On Fri, Oct 24, 2008 at 10:27:09PM +0200, Florian Weimer wrote: > * Luca Bruno: > > > A full disclosure bulletin has been posted today, reporting various > > security vulnerabilities in websvn. > > Thanks, I'm not sure if the source is in our public monitoring. > > > The remote code execution should only affect etch version, while at a > > first glance the others are also still open in lenny/sid. > > I think the code execution can only be exploited if you can commit to > the repository, so this vulnerability is not critical. > >
Hi, That looks serious indeed, and it affects versions from both testing and unstable. There are 3 different kind of problems: - Cross Site Scripting (unsafe usage of the PHP_SELF server variable within the getParameterisedSelfUrl() function) - File handling issues in the RSS functionality - PHP Code Execution (only in 1.x branch): unsafe use of preg_replace evaluation when parsing anchor tags and the like Unfortunately, upstream is not responsive :/ I have tried to contact Tim Armes, and the developer list. The problems are affecting several parts of the code, and I am not sure what the correct solution could be. Help on the subject would be very appreciated ! Pierre -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
