This service will be undergoing maintenance at 00:00 UTC, 2016-08-01. It is expected to last about 1 hours

Bug 870713 (CVE-2012-4548)

Summary: CVE-2012-4548 cgit: command injection
Product: [Other] Security Response Reporter: Kurt Seifried <kseifried>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: bressers, tmz
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=important,public=20121028,reported=20121028,source=internet,cvss2=8.5/AV:N/AC:M/Au:S/C:C/I:C/A:C,fedora-all/cgit=affected,epel-all/cgit=affected,cwe=CWE-78
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-08-24 11:56:44 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Bug Depends On: 870714, 870715    
Bug Blocks:    
Description Flags
cgit-CVE-2012-4548.patch none

Description Kurt Seifried 2012-10-28 02:59:04 EDT Fix command injection.

By not quoting the argument, an attacker with the ability to add files to the 
repository could pass arbitrary arguments to the highlight command, in 
particular, the --plug-in argument which can lead to arbitrary command 

This patch adds simple argument quoting. 

External references:
Comment 1 Kurt Seifried 2012-10-28 03:00:46 EDT
Created attachment 634444 [details]
Comment 2 Kurt Seifried 2012-10-28 03:01:38 EDT
Created cgit tracking bugs for this issue

Affects: fedora-all [bug 870714]
Comment 3 Kurt Seifried 2012-10-28 03:02:11 EDT
Created cgit tracking bugs for this issue

Affects: epel-all [bug 870715]