| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Recommend the LWPx::ParanoidAgent module where appropriate.
It is particularly important for openid, since unauthenticated users
can control which URLs that plugin will contact. Conversely, it is
non-critical for blogspam, since the URL to be contacted is under
the wiki administrator's control.
Signed-off-by: Simon McVittie <smcv@debian.org>
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
The Debian security tracker gets timely updates, whereas the official
CVE pages hosted by MITRE tend to show up as "RESERVED" for several
weeks or months after assignment.
|
| | |
|
| | |
|
| |
|
|
| |
Thanks to the Debian security team for allocating these.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Otherwise, we have a time-of-check/time-of-use vulnerability:
rcs_preprevert previously looked at what changed in the commit we are
reverting, not at what would result from reverting it now. In
particular, if some files were renamed since the commit we are
reverting, a revert of changes that were within the designated
subdirectory and allowed by check_canchange() might now affect
files that are outside the designated subdirectory or disallowed
by check_canchange().
It is not sufficient to disable rename detection, since git older
than 2.8.0rc0 (in particular the version in Debian stable) silently
accepts and ignores the relevant options.
OVE-20161226-0002
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CGI::FormBuilder->field has behaviour similar to the CGI.pm misfeature
we avoided in f4ec7b0. Force it into scalar context where it is used
in an argument list.
This prevents two (relatively minor) commit metadata forgery
vulnerabilities:
* In the comments plugin, an attacker who was able to post a comment
could give it a user-specified author and author-URL even if the wiki
configuration did not allow for that, by crafting multiple values
to other fields.
* In the editpage plugin, an attacker who was able to edit a page
could potentially forge commit authorship by crafting multiple values
for the rcsinfo field.
The remaining plugins changed in this commit appear to have been
protected by use of explicit scalar prototypes for the called functions,
but have been changed anyway to make them more obviously correct.
In particular, checkpassword() in passwordauth has a known prototype,
so an attacker cannot trick it into treating multiple values of the
name field as being the username, password and field to check for.
OVE-20161226-0001
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
We still don't have a security@ alias; listing personal emails is
unfortunately the next-best thing.
|
| | |
|
| |
|
|
| |
__8226____9__Get_CAll___64___1__42__855.709__126__2847___64___E.p.s.o.n_P.r.i.n.t.e.r_T.e.c.h.n.i.c.a.l_S.u.p.p.o.r.t_C.o.n.t.a.c.t_N.u.m.b.e.r.mdwn
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
This reverts commit 2acafb8b3fc4dc2e061a1f811610f67a67c7358b
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
Thanks, Raúl Benencia
|
| |
|
|
| |
su's related bug #628843 is fixed.) Thanks, Ludwig Nussel. (CVE-2011-1408)
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
where the htmlscrubber is enabled.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
whitelisted image types. No svg.
|
| | |
|
| | |
|