FYI AFAIK this won't work on a default install as the cache of db data is not enabled in 2.0.2 unless the user enables it.

It would affect 2.0.1 though as it does have the cache enabled by default if i recall correctly (or that may have been 2.0)

Comment 2 Aaron Kulbe (RETIRED) 2006-05-26 10:56:28 UTC

And since 2.0.1 is no longer in the tree, this seems like a moot point.  Security team, wouldn't you agree?

I have verified, as Peter has already mentioned, the cache is not on, unless enabled by the user.

This is now patched upstream on the 2.0 branch for a future 2.0.3 release:

http://trac.wordpress.org/changeset/3797

I don't know when the release is targetted for yet though.

Comment 4 Sune Kloppenborg Jeppesen (RETIRED) 2006-05-30 21:08:56 UTC

It's still vulnerable, just not in default configuration hence the C rating above.

Aaron would you prefer to extract patch from CVS or wait for the upstream release?

v2.0.3 is now released with the fix for this included.

See: wordpress.org/development/2006/06/wordpress-203/ 

Comment 6 Wolf Giesen (RETIRED) 2006-06-01 02:15:46 UTC

BTW, it eludes me how we can have phpBB masked and this one in stable...

Comment 7 Sune Kloppenborg Jeppesen (RETIRED) 2006-06-01 09:34:27 UTC

web-apps please bump.

Comment 8 Aaron Kulbe (RETIRED) 2006-06-01 14:02:10 UTC

Coming right up.  I'll have it in the tree shortly.

Comment 9 Aaron Kulbe (RETIRED) 2006-06-01 14:41:37 UTC

Bumped. Marked stable on amd64.  Yes, I'm on the arch team. :)

Call in the cavalry.  Let's have some keywording fun.

Comment 10 Raphael Marichez (Falco) (RETIRED) 2006-06-01 16:17:02 UTC

Hi arches,

you can go and stabilize wordpress-2.0.3 please

Comment 11 Raphael Marichez (Falco) (RETIRED) 2006-06-01 16:17:57 UTC

amd64 already done, this is just for Koon's statistics

Comment 12 Joshua Jackson (RETIRED) 2006-06-01 21:03:38 UTC

x86 is done

^.^

Comment 13 Tobias Scherbaum (RETIRED) 2006-06-01 22:03:23 UTC

ppc stable

Comment 14 Gustavo Zacarias (RETIRED) 2006-06-02 06:44:34 UTC

sparc stable.

Comment 15 René Nussbaumer (RETIRED) 2006-06-03 02:45:30 UTC

stable on hppa

Comment 16 Raphael Marichez (Falco) (RETIRED) 2006-06-03 05:32:16 UTC

good, ready for GLSA

Might be even A3 if the bundled version is affected, too. Quite some php apps use gd.

Sorry, wrong bug from cache :(

Comment 19 Sune Kloppenborg Jeppesen (RETIRED) 2006-06-08 21:07:29 UTC

Peter/Aaron is there any way for a site admin to globally enable/disable this feature? (As I can't seem to find it)

You don't/can't globally enable it for all installs.

You enable it on an install by install basis in wp-config.php with:

define('ENABLE_CACHE',True);

You can force it off (although it is off by default) with:

define('DISABLE_CACHE',True);

Comment 21 Raphael Marichez (Falco) (RETIRED) 2006-06-09 14:17:33 UTC

GLSA 200606-08 , thanks everybody and particularly jaervosz.