diff mbox series

[meta-webserver,13/13] webmin: patch CVE-2025-67738

Message ID 20260223191850.1049304-13-skandigraun@gmail.com
State New
Headers show
Series [meta-oe,01/13] freerdp: patch CVE-2026-22852 | expand

Commit Message

Gyorgy Sarvari Feb. 23, 2026, 7:18 p.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-67738

Backport the patch that is referenced by the NVD advisory as the solution.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../webmin/files/CVE-2025-67738.patch         | 37 +++++++++++++++++++
 .../recipes-webadmin/webmin/webmin_2.501.bb   |  3 +-
 2 files changed, 39 insertions(+), 1 deletion(-)
 create mode 100644 meta-webserver/recipes-webadmin/webmin/files/CVE-2025-67738.patch
diff mbox series

Patch

diff --git a/meta-webserver/recipes-webadmin/webmin/files/CVE-2025-67738.patch b/meta-webserver/recipes-webadmin/webmin/files/CVE-2025-67738.patch
new file mode 100644
index 0000000000..b29f813e72
--- /dev/null
+++ b/meta-webserver/recipes-webadmin/webmin/files/CVE-2025-67738.patch
@@ -0,0 +1,37 @@ 
+From 8729e319979290fea6f4bd8a1664fa41fde24d17 Mon Sep 17 00:00:00 2001
+From: Jamie Cameron <jcameron@webmin.com>
+Date: Wed, 29 Oct 2025 22:02:29 -0700
+Subject: [PATCH] Fix quoting of args
+
+CVE: CVE-2025-67738
+Upstream-Status: Backport [https://github.com/webmin/webmin/commit/1a52bf4d72f9da6d79250c66e51f41c6f5b880ee]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ squid/cachemgr.cgi | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/squid/cachemgr.cgi b/squid/cachemgr.cgi
+index 10548b50..59a4009d 100755
+--- a/squid/cachemgr.cgi
++++ b/squid/cachemgr.cgi
+@@ -14,6 +14,7 @@ my ($mgr) = glob($config{'cachemgr_path'});
+ if (&has_command($mgr)) {
+ 	$| = 1;
+ 	my $temp;
++	my $args = join(" ", map { quotemeta($_) } @ARGV);
+ 	if ($ENV{'REQUEST_METHOD'} eq 'POST') {
+ 		# Deal with POST data
+ 		my $post;
+@@ -23,10 +24,10 @@ if (&has_command($mgr)) {
+ 		&open_tempfile($fh, ">$temp", 0, 1);
+ 		&print_tempfile($fh, $post);
+ 		&close_tempfile($fh);
+-		open(MGR, "$mgr ".join(" ", @ARGV)." <$temp |");
++		open(MGR, "$mgr $args <$temp |");
+ 		}
+ 	else {
+-		open(MGR, "$mgr ".join(" ", @ARGV)." |");
++		open(MGR, "$mgr $args |");
+ 		}
+ 	while(<MGR>) {
+ 		print;
diff --git a/meta-webserver/recipes-webadmin/webmin/webmin_2.501.bb b/meta-webserver/recipes-webadmin/webmin/webmin_2.501.bb
index 2c807947e4..7e09ec3664 100644
--- a/meta-webserver/recipes-webadmin/webmin/webmin_2.501.bb
+++ b/meta-webserver/recipes-webadmin/webmin/webmin_2.501.bb
@@ -18,7 +18,8 @@  SRC_URI = "${SOURCEFORGE_MIRROR}/webadmin/webmin-${PV}.tar.gz \
            file://media-tomb.patch \
            file://mysql-config-fix.patch \
            file://webmin.service \
-            "
+           file://CVE-2025-67738.patch \
+           "
 SRC_URI[sha256sum] = "0f2772a582d4c4cf24085993729cfc94df2a64d619cefede5400c24b02efb08f"
 UPSTREAM_CHECK_URI = "http://www.webmin.com/download.html"
 UPSTREAM_CHECK_REGEX = "webmin-(?P<pver>\d+(\.\d+)+).tar.gz"