[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#684975: marked as done (unblock: dokuwiki/dokuwiki_0.0.20120125b-1)

Your message dated Fri, 17 Aug 2012 20:46:37 +0100
with message-id <1345232797.31960.15.camel@jacala.jungle.funky-badger.org>
and subject line Re: Bug#684975: unblock: dokuwiki/dokuwiki_0.0.20120125b-1
has caused the Debian Bug report #684975,
regarding unblock: dokuwiki/dokuwiki_0.0.20120125b-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
684975: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684975
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Please unblock package dokuwiki

Current version in testing 0.0.20120125a-1 has a security flaw #683378. There
is a new upstream version, 0.0.20120125b, which fixes this and only this.

I am not convinced that this fits into the release policy, since it does not
fix an RC bug, only a security one. Additionally, it consists in a new upstream
version, which adds to this uncertainty regarding the policy. For this reason I
have not uploaded it to unstable yet. Attached it a debdiff of the updated
package, please advice.

unblock dokuwiki/dokuwiki_0.0.20120125b-1

Regards,

- -- 
Tanguy Ortolo

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJQK3WjAAoJEOryzVHFAGgZIZcQAI2FAkfA1VfwMayzJeOMwmye
asHVV2eTQq4IeNyGnAMoV+lBbT6RwTxgnH7IwJWQcasWe3J47lmkRVDgi6mk/Eq9
+pk0qLuQQP1pte56flth0vrBhZ/1XCg2YVSFLLhoUSBwtxg5EPL1BjL8MFCU7ba3
4k22TFhLGZLK1tqH9r/o5Nh9xdmoE6mldKSBkmDhZqd8BoFdvVd5RmwcdtpmYpCw
9+ywAE61gj1DTg7m/4SzRtfrJ0rh+9cKVveNc08SsvG1hlcw/qJWlCcbDwagkrwF
9rZ3vGjZV87sSpR2SBdJQz9SswcArKm7r2YUqQ6I1dNvKu7UkX3T6E13MQJa/pZ3
LxhEV8ITREyvAU1/0+vLSjxpa66hUx/pMwuobIHrSkAd7XWlEptnu2g+uLrDHcd/
vInKyCQq83K3OsKsf3c3wVPdWQRwOaYnFOci4t1ud0g8swhPpUaAHKZTKUb74Wmd
AbD3x7t7EgFZb+OkthHUyW8Hm0g9Rr9+zFoh56OcCmJlz8FJQVRD3L5cb4cs/6UN
1WssfA0+BFe/vNT6qEeceUNuSAOa8yfTflm4N8FVv7kX7q7KQ80HxP75yJ4HKGh9
Q2FAz55N05Z0SeiQhnQi6rODZaEmauWn/oDjOvI8kr4i3uVwhp975egM+g1j2CIr
aJ9tF4198Bh2hwFRwsY0
=w/oh
-----END PGP SIGNATURE-----

diff -Nru dokuwiki-0.0.20120125a/debian/changelog dokuwiki-0.0.20120125b/debian/changelog
--- dokuwiki-0.0.20120125a/debian/changelog	2012-05-05 14:28:26.000000000 +0200
+++ dokuwiki-0.0.20120125b/debian/changelog	2012-08-15 11:59:25.000000000 +0200
@@ -1,3 +1,11 @@
+dokuwiki (0.0.20120125b-1) unstable; urgency=high
+
+  * New upstream bugfix release: sanitize a POST parameter that could be used
+    to inject artitrary HTML and JavaScript, leading to an XSS vulnerability.
+    (CVE-2012-0283) (Closes: #683378)
+
+ -- Tanguy Ortolo <tanguy+debian@ortolo.eu>  Wed, 15 Aug 2012 11:46:36 +0200
+
 dokuwiki (0.0.20120125a-1) unstable; urgency=high
 
   * New upstream bugfix release: properly escape an error messages that could
diff -Nru dokuwiki-0.0.20120125a/doku.php dokuwiki-0.0.20120125b/doku.php
--- dokuwiki-0.0.20120125a/doku.php	2012-04-19 12:12:33.000000000 +0200
+++ dokuwiki-0.0.20120125b/doku.php	2012-07-13 13:13:57.000000000 +0200
@@ -7,7 +7,7 @@
  */
 
 // update message version
-$updateVersion = 36.1;
+$updateVersion = 36.2;
 
 //  xdebug_start_profiling();
 
diff -Nru dokuwiki-0.0.20120125a/inc/template.php dokuwiki-0.0.20120125b/inc/template.php
--- dokuwiki-0.0.20120125a/inc/template.php	2012-04-19 12:09:54.000000000 +0200
+++ dokuwiki-0.0.20120125b/inc/template.php	2012-07-13 13:13:57.000000000 +0200
@@ -1151,7 +1151,7 @@
     echo '<div class="panelHeader">'.NL;
     echo '<h3>';
     $tabTitle = ($NS) ? $NS : '['.$lang['mediaroot'].']';
-    printf($lang['media_' . $opened_tab], '<strong>'.$tabTitle.'</strong>');
+    printf($lang['media_' . $opened_tab], '<strong>'.hsc($tabTitle).'</strong>');
     echo '</h3>'.NL;
     if ($opened_tab === 'search' || $opened_tab === 'files') {
         media_tab_files_options();
diff -Nru dokuwiki-0.0.20120125a/lib/exe/ajax.php dokuwiki-0.0.20120125b/lib/exe/ajax.php
--- dokuwiki-0.0.20120125a/lib/exe/ajax.php	2012-04-19 12:09:54.000000000 +0200
+++ dokuwiki-0.0.20120125b/lib/exe/ajax.php	2012-07-13 13:13:57.000000000 +0200
@@ -13,7 +13,6 @@
 
 header('Content-Type: text/html; charset=utf-8');
 
-
 //call the requested function
 if(isset($_POST['call'])){
     $call = $_POST['call'];
@@ -204,7 +203,7 @@
     global $conf;
     global $NS;
 
-    $NS = $_POST['ns'];
+    $NS = cleanID($_POST['ns']);
     if ($_POST['do'] == 'media') {
         tpl_mediaFileList();
     } else {
diff -Nru dokuwiki-0.0.20120125a/VERSION dokuwiki-0.0.20120125b/VERSION
--- dokuwiki-0.0.20120125a/VERSION	2012-04-19 12:12:33.000000000 +0200
+++ dokuwiki-0.0.20120125b/VERSION	2012-07-13 13:13:57.000000000 +0200
@@ -1 +1 @@
-2012-01-25a "Angua"
+2012-01-25b "Angua"

--- End Message ---
--- Begin Message --- 
On Wed, 2012-08-15 at 13:41 +0100, Adam D. Barratt wrote:
> On 15.08.2012 11:10, Tanguy Ortolo wrote:
> > Please unblock package dokuwiki
> >
> > Current version in testing 0.0.20120125a-1 has a security flaw 
> > #683378. There
> > is a new upstream version, 0.0.20120125b, which fixes this and only 
> > this.
[...]
> Given the tiny size of the diff, I'd be prepared to accept this if it's 
> uploaded soon; thanks.

I was assuming you'd tell us once it had been uploaded, although I
realise that wasn't explicit.

Unblocked.

Regards,

Adam

--- End Message ---
Reply to: