First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 204829
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Robert Buchholz <rbu@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 204829 depends on: Show dependency tree
Bug 204829 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2008-01-07 22:03 0000 
Secunia:
A vulnerability has been reported in CherryPy, which can be exploited by
malicious people to bypass certain security settings.

The vulnerability is caused due to the improper handling of cookies when using
file-based sessions. This can be exploited to access files outside the session
directory by using directory traversal attacks via the session id.

The vulnerability is reported in version 2.2.1 and 3.0.2. Other versions may
also be affected.

Solution:
Fixed in development version 3.1b1 and in the SVN repository.
http://www.cherrypy.org/changeset/1775
http://www.cherrypy.org/changeset/1774

Original Advisory:
http://www.cherrypy.org/ticket/744

See also:
https://bugzilla.redhat.com/show_bug.cgi?id=427664

------- Comment #1 From Ali Polatel (RETIRED) 2008-01-08 14:02:10 0000 ------- 
cherrypy-3.0.2-r1 includes upstream fix. I want to drop cherrypy-2.* as soon as
this one has enough keywords.

------- Comment #2 From Robert Buchholz 2008-01-08 16:50:36 0000 ------- 
Arches, please test and mark stable dev-python/cherrypy-3.0.2-r1.
Target keywords : "ia64 x86"

------- Comment #3 From Markus Ullmann 2008-01-08 17:13:42 0000 ------- 
We also need 2.2 updated as at least turbogears needs it

------- Comment #4 From Raúl Porcel 2008-01-08 17:16:51 0000 ------- 
ia64/x86 stable

------- Comment #5 From Ali Polatel (RETIRED) 2008-01-08 22:20:00 0000 ------- 
(In reply to comment #3)
> We also need 2.2 updated as at least turbogears needs it
> 

Thanks for reminding. cherrypy-2.2-r2 has the backported patch. I've also fixed
the tests for python-2.5 and dropped old versions.
Target keywords for this version are ia64 and x86 as well.

------- Comment #6 From Robert Buchholz 2008-01-08 23:51:40 0000 ------- 
Thanks a lot. Arches, here you go again.

------- Comment #7 From Raúl Porcel 2008-01-09 14:56:10 0000 ------- 
ia64/x86 stable

------- Comment #8 From Pierre-Yves Rofes 2008-01-10 19:16:22 0000 ------- 
voting time. I vote YES.

------- Comment #9 From Robert Buchholz 2008-01-10 20:11:32 0000 ------- 
This probably allows writing files outside of the session directory. Definately
YES.

------- Comment #10 From Robert Buchholz 2008-01-27 16:25:57 0000 ------- 
GLSA 200801-11, thanks.
First Last Prev Next    No search results available      Search page      Enter new bug