[Bug 1853063] Re: SQL injection and Persistent XSS in textile formatting
This bug was fixed in the package redmine - 3.4.4-1ubuntu0.1 --- redmine (3.4.4-1ubuntu0.1) bionic-security; urgency=medium * SECURITY UPDATE: persistent XSS exists due to textile formatting - debian/patches/0020-Fix-CVE-2019-17427.patch: improve the way that html tags are identified to be escaped. (LP: #1853063) - CVE-2019-17427 - https://www.cvedetails.com/cve/CVE-2019-17427/ - Redmine Defect #31520 -- Paulo Flabiano Smorigo Mon, 25 Nov 2019 20:17:10 + ** Changed in: redmine (Ubuntu) Status: New => Fix Released ** Changed in: redmine (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853063 Title: SQL injection and Persistent XSS in textile formatting To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/redmine/+bug/1853063/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1853063] Re: SQL injection and Persistent XSS in textile formatting
This bug was fixed in the package redmine - 4.0.1-2ubuntu0.1 --- redmine (4.0.1-2ubuntu0.1) disco-security; urgency=medium * SECURITY UPDATE: persistent XSS exists due to textile formatting - debian/patches/0020-Fix-CVE-2019-17427.patch: improve the way that html tags are identified to be escaped. (LP: #1853063) - CVE-2019-17427 - https://www.cvedetails.com/cve/CVE-2019-17427/ - Redmine Defect #31520 -- Paulo Flabiano Smorigo Mon, 25 Nov 2019 20:20:08 + -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853063 Title: SQL injection and Persistent XSS in textile formatting To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/redmine/+bug/1853063/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1853063] Re: SQL injection and Persistent XSS in textile formatting
Hey Paulo! Thanks for the fixes, I'll take more care next time regarding these details. I'm happy those fixes are released also in Ubuntu :-) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853063 Title: SQL injection and Persistent XSS in textile formatting To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/redmine/+bug/1853063/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1853063] Re: SQL injection and Persistent XSS in textile formatting
Hi Lucas, I published the new version with the fix. Thanks. I made two modifications in the changelog. The first was the version. Security update uses minor version naming, so 0.1, not 1. In this update I ended up using 0.2 because I made a mistake and had to upload the source again so I burned 0.1. Other change was to add the LP number to it so launchpad tracks it. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853063 Title: SQL injection and Persistent XSS in textile formatting To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/redmine/+bug/1853063/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1853063] Re: SQL injection and Persistent XSS in textile formatting
This bug was fixed in the package redmine - 3.2.1-2ubuntu0.2 --- redmine (3.2.1-2ubuntu0.2) xenial-security; urgency=medium * SECURITY UPDATE: persistent XSS exists due to textile formatting - debian/patches/0020-Fix-CVE-2019-17427.patch: improve the way that html tags are identified to be escaped. (LP: #1853063) - CVE-2019-17427 - https://www.cvedetails.com/cve/CVE-2019-17427/ - Redmine Defect #31520 * SECURITY UPDATE: SQL injection vulnerability - debian/patches/0021-Fix-CVE-2019-18890.patch: use map instead of each because it casts the values to integer and return a new array. (LP: #1853063) - CVE-2019-18890 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18890 - Redmine Defect #32374 -- Lucas Kanashiro Mon, 18 Nov 2019 18:15:09 -0300 ** Changed in: redmine (Ubuntu Xenial) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853063 Title: SQL injection and Persistent XSS in textile formatting To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/redmine/+bug/1853063/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1853063] Re: SQL injection and Persistent XSS in textile formatting
I just marked precise and trusty as invalid since they are out of standard support. Xenial version will be uploaded soon. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853063 Title: SQL injection and Persistent XSS in textile formatting To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/redmine/+bug/1853063/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1853063] Re: SQL injection and Persistent XSS in textile formatting
** Changed in: redmine (Ubuntu Precise) Status: New => Invalid ** Changed in: redmine (Ubuntu Trusty) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853063 Title: SQL injection and Persistent XSS in textile formatting To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/redmine/+bug/1853063/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1853063] Re: SQL injection and Persistent XSS in textile formatting
** Changed in: redmine (Ubuntu) Assignee: (unassigned) => Paulo Flabiano Smorigo (pfsmorigo) ** Changed in: redmine (Ubuntu Trusty) Assignee: (unassigned) => Paulo Flabiano Smorigo (pfsmorigo) ** Changed in: redmine (Ubuntu Xenial) Assignee: (unassigned) => Paulo Flabiano Smorigo (pfsmorigo) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853063 Title: SQL injection and Persistent XSS in textile formatting To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/redmine/+bug/1853063/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1853063] Re: SQL injection and Persistent XSS in textile formatting
This is my proposed debdiff to fix those CVEs in xenial. ** Patch added: "security-update.debdiff" https://bugs.launchpad.net/ubuntu/+source/redmine/+bug/1853063/+attachment/5306355/+files/security-update.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853063 Title: SQL injection and Persistent XSS in textile formatting To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/redmine/+bug/1853063/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs