Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <5191E174.9020009@redhat.com>
Date: Tue, 14 May 2013 01:02:12 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Henri Salo <henri@...v.fi>, moderators@...db.org
Subject: Re: CVE request: Gallery multiple XSS vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/13/2013 01:28 AM, Henri Salo wrote:
> Hello,
> 
> Two XSS vulnerabilities have been fixed in gallery 3.0.7.
> 
> http://osvdb.org/92691 http://osvdb.org/92740
> 
> One CVE-2013-XXXX is enough as these are fixed in the same version
> and same issue type.
> 
> If I am correct: http://osvdb.org/92789 should be removed as
> duplicate of http://osvdb.org/92691 http://osvdb.org/92690 should
> be removed as duplicate of http://osvdb.org/92740
> 
> Please ask if you have questions.
> 
> Diff between 3.0.6 - 3.0.7 below:
> 
> """ git diff aa89aa0dc1610931674530169be8fd1edfceafde
> df9a412c5a18414ec52550e04f9672693f06421f diff --git
> a/gallery3/README b/gallery3/README index 7c58b69..18a2663 100644 
> --- a/gallery3/README +++ b/gallery3/README @@ -1,4 +1,4 @@ 
> -Gallery 3.0.6 (Rive Gauche) +Gallery 3.0.7 (Rive Droite) 
> ===========================
> 
> About diff --git a/gallery3/modules/gallery/controllers/movies.php
> b/gallery3/modules/gallery/controllers/movies.php index
> ca332f6..5607571 100644 ---
> a/gallery3/modules/gallery/controllers/movies.php +++
> b/gallery3/modules/gallery/controllers/movies.php @@ -67,7 +67,7 @@
> class Movies_Controller extends Items_Controller {
> 
> log::success("content", "Updated movie", "<a
> href=\"{$movie->url()}\">view</a>"); message::success( -
> t("Saved movie %movie_title", array("movie_title" =>
> $movie->title))); +        t("Saved movie %movie_title",
> array("movie_title" => html::purify($movie->title))));
> 
> if ($form->from_id->value == $movie->id) { // Use the new url; it
> might have changed. diff --git
> a/gallery3/modules/gallery/helpers/gallery.php
> b/gallery3/modules/gallery/helpers/gallery.php index
> f3382fa..81f406d 100644 ---
> a/gallery3/modules/gallery/helpers/gallery.php +++
> b/gallery3/modules/gallery/helpers/gallery.php @@ -18,8 +18,8 @@ *
> Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
> 02110-1301, USA. */ class gallery_Core { -  const VERSION =
> "3.0.6"; -  const CODE_NAME = "Rive Gauche"; +  const VERSION =
> "3.0.7"; +  const CODE_NAME = "Rive Droite"; const RELEASE_CHANNEL
> = "release"; const RELEASE_BRANCH = "3.0.x";
> 
> diff --git a/gallery3/modules/gallery/views/error_admin.html.php
> b/gallery3/modules/gallery/views/error_admin.html.php index
> cd1bd56..036e204 100644 ---
> a/gallery3/modules/gallery/views/error_admin.html.php +++
> b/gallery3/modules/gallery/views/error_admin.html.php @@ -289,7
> +289,7 @@ <tr> <td class="key"> <code> -                    <?=
> $key?> +                    <?= html::purify($key) ?> </code> 
> </td> <td class="value"> """
> 
> --- Henri Salo
> 

Please use CVE-2013-2087 for Gallery multiple XSS vulnerabilities

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRkeF0AAoJEBYNRVNeJnmTBO0QAK1W7UNk1DlNmNqqj6islaVN
ZtMeUgnMeMBH2Kn5AdvR2O6PugqSK+sq2RymnXAuyCn6OlPVgA1o7Wz2AkRX5tyj
fLDMu+pzl4+OPo53wM7v+nhQZ+2VlbBRLHR9j1iny2DM0CFo6HFGS8jCQoITIngb
ZpDUzLn6X1e9sZxAP3CByexYmSog/8MkBOr2+fldCoPC5+n4BmCSHcXKYIqSzCP1
ZH02RVLhsUwBlkYlMs/99OaVof6aDBF0rfrgx2W9xw6azWXcOyg9HWXJPWH6byb8
jN+YjkVeFjM9vc265Zb2z6lj72rdCzWjnw32RX4JqC7luMyCiUwITkYGeLpqrTFc
iSKDYkvXkq7oNfqkEuppI20K4Nz6JvwN5jX5B6LAUInUPp5jjQm4MWZbnclXvJ18
rvCXsbvLK1zjWZR7k/koQoBYnVfJ270cB8xCzMl1XQCac2d6xSvES3REYGMrCNbr
T2N96MFKvg7HFqaAdYNhNVtR4rP44h4P0KBSNF6OonQDnq6Py7FkqpLmESE0jerS
yUEaqnYd/Bv9s6/kYufThf5DsEyHZRiXySuOtDqCWyv385dS6HfUvZzsLQ8e7szg
FOk7vqSo3zT9XxJZO+LM/1D7/dGUL0D3RiSWX/Cm4cuQme7sLxBdiU/QlCix5+nH
yg0wJGjjDW8AydYJeWW4
=WANh
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.