Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: simg...@packages.debian.org, to...@debian.org
Control: affects -1 + src:simgear
User: release.debian....@packages.debian.org
Usertags: pu
Dear release team,
I've received a notification from the flightgear upstream maintainers
that they've discovered and fixed a security issue. I've applied the
proposed fix and already uploaded the package to unstable.
The security team suggested that a stable update might be good, as the
bug doesn't seem to need a DSA.
Please note that there's currently no CVE assigned (still in progress),
and there's also not a Debian bug in the BTS. However, the issue is
tracked in our security tracker:
https://security-tracker.debian.org/tracker/TEMP-0000000-5E50D9
Please find the patch attached which I'd like to upload for the next
stable point release.
If you accept this upload, the package "flightgear" needs an upload as
well. I'll file a bug about that shortly after this one.
Regards,
Tobias
diff -Nru simgear-2020.3.16+dfsg/debian/changelog simgear-2020.3.16+dfsg/debian/changelog
--- simgear-2020.3.16+dfsg/debian/changelog 2022-10-26 10:53:00.000000000 +0200
+++ simgear-2020.3.16+dfsg/debian/changelog 2025-01-27 12:58:26.000000000 +0100
@@ -1,3 +1,11 @@
+simgear (1:2020.3.16+dfsg-1+deb12u1) bookworm; urgency=medium
+
+ * Team upload.
+ * New patch: check I/O rules when auto-constructing an SGPath from a Nasal scalar.
+ Thanks to Florent Rougon <f.rou...@frougon.net>
+
+ -- Dr. Tobias Quathamer <to...@debian.org> Mon, 27 Jan 2025 12:58:26 +0100
+
simgear (1:2020.3.16+dfsg-1) unstable; urgency=medium
* New upstream version 2020.3.16+dfsg
diff -Nru simgear-2020.3.16+dfsg/debian/patches/cppbind-check-I-O-rules-when-auto-constructing-an-SG.patch simgear-2020.3.16+dfsg/debian/patches/cppbind-check-I-O-rules-when-auto-constructing-an-SG.patch
--- simgear-2020.3.16+dfsg/debian/patches/cppbind-check-I-O-rules-when-auto-constructing-an-SG.patch 1970-01-01 01:00:00.000000000 +0100
+++ simgear-2020.3.16+dfsg/debian/patches/cppbind-check-I-O-rules-when-auto-constructing-an-SG.patch 2025-01-27 12:44:59.000000000 +0100
@@ -0,0 +1,80 @@
+From: Florent Rougon <f.rou...@frougon.net>
+Date: Tue, 21 Jan 2025 00:16:43 +0100
+Subject: cppbind: check I/O rules when auto-constructing an SGPath from a
+ Nasal scalar
+
+- Add static member function SGPath::NasalIORulesChecker as a
+ PermissionChecker (this is essentially checkIORules() moved from the
+ flightgear repository).
+
+- Use it in the from_nasal_helper() that creates an SGPath instance from
+ a Nasal scalar.
+---
+ simgear/misc/sg_path.cxx | 20 ++++++++++++++++++++
+ simgear/misc/sg_path.hxx | 7 +++++++
+ simgear/nasal/cppbind/detail/from_nasal_helper.cxx | 3 ++-
+ 3 files changed, 29 insertions(+), 1 deletion(-)
+
+diff --git a/simgear/misc/sg_path.cxx b/simgear/misc/sg_path.cxx
+index f0706cd..5709256 100644
+--- a/simgear/misc/sg_path.cxx
++++ b/simgear/misc/sg_path.cxx
+@@ -288,6 +288,26 @@ void SGPath::set_cached(bool cached)
+ // * Access permissions for Nasal code *
+ // ***************************************************************************
+
++// Static member function
++SGPath::Permissions SGPath::NasalIORulesChecker(const SGPath& path)
++{
++ Permissions perm;
++
++ if (!path.isAbsolute()) {
++ // SGPath caches permissions, which breaks for relative paths if the
++ // current directory changes.
++ SG_LOG(SG_NASAL, SG_ALERT,
++ "SGPath::NasalIORulesChecker(): file operation on '" <<
++ path.utf8Str() << "': access denied (relative paths not "
++ "accepted; use realpath() to obtain an absolute path)");
++ }
++
++ perm.read = path.isAbsolute() && !path.validate(false).isNull();
++ perm.write = path.isAbsolute() && !path.validate(true).isNull();
++
++ return perm;
++}
++
+ // Static member function
+ void SGPath::clearListOfAllowedPaths(bool write)
+ {
+diff --git a/simgear/misc/sg_path.hxx b/simgear/misc/sg_path.hxx
+index 84194b6..f98c004 100644
+--- a/simgear/misc/sg_path.hxx
++++ b/simgear/misc/sg_path.hxx
+@@ -137,6 +137,13 @@ public:
+ */
+ SGPath validate(bool write) const;
+
++ /**
++ * Normal PermissionChecker for SGPath instances created from Nasal.
++ * @param path an SGPath instance
++ * @return read and write permissions conforming to validate()
++ */
++ static Permissions NasalIORulesChecker(const SGPath& path);
++
+ /**
+ * Append another piece to the existing path. Inserts a path
+ * separator between the existing component and the new component.
+diff --git a/simgear/nasal/cppbind/detail/from_nasal_helper.cxx b/simgear/nasal/cppbind/detail/from_nasal_helper.cxx
+index 160d69b..e404877 100644
+--- a/simgear/nasal/cppbind/detail/from_nasal_helper.cxx
++++ b/simgear/nasal/cppbind/detail/from_nasal_helper.cxx
+@@ -61,7 +61,8 @@ namespace nasal
+ SGPath from_nasal_helper(naContext c, naRef ref, const SGPath*)
+ {
+ naRef na_str = naStringValue(c, ref);
+- return SGPath(std::string(naStr_data(na_str), naStr_len(na_str)));
++ return SGPath(std::string(naStr_data(na_str), naStr_len(na_str)),
++ &SGPath::NasalIORulesChecker);
+ }
+
+ //----------------------------------------------------------------------------
diff -Nru simgear-2020.3.16+dfsg/debian/patches/series simgear-2020.3.16+dfsg/debian/patches/series
--- simgear-2020.3.16+dfsg/debian/patches/series 2022-10-24 13:25:38.000000000 +0200
+++ simgear-2020.3.16+dfsg/debian/patches/series 2025-01-27 12:43:31.000000000 +0100
@@ -5,3 +5,4 @@
disable_network_tests.patch
spelling_fixes.patch
fix-ftbfs-on-armel-armhf.patch
+cppbind-check-I-O-rules-when-auto-constructing-an-SG.patch
