VERIFIED. ================ [root@tiger bz-verif-769388]# cat /etc/redhat-release ; arch Red Hat Enterprise Linux Server release 6.3 Beta (Santiago) x86_64 [root@tiger bz-verif-769388]# ================ I used a password like this '\(pas\&w\`rd\)' for pki_silent_security_database successfully. Refer to comment #7 for test script. Version: pki-silent-9.0.3-24.el6.noarch Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2012-0761.html |
Created attachment 567818 [details] Resolves pki-silent does not properly escape command-line arguments