Your message dated Tue, 28 Jun 2005 12:13:38 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Bug#316071: phpbb2: Inproper escaping in viewtopic.php
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 28 Jun 2005 09:17:04 +0000
>From [EMAIL PROTECTED] Tue Jun 28 02:17:04 2005
Return-path: <[EMAIL PROTECTED]>
Received: from inutil.org (vserver151.vserver151.serverflex.de)
[193.22.164.111]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DnCDH-0006bH-00; Tue, 28 Jun 2005 02:17:04 -0700
Received: from wlan-client-025.informatik.uni-bremen.de ([134.102.116.26]
helo=localhost.localdomain)
by vserver151.vserver151.serverflex.de with esmtpsa
(TLS-1.0:RSA_AES_256_CBC_SHA:32)
(Exim 4.50)
id 1DnC7s-0001zp-4p
for [EMAIL PROTECTED]; Tue, 28 Jun 2005 11:11:28 +0200
Received: from jmm by localhost.localdomain with local (Exim 4.51)
id 1DnCDC-0002WX-GW; Tue, 28 Jun 2005 11:16:58 +0200
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Moritz Muehlenhoff <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: phpbb2: Inproper escaping in viewtopic.php
X-Mailer: reportbug 3.15
Date: Tue, 28 Jun 2005 11:16:58 +0200
X-Debbugs-Cc: [EMAIL PROTECTED]
Message-Id: <[EMAIL PROTECTED]>
X-SA-Exim-Connect-IP: 134.102.116.26
X-SA-Exim-Mail-From: [EMAIL PROTECTED]
X-SA-Exim-Scanned: No (on vserver151.vserver151.serverflex.de); SAEximRunCond
expanded to false
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-9.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
RCVD_IN_DSBL,X_DEBBUGS_CC autolearn=ham
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: phpbb2
Severity: grave
Tags: security
Justification: user security hole
[Cc:ing security@ as Sarge is affected as well]
phpbb 2.0.16 fixes a security issue due to inproper escaping of the
$highlight_match variable in viewtopic.php.
Upstream developers classify it as critical and provide something that
has a close resemblance of a patch:
http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=302011
Cheers,
Moritz
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.12-rc5
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
---------------------------------------
Received: (at 316071-done) by bugs.debian.org; 28 Jun 2005 10:13:41 +0000
>From [EMAIL PROTECTED] Tue Jun 28 03:13:41 2005
Return-path: <[EMAIL PROTECTED]>
Received: from a-eskwadraat.nl [131.211.39.72]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DnD64-0008FS-00; Tue, 28 Jun 2005 03:13:41 -0700
Received: from jeroen by A-Eskwadraat.nl with local (Exim 3.35 #1 (Debian))
id 1DnD62-0006Bc-00; Tue, 28 Jun 2005 12:13:38 +0200
Date: Tue, 28 Jun 2005 12:13:38 +0200
To: Moritz Muehlenhoff <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Bug#316071: phpbb2: Inproper escaping in viewtopic.php
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <[EMAIL PROTECTED]>
User-Agent: Mutt/1.3.28i
From: Jeroen van Wolffelaar <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
On Tue, Jun 28, 2005 at 11:16:58AM +0200, Moritz Muehlenhoff wrote:
> [Cc:ing security@ as Sarge is affected as well]
>
> phpbb 2.0.16 fixes a security issue due to inproper escaping of the
> $highlight_match variable in viewtopic.php.
>
> Upstream developers classify it as critical and provide something that
> has a close resemblance of a patch:
> http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=302011
This hole was introduced in a post-sarge version, and we didn't copy
this bug back while backporting fixes -- the error was a half escaping
of backslashes causing malicious code to be able to be executed.
So: Debian is not vulnerable.
--Jeroen
--
Jeroen van Wolffelaar
[EMAIL PROTECTED] (also for Jabber & MSN; ICQ: 33944357)
http://Jeroen.A-Eskwadraat.nl
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
