*** This bug is a security vulnerability *** Public security bug reported:
>From https://simplesamlphp.org/security/202004-01: Date April 03, 2020 Affected versions SimpleSAMLphp 1.18.5 and older Severity Low Background The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the given path exists it presents the file to the browser. Description The check to identify paths ending with .php does not account for uppercase letters. If someone requests a path ending with e.g. .PHP and the server is serving the code from a case-insensitive file system, such as on Windows, the processing of the PHP code does not occur, and the source code is instead presented to the browser. Affected versions SimpleSAMLphp versions 1.18.5 and older. We will upgrade to version 1.18.7 ** Affects: mahara Importance: High Assignee: Lisa Seeto (lisaseeto) Status: Confirmed ** Affects: mahara/19.04 Importance: High Status: Confirmed ** Affects: mahara/19.10 Importance: High Status: Confirmed ** Affects: mahara/20.04 Importance: High Status: Confirmed ** Affects: mahara/20.10 Importance: High Assignee: Lisa Seeto (lisaseeto) Status: Confirmed ** Changed in: mahara Milestone: None => 19.10.4 ** Changed in: mahara Milestone: 19.10.4 => None ** Changed in: mahara Milestone: None => 19.04.6 ** Also affects: mahara/19.10 Importance: Undecided Status: New ** Also affects: mahara/19.04 Importance: Undecided Status: New ** Also affects: mahara/20.10 Importance: High Status: New ** Also affects: mahara/20.04 Importance: Undecided Status: New ** Changed in: mahara/20.10 Milestone: 19.04.6 => 20.10.0 ** Changed in: mahara/20.04 Milestone: None => 20.04.1 ** Changed in: mahara/20.10 Milestone: 20.10.0 => None ** Changed in: mahara/20.10 Milestone: None => 20.10.0 ** Changed in: mahara/19.10 Milestone: None => 19.10.4 ** Changed in: mahara/19.04 Milestone: None => 19.04.6 ** Changed in: mahara/20.10 Status: New => In Progress ** Changed in: mahara/20.10 Assignee: (unassigned) => Lisa Seeto (lisaseeto) -- You received this bug notification because you are a member of Mahara Contributors, which is subscribed to Mahara. Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it! https://bugs.launchpad.net/bugs/1889485 Title: Security Upgrade SimpleSAML 1.18.4 to 1.18.7 Status in Mahara: Confirmed Status in Mahara 19.04 series: Confirmed Status in Mahara 19.10 series: Confirmed Status in Mahara 20.04 series: Confirmed Status in Mahara 20.10 series: Confirmed Bug description: From https://simplesamlphp.org/security/202004-01: Date April 03, 2020 Affected versions SimpleSAMLphp 1.18.5 and older Severity Low Background The module controller in SimpleSAML\Module that processes requests for pages hosted by modules, has code to identify paths ending with .php and process those as PHP code. If no other suitable way of handling the given path exists it presents the file to the browser. Description The check to identify paths ending with .php does not account for uppercase letters. If someone requests a path ending with e.g. .PHP and the server is serving the code from a case-insensitive file system, such as on Windows, the processing of the PHP code does not occur, and the source code is instead presented to the browser. Affected versions SimpleSAMLphp versions 1.18.5 and older. We will upgrade to version 1.18.7 To manage notifications about this bug go to: https://bugs.launchpad.net/mahara/+bug/1889485/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~mahara-contributors Post to : [email protected] Unsubscribe : https://launchpad.net/~mahara-contributors More help : https://help.launchpad.net/ListHelp
