Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug
Bug#: 118302
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Milton YATES <milton.yates@enst-bretagne.fr>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 118302 depends on: Show dependency tree
Bug 118302 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-01-08 09:00 0000 
Trac 0.9.3 is out and fixes a number of bugs and security vulnerabilities. It
would be nice to have it in portage quickly.
Thanks.

see: http://projects.edgewall.com/trac/wiki/ChangeLog

------- Comment #1 From Jakub Moc (RETIRED) 2006-01-08 09:06:29 0000 ------- 
Secunia Advisory:       SA18048 Print Advisory  
Release Date:   2005-12-16

Critical:       
Less critical
Impact: Cross Site Scripting
Where:  From remote
Solution Status:        Unpatched

Software:       Trac 0.x

        Select a product and view a complete list of all Patched/Unpatched
Secunia advisories affecting it.

Description:
Christophe Truc has reported a vulnerability in Trac, which can be exploited by
malicious people to conduct cross-site scripting attacks.

Input passed to the URL path isn't properly sanitised before being returned to
the user after accessing a missing page. This can be exploited to execute
arbitrary HTML and script code in a user's browser session in context of an
affected site.

The vulnerability has been reported in versions 0.9, 0.9.1, and 0.9.2. Other
versions may also be affected.

Solution:
Edit the source code to ensure that input is properly sanitised.

Provided and/or discovered by:
Christophe Truc

------- Comment #2 From Stefan Cornelius (RETIRED) 2006-01-08 09:12:04 0000 ------- 
web-apps, pls do your magic. thanks

------- Comment #3 From Julien Allanos (RETIRED) 2006-01-08 10:37:24 0000 ------- 
In CVS, thanks.

------- Comment #4 From Stefan Cornelius (RETIRED) 2006-01-08 10:41:46 0000 ------- 
arches, please test and stable, thx

------- Comment #5 From Julien Allanos (RETIRED) 2006-01-08 11:45:32 0000 ------- 
No need to stable, these bugs only affect 0.9.x ebuilds which were never marked
stable. See previous security issue with 0.9.x :
http://bugs.gentoo.org/show_bug.cgi?id=114205

------- Comment #6 From Stefan Cornelius (RETIRED) 2006-01-08 11:52:55 0000 ------- 
Oh, ok then, thanks a lot for the headsup, closing without GLSA.

------- Comment #7 From Julien Allanos (RETIRED) 2006-01-08 15:21:59 0000 ------- 
Reopening, as it appears that Trac-0.8.x versions are affected by one
vulnerability, but upstream hasn't planned to backport the fix
(http://projects.edgewall.com/trac/changeset/2724) to 0.8.x (too much work).

That's why we have to mark 0.9.3 stable for x86 and ppc (only arches where
trac-0.8.x is marked stable), as well as its currently unstable dependencies:

* dev-python/pysqlite-2.0.4 and/or 2.0.5
* app-text/pytextile-2.0.10

It would also be nice if dev-libs/clearsilver-0.10.1 was marked stable in the
same breath, though this isn't mandatory.

------- Comment #8 From Mark Loeser 2006-01-10 12:29:10 0000 ------- 
x86 done

------- Comment #9 From Tobias Scherbaum 2006-01-11 06:29:36 0000 ------- 
ppc stable

------- Comment #10 From Stefan Cornelius (RETIRED) 2006-01-11 06:32:06 0000 ------- 
Ready for glsa vote. Tend to say no.

------- Comment #11 From Thierry Carrez (RETIRED) 2006-01-12 08:29:37 0000 ------- 
I vote yes, as for all XSS things on a typically Internet-facing,
open-to-anyone-for-posting thing.

------- Comment #12 From Kurt Lieber 2006-01-18 06:22:32 0000 ------- 
I vote yes as well

------- Comment #13 From Thierry Carrez (RETIRED) 2006-01-18 07:05:36 0000 ------- 
Then we go

------- Comment #14 From Stefan Cornelius (RETIRED) 2006-01-26 05:58:18 0000 ------- 
GLSA 200601-12

Thanks everybody.
Bug List: (This bug is not in your last search results)   Show last search results      Search page      Enter new bug