rpms/moin/F-7 moin-1.5.8-attachfilexssfix.patch, NONE, 1.1 moin-1.5.8-loginxssfix.patch, NONE, 1.1 moin.spec, 1.17, 1.18
Lubomir Kundrak (lkundrak)
fedora-extras-commits at redhat.com
Wed Feb 20 11:24:02 UTC 2008
Author: lkundrak
Update of /cvs/pkgs/rpms/moin/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12703/F-7
Modified Files:
moin.spec
Added Files:
moin-1.5.8-attachfilexssfix.patch moin-1.5.8-loginxssfix.patch
Log Message:
Fix various XSS
moin-1.5.8-attachfilexssfix.patch:
--- NEW FILE moin-1.5.8-attachfilexssfix.patch ---
#From: http://hg.moinmo.in/moin/1.5/rev/2f952fa361c7
# HG changeset patch
# User Thomas Waldmann <tw AT waldmann-edv DOT de>
# Date 1201046099 -3600
# Node ID db212dfc58eff3ff7d1c9860d5fe79933217dc6e
# Parent e69a16b6e63020ac615e74b3184d6e89597352e0
fix XSS issues in AttachFile action
diff -urp moin-1.5.8.orig/docs/CHANGES moin-1.5.8/docs/CHANGES
--- moin-1.5.8.orig/docs/CHANGES 2008-02-20 12:09:26.000000000 +0100
+++ moin-1.5.8/docs/CHANGES 2008-02-20 12:11:36.000000000 +0100
@@ -29,7 +29,7 @@ Known main issues:
method. USE BOTH ON YOUR OWN RISK!
Version 1.5.8:
- Fedora: * Fixed XSS issue in login action.
+ Fedora: * Fixed XSS issues in login and AttachFile action.
New features:
* Added timing.log to help performance debugging. Use cfg.log_timing = True
to update <data_dir>/timing.log (default is False, meaning no logging).
diff -urp moin-1.5.8.orig/MoinMoin/action/AttachFile.py moin-1.5.8/MoinMoin/action/AttachFile.py
--- moin-1.5.8.orig/MoinMoin/action/AttachFile.py 2007-05-06 00:48:23.000000000 +0200
+++ moin-1.5.8/MoinMoin/action/AttachFile.py 2008-02-20 12:10:38.000000000 +0100
@@ -440,7 +440,7 @@ Otherwise, if "Rename to" is left blank,
'action_name': action_name,
'upload_label_file': _('File to upload'),
'upload_label_rename': _('Rename to'),
- 'rename': request.form.get('rename', [''])[0],
+ 'rename': wikiutil.escape(request.form.get('rename', [''])[0], 1),
'upload_label_overwrite': _('Overwrite existing attachment of same name'),
'overwrite_checked': ('', 'checked')[request.form.get('overwrite', ['0'])[0] == '1'],
'upload_button': _('Upload'),
@@ -536,6 +536,8 @@ def execute(pagename, request):
def upload_form(pagename, request, msg=''):
+ if msg:
+ msg = wikiutil.escape(msg)
_ = request.getText
request.http_headers()
@@ -733,7 +735,7 @@ def send_moveform(pagename, request):
d = {'action': 'AttachFile',
'do': 'attachment_move',
'ticket': wikiutil.createTicket(request),
- 'pagename': pagename,
+ 'pagename': wikiutil.escape(pagename, 1),
'attachment_name': filename,
'move': _('Move'),
'cancel': _('Cancel'),
@@ -820,13 +822,13 @@ def install_package(pagename, request):
if package.isPackage():
if package.installPackage():
- msg=_("Attachment '%(filename)s' installed.") % {'filename': wikiutil.escape(target)}
+ msg=_("Attachment '%(filename)s' installed.") % {'filename': target}
else:
- msg=_("Installation of '%(filename)s' failed.") % {'filename': wikiutil.escape(target)}
+ msg=_("Installation of '%(filename)s' failed.") % {'filename': target}
if package.msg != "":
msg += "<br><pre>" + wikiutil.escape(package.msg) + "</pre>"
else:
- msg = _('The file %s is not a MoinMoin package file.' % wikiutil.escape(target))
+ msg = _('The file %s is not a MoinMoin package file.' % target)
upload_form(pagename, request, msg=msg)
@@ -910,9 +912,9 @@ def unzip_file(pagename, request):
"files are too big, .zip files only, exist already or "
"reside in folders.") % {'filename': filename}
else:
- msg = _('The file %(target)s is not a .zip file.' % target)
+ msg = _('The file %(target)s is not a .zip file.' % {'target': filename})
- upload_form(pagename, request, msg=wikiutil.escape(msg))
+ upload_form(pagename, request, msg=msg)
def send_viewfile(pagename, request):
_ = request.getText
moin-1.5.8-loginxssfix.patch:
--- NEW FILE moin-1.5.8-loginxssfix.patch ---
#From: http://hg.moinmo.in/moin/1.5/rev/db212dfc58ef
# HG changeset patch
# User Thomas Waldmann <tw AT waldmann-edv DOT de>
# Date 1200847002 -3600
# Node ID 2f952fa361c7bc6ed127ec0618038272385186cd
# Parent dbe95b27954adcb135e392ff1f9c883d0cfb7dc6
XSS fix for login action, thanks to Fernando Quintero for reporting this
diff -urp moin-1.5.8.orig/docs/CHANGES moin-1.5.8/docs/CHANGES
--- moin-1.5.8.orig/docs/CHANGES 2007-05-13 00:18:34.000000000 +0200
+++ moin-1.5.8/docs/CHANGES 2008-02-20 12:09:26.000000000 +0100
@@ -29,6 +29,7 @@ Known main issues:
method. USE BOTH ON YOUR OWN RISK!
Version 1.5.8:
+ Fedora: * Fixed XSS issue in login action.
New features:
* Added timing.log to help performance debugging. Use cfg.log_timing = True
to update <data_dir>/timing.log (default is False, meaning no logging).
diff -urp moin-1.5.8.orig/MoinMoin/action/login.py moin-1.5.8/MoinMoin/action/login.py
--- moin-1.5.8.orig/MoinMoin/action/login.py 2006-05-11 18:24:00.000000000 +0200
+++ moin-1.5.8/MoinMoin/action/login.py 2008-02-20 12:07:41.000000000 +0100
@@ -40,12 +40,12 @@ class LoginHandler:
if not user.isValidName(request, name):
error = _("""Invalid user name {{{'%s'}}}.
Name may contain any Unicode alpha numeric character, with optional one
-space between words. Group page name is not allowed.""") % name
+space between words. Group page name is not allowed.""") % wikiutil.escape(name)
# Check that user exists
elif not user.getUserId(request, name):
error = _('Unknown user name: {{{"%s"}}}. Please enter'
- ' user name and password.') % name
+ ' user name and password.') % wikiutil.escape(name)
# Require password
else:
Index: moin.spec
===================================================================
RCS file: /cvs/pkgs/rpms/moin/F-7/moin.spec,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- moin.spec 9 Feb 2008 14:48:30 -0000 1.17
+++ moin.spec 20 Feb 2008 11:23:14 -0000 1.18
@@ -3,7 +3,7 @@
Summary: MoinMoin is a Python clone of WikiWiki
Name: moin
Version: 1.5.8
-Release: 3%{?dist}
+Release: 4%{?dist}
License: GPLv2+
Group: Applications/Internet
URL: http://moinmoin.wikiwikiweb.de/
@@ -13,6 +13,8 @@
Patch1: moin-1.3.5-xml_newline.patch
Patch10: 10010_CVE-2007-0857.patch
Patch11: moin-1.5.8-cookieidfix.patch
+Patch12: moin-1.5.8-loginxssfix.patch
+Patch13: moin-1.5.8-attachfilexssfix.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: python-devel
BuildArch: noarch
@@ -30,6 +32,8 @@
%patch1 -p1 -b .xml_newline
%patch10 -p1 -b .CVE-2007-0857
%patch11 -p1 -b .cookieidfix
+%patch12 -p1 -b .loginxssfix
+%patch13 -p1 -b .attachfilexssfix
%build
@@ -56,6 +60,10 @@
%changelog
+* Wed Feb 20 2008 Lubomir Kundrak <lkundrak at redhat.com> 1.5.8-4
+- Fix CVE-2008-0780 XSS in login action (2f952fa361c7)
+- Fix CVE-2008-0781 multiple XSS in AttachFile action (db212dfc58ef)
+
* Fri Feb 8 2008 Matthias Saou <http://freshrpms.net/> 1.5.8-3
- Include e69a16b6e630 1.5 changeset as cookieidfix (#432017).
More information about the fedora-extras-commits
mailing list