Xataface Security Release 1.3rc5 (Critical Bugfix)

A place to discuss and receive support for LCMS (Little Content Management System)

Xataface Security Release 1.3rc5 (Critical Bugfix)

Postby shannah » Wed Aug 03, 2011 1:00 pm

Xataface 1.3rc5 was released today and is available for download on Sourceforge:
https://sourceforge.net/projects/datafa ... ce-1.3rc5/

It patches a critical security vulnerability.

(Note that the above bug report includes a number of issues. Only one of them was identified as a current vulnerability).

All installs of the 1.3.x branch should be updated to this version. If you are working off the trunk of the SVN repository, you should update to revision 2509 or later.

Fixes for Older Versions

Users of the 1.2.x branch should update to 1.2.7:
https://sourceforge.net/projects/datafa ... ace-1.2.7/

Users of the 1.1.x branch (PHP 4) should update to version 1.1.6
https://sourceforge.net/projects/datafa ... ace-1.1.6/


Patching Existing Releases

If you would rather just patch your existing release, the diff for this update is:
Code: Select all
Index: Dataface/Application.php
===================================================================
--- Dataface/Application.php   (revision 2508)
+++ Dataface/Application.php   (revision 2509)
@@ -590,9 +590,10 @@
      $prefix = $this->_conf['cookie_prefix'];
      //print_r($_COOKIE);
      if ( isset($_REQUEST['--lang']) ){
-      
+         $_REQUEST['--lang'] = basename($_REQUEST['--lang']);
         $this->_conf['lang'] = $_REQUEST['--lang'];
      } else if ( isset( $_REQUEST['-lang'] ) ){
+         $_REQUEST['-lang'] = basename($_REQUEST['-lang']);
         $this->_conf['lang'] = $_REQUEST['-lang'];
         if ( @$_COOKIE[$prefix.'lang'] !== $_REQUEST['-lang'] ){
            setcookie($prefix.'lang', $_REQUEST['-lang'], null, '/');
@@ -610,6 +611,7 @@
         setcookie($prefix.'lang', $this->_conf['lang'], null, '/');
      }
      
+      $this->_conf['lang'] = basename($this->_conf['lang']);
      
      
      // Set the mode (edit or view)
Index: Dataface/templates/Dataface_Main_Template.html
===================================================================
--- Dataface/templates/Dataface_Main_Template.html   (revision 2508)
+++ Dataface/templates/Dataface_Main_Template.html   (revision 2509)
@@ -18,7 +18,7 @@
  *-------------------------------------------------------------------------------
  *}{if !$ENV.APPLICATION_OBJECT->main_content_only}{define_slot name="doctype_tag"}<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
         "http://www.w3.org/TR/html4/strict.dtd">{/define_slot}
-{define_slot name="html_tag"}<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="{$ENV.language}" lang="{$ENV.language}">{/define_slot}
+{define_slot name="html_tag"}<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="{$ENV.language|escape}" lang="{$ENV.language|escape}">{/define_slot}

   <head>
   {if !$ENV.prefs.no_history}


Other Applications

Web Auction

Web Auction 0.3.7 was released today that includes the latest Xataface with this security patch. You can either update your entire web auction install, or simply update the "dataface" directory to the latest Xataface.
https://sourceforge.net/projects/webauc ... ion-0.3.7/

Librarian DB

Web Auction 0.3.1 was released today that includes the latest Xataface with this security patch. You can either update your entire Librarian DB install, or simply update the "dataface" directory to the latest Xataface.
https://sourceforge.net/projects/librar ... ndb-0.3.1/

Internet Media Manager

Internet Media Manager 0.3.1 was released today that includes the latest Xataface with this security patch. You can either update your entire Internet Media Manager install, or simply update the "dataface" directory to the latest Xataface.
https://sourceforge.net/projects/immgr/files/imm-0.3.1/
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm

Re: Xataface Security Release 1.3rc5 (Critical Bugfix)

Postby ADobkin » Wed Aug 03, 2011 2:04 pm

FYI, I am getting an Access Denied error when trying to view the bug report URL provided in this announcement. I am able to log into the bug tracker but still cannot access this report.
ADobkin
 
Posts: 195
Joined: Mon Oct 22, 2007 7:31 pm
Location: Atlanta, GA, USA

Re: Xataface Security Release 1.3rc5 (Critical Bugfix)

Postby shannah » Tue Aug 07, 2012 9:21 am

That link doesn't look like it goes to the bug report... I can't seem to find the original report just now... I'll keep looking and post it when I find it.

-Steve
shannah
 
Posts: 4457
Joined: Wed Dec 31, 1969 5:00 pm


Return to LCMS Discussion

Who is online

Users browsing this forum: No registered users and 5 guests

cron
Powered by Dataface
© 2005-2007 Steve Hannah All rights reserved