** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2013-7412
-- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it! https://bugs.launchpad.net/bugs/1171714 Title: RSS block contents randomly copied from one block to another Status in Mahara ePortfolio: Fix Released Status in Mahara 1.5 series: Fix Released Status in Mahara 1.6 series: Fix Released Status in Mahara 1.7 series: Fix Released Bug description: We've identified a problem with RSS feeds, which is a regression caused by the patch for https://bugs.launchpad.net/mahara/+bug/1081431 The cron job that refreshes the RSS feeds is not properly initializing a loop variable as it process each feed. As a result, if the attempt to fetch & parse a block's RSS feed errors out, the block gets its contents overwritten by the last RSS feed processed by the loop. There is no way to recover the data in the overwritten RSS feed block, and there is no automatic way to detect which RSS feeds have been overwritten by this bug, and which are genuine duplicate RSS feeds (from multiple users subscribing to the same feed). There are also security ramifications to this bug, because if an RSS feed which gets copied contains a username and password, they will be visible in plaintext to the user into whose Page they have been copied. To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1171714/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : [email protected] Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp
