From a6480aacdd598962d573d38678f69a1a1cee4320 Mon Sep 17 00:00:00 2001 From: Vincent Bernat Date: Sat, 13 Feb 2010 09:21:43 +0000 Subject: [PATCH 1/1] Disable DNS prefetching to avoid information leakage through links embedded in messages. This fixes CVE-2010-0464. Closes: #569660. --- debian/changelog | 4 +++- debian/patches/disable-dns-prefetch.patch | 20 ++++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 24 insertions(+), 1 deletion(-) create mode 100644 debian/patches/disable-dns-prefetch.patch diff --git a/debian/changelog b/debian/changelog index da17bc5..6323ebd 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,10 +1,12 @@ -roundcube (0.3.1-3) UNRELEASED; urgency=low +roundcube (0.3.1-3) UNRELEASED; urgency=high * RFC 5321, section 4.5.3.1, asks to not impose any limits on length if possible. We respect this by dropping limitation of the local-part of an email address. Closes: #568360, #568537. * Suggests php-auth-sasl to enable use of SASL mechanisms for mail servers. Closes: #567550. + * Disable DNS prefetching to avoid information leakage through links + embedded in messages. This fixes CVE-2010-0464. Closes: #569660. -- Vincent Bernat Fri, 05 Feb 2010 19:50:51 +0100 diff --git a/debian/patches/disable-dns-prefetch.patch b/debian/patches/disable-dns-prefetch.patch new file mode 100644 index 0000000..450145f --- /dev/null +++ b/debian/patches/disable-dns-prefetch.patch @@ -0,0 +1,20 @@ +Disable DNS prefetching to solve CVE-2010-0464. + +Index: program/include/rcube_html_page.php +=================================================================== +--- rcube/program/include/rcube_html_page.php (revision 3214) ++++ rcube/program/include/rcube_html_page.php (working copy) +@@ -165,6 +165,13 @@ + $__page_header.= $this->charset . '" />'."\n"; + } + ++ // add hint to disable DNS prefetching ++ if (!headers_sent()) { ++ header('X-DNS-Prefetch-Control: off'); ++ } else { ++ $__page_header.= ''."\n"; ++ } ++ + // definition of the code to be placed in the document header and footer + if (is_array($this->script_files['head'])) { + foreach ($this->script_files['head'] as $file) { diff --git a/debian/patches/series b/debian/patches/series index a8f436f..b76ac52 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -7,3 +7,4 @@ loginbox-size.patch changeset_r3170.patch changeset_r3202.patch dont-limit-email-local-part.patch +disable-dns-prefetch.patch -- 2.39.2