diff mbox series

[meta-webserver,kirkstone,1/5] webmin: patch CVE-2025-67738

Message ID 20260227120323.333696-1-skandigraun@gmail.com
State New
Headers show
Series [meta-webserver,kirkstone,1/5] webmin: patch CVE-2025-67738 | expand

Commit Message

Gyorgy Sarvari Feb. 27, 2026, 12:03 p.m. UTC 
Details: https://nvd.nist.gov/vuln/detail/CVE-2025-67738

Backport the patch referenced by the NVD advisory.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
---
 .../webmin/files/CVE-2025-67738.patch         | 37 +++++++++++++++++++
 .../recipes-webadmin/webmin/webmin_1.850.bb   |  1 +
 2 files changed, 38 insertions(+)
 create mode 100644 meta-webserver/recipes-webadmin/webmin/files/CVE-2025-67738.patch
diff mbox series

Patch

diff --git a/meta-webserver/recipes-webadmin/webmin/files/CVE-2025-67738.patch b/meta-webserver/recipes-webadmin/webmin/files/CVE-2025-67738.patch
new file mode 100644
index 0000000000..3fb71fec37
--- /dev/null
+++ b/meta-webserver/recipes-webadmin/webmin/files/CVE-2025-67738.patch
@@ -0,0 +1,37 @@ 
+From 21d9cbdc2b719e9d1349f14e03b5a041b476cce5 Mon Sep 17 00:00:00 2001
+From: Jamie Cameron <jcameron@webmin.com>
+Date: Wed, 29 Oct 2025 22:02:29 -0700
+Subject: [PATCH] Fix quoting of args
+
+CVE: CVE-2025-67738
+Upstream-Status: Backport [https://github.com/webmin/webmin/commit/1a52bf4d72f9da6d79250c66e51f41c6f5b880ee]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ squid/cachemgr.cgi | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/squid/cachemgr.cgi b/squid/cachemgr.cgi
+index b75f9427..41386d35 100755
+--- a/squid/cachemgr.cgi
++++ b/squid/cachemgr.cgi
+@@ -12,6 +12,7 @@ my ($mgr) = glob($config{'cachemgr_path'});
+ if (&has_command($mgr)) {
+ 	$| = 1;
+ 	my $temp;
++	my $args = join(" ", map { quotemeta($_) } @ARGV);
+ 	if ($ENV{'REQUEST_METHOD'} eq 'POST') {
+ 		# Deal with POST data
+ 		my $post;
+@@ -21,10 +22,10 @@ if (&has_command($mgr)) {
+ 		&open_tempfile($fh, ">$temp", 0, 1);
+ 		&print_tempfile($fh, $post);
+ 		&close_tempfile($fh);
+-		open(MGR, "$mgr ".join(" ", @ARGV)." <$temp |");
++		open(MGR, "$mgr $args <$temp |");
+ 		}
+ 	else {
+-		open(MGR, "$mgr ".join(" ", @ARGV)." |");
++		open(MGR, "$mgr $args |");
+ 		}
+ 	while(<MGR>) {
+ 		print;
diff --git a/meta-webserver/recipes-webadmin/webmin/webmin_1.850.bb b/meta-webserver/recipes-webadmin/webmin/webmin_1.850.bb
index 78ab19601f..a03f44437d 100644
--- a/meta-webserver/recipes-webadmin/webmin/webmin_1.850.bb
+++ b/meta-webserver/recipes-webadmin/webmin/webmin_1.850.bb
@@ -24,6 +24,7 @@  SRC_URI = "${SOURCEFORGE_MIRROR}/webadmin/webmin-${PV}.tar.gz \
            file://0001-Object-names-cannot-contact-special-characters.patch \
            file://0001-Foreign-module-may-need-a-check.patch \
            file://0001-Add-missing-permissions-check-when-saving-allowed-cr.patch \
+           file://CVE-2025-67738.patch \
            "
 
 SRC_URI[md5sum] = "cd6ee98f73f9418562197675b952d81b"