On Mon, 2005-10-31 at 12:06 +0100, Florian Weimer wrote: > A new round of security issues in phpBB has been disclosed.
Hello people, Here's an update on the current state of affairs of the issues fixed in 2.0.18. UNSTABLE Packages for 2.0.18 for sid are nearly ready, we only need some code to add a new database table. Jeroen is working on this, and will upload as soon as this is fixed. STABLE I've gone through the list supplied by upstream, and my findings are as follows. > [Sec] backport of session keys system from olympus Security feature, not bug, will not be backported. > [Sec] fixed email bans to use the same pattern as email validation and > allow wildcard domain bans Security feature, not bug, will not be backported. > [Sec] fixed validation of topic type when posting I fixed this in our SVN, and will be included in the updated sarge package. > [Sec] unset database password once it is no longer needed Security feature, not bug, will not be backported. > [Sec] fixed potential to select images outside the specified path as avatars or smilies I fixed this in our SVN, and will be included in the updated sarge package. > [Sec] fix globals de-registration code for PHP5 Not relevant for sarge, won't fix. > [Sec] changed avatar gallery code sections to prevent possible > injection points (AnthraX101) I have not yet been able to locate what exactly the problem is here and what the fix is in the upstream patch. Help on this is welcome! > [Sec] signature field is not properly sanitised for user input when an > error occurs while accessing the avatar gallery Same as previous, problem and fix not yet identified. > [Sec] check to_username and ownership when editing a PM This also needs some investigation into what exactly fixes this. > [Sec] fixed ability to edit PM's you did not send (depablo84) I fixed this in our SVN, and will be included in the updated sarge package. > [Sec] compare imagetype on avatar uploading to match the file > extension from uploaded file After some discussion we decided to include this fix in stable, I fixed this in our SVN, and will be included in the updated sarge package. regards, Thijs
signature.asc
Description: This is a digitally signed message part
