Your message dated Sat, 24 Oct 2009 12:17:23 +0000
with message-id <e1n1fyh-0002it...@ries.debian.org>
and subject line Bug#552020: fixed in typo3-src 4.2.10-1
has caused the Debian Bug report #552020,
regarding TYPO3 Security Bulletin TYPO3-SA-2009-016: Multiple vulnerabilities
in TYPO3 Core
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
552020: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=552020
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: typo3-src
Severity: critical
Tags: security
TYPO3 Security Bulletin TYPO3-SA-2009-016: Multiple vulnerabilities in TYPO3
Core
Vulnerability Types: SQL injection, Cross-site scripting (XSS), Information
disclosure,
Frame hijacking, Remote shell command execution and Insecure Install Tool
authentication/session handling.
Problem Description 1: By entering malcious content into a tt_content form
element,
a backend user could recalculate the encryption key. This knowledge could be
used
to attack TYPO3 mechanisms that were protected by this key. A valid backend
login
is required to exploit this vulnerability.
Problem Description 2: Failing to sanitize user input the TYPO3 backend is
susceptible
to XSS attacs in several places. A valid backend login is required to exploit
these
vulnerabilities.
Problem Description 3: By manipulating URL parameters it is possible to include
arbitrary websites in the TYPO3 backend framesets. A valid backend login is
required
to exploit this vulnerability.
Problem Description 4: By uploading files with malicious filenames an editor
could
execute arbitrary shell commands on the server the TYPO3 installation is
located.
A valid backend login is required to exploit this vulnerability.
Problem Description 5: Failing to sanitize URL parameters, TYPO3 is susceptible
to SQL
injection in the frontend editing feature (the traditional one, not
feeditadvanced that
will be shipped with TYPO3 4.3). A valid backend login and activated frontend
editing
is required to exploit this vulnerability.
Problem Description 6: The sanitizing algorithm of the API function
t3lib_div::quoteJSvalue
wasn't sufficient, so that an an attacker could inject specially crafted HTML
or JavaScript
code. Since this function can be used in backend modules as well as in frontend
extensions, this vulnerability could also be exploited without the need of
having a
vaild backend login.
Problem Description 7: Failing to sanitize URL parameters the Frontend Login
Box box is
susceptible to XSS.
Problem Description 8: It is possible to gain access to the Install Tool by
only knowing
the md5 hash of the Install Tool password.
Problem Description 9: Failing to sanitize URL parameters, the Install Tool is
susceptible
to Cross-site scripting attacks.
For more information see the Typo3 Bulletin at:
<https://typo3.org/teams/security/security-bulletins/typo3-sa-2009-016/>
--
MfG, Christian Welzel
GPG-Key: http://www.camlann.de/key.asc
Fingerprint: 4F50 19BF 3346 36A6 CFA9 DBDC C268 6D24 70A1 AD15
--- End Message ---
--- Begin Message ---
Source: typo3-src
Source-Version: 4.2.10-1
We believe that the bug you reported is fixed in the latest version of
typo3-src, which is due to be installed in the Debian FTP archive:
typo3-src-4.2_4.2.10-1_all.deb
to pool/main/t/typo3-src/typo3-src-4.2_4.2.10-1_all.deb
typo3-src_4.2.10-1.diff.gz
to pool/main/t/typo3-src/typo3-src_4.2.10-1.diff.gz
typo3-src_4.2.10-1.dsc
to pool/main/t/typo3-src/typo3-src_4.2.10-1.dsc
typo3-src_4.2.10.orig.tar.gz
to pool/main/t/typo3-src/typo3-src_4.2.10.orig.tar.gz
typo3_4.2.10-1_all.deb
to pool/main/t/typo3-src/typo3_4.2.10-1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 552...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Christian Welzel <gaw...@camlann.de> (supplier of updated typo3-src package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 22 Oct 2009 22:00:00 +0100
Source: typo3-src
Binary: typo3 typo3-src-4.2
Architecture: source all
Version: 4.2.10-1
Distribution: unstable
Urgency: high
Maintainer: Christian Welzel <gaw...@camlann.de>
Changed-By: Christian Welzel <gaw...@camlann.de>
Description:
typo3 - Powerful content management framework (Meta package)
typo3-src-4.2 - Powerful content management framework (Core)
Closes: 552020
Changes:
typo3-src (4.2.10-1) unstable; urgency=high
.
* New upstream release.
- fixes "TYPO3 Security Bulletin TYPO3-SA-2009-016: Multiple
vulnerabilities in TYPO3 Core" (Closes: 552020)
Checksums-Sha1:
12d1491988196812c82346f4ad8b73b591c1830e 987 typo3-src_4.2.10-1.dsc
ba6fa68267bf924df2f3ddfffee7dac4fc51f800 8155862 typo3-src_4.2.10.orig.tar.gz
d1a59783a5d7eb18d0dc9144827a8bef22d03282 108718 typo3-src_4.2.10-1.diff.gz
4471a17c2629f8d38d47470b89f728f02b27ed2a 139048 typo3_4.2.10-1_all.deb
b343d78aa7a7b95d98fe9102fa5e40f0be228bbd 8205562 typo3-src-4.2_4.2.10-1_all.deb
Checksums-Sha256:
50f9e73efd4a5943baf9deb4d14ce50bd92613f75ce3c6da06849f74cfe18f1e 987
typo3-src_4.2.10-1.dsc
d64b78314e67a1b03e8a720b655ffd04cec45b31c9e3e603605fd70a5556b6e7 8155862
typo3-src_4.2.10.orig.tar.gz
987987b0abd307162b66bc2b841b20d7cdfecb712185d3e82e378f8757e002d3 108718
typo3-src_4.2.10-1.diff.gz
14af0443c2ab9c52228d58fc1eca420acaa6e25909d459f082626383febc24be 139048
typo3_4.2.10-1_all.deb
14a2e1dd3c4b89f8a68bfa7da97c8ad7e7624a2f900ab610fc3a95a1efb0a791 8205562
typo3-src-4.2_4.2.10-1_all.deb
Files:
ab1b418e337e2cd4f9a17d120a38b0b1 987 web optional typo3-src_4.2.10-1.dsc
b53a1d9faeff6a872efa9104946cdb87 8155862 web optional
typo3-src_4.2.10.orig.tar.gz
2ad72958fed81ab5c4d3b56ecbaafa6c 108718 web optional typo3-src_4.2.10-1.diff.gz
74e0a0ab2b27a5526befa5e8fcf02f81 139048 web optional typo3_4.2.10-1_all.deb
df2a6e9fc2d44b7ca9fd614d9f7a131c 8205562 web optional
typo3-src-4.2_4.2.10-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFK4uwdUHLQNqxYNSARAtc7AJ9QvZaieI4r7l9tduCRgIHTV8tzogCgrg+r
FAN6QGZug+QL+ZpHMPsun2Q=
=Znlw
-----END PGP SIGNATURE-----
--- End Message ---
