mahara-contributors team mailing list archive

Thread
Date

[Bug 1171714] Re: RSS block contents randomly copied from one block to another

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Aaron Wells <1171714@xxxxxxxxxxxxxxxxxx>
Date: Thu, 02 May 2013 10:01:47 -0000
Reply-to: Bug 1171714 <1171714@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Information type changed from Private Security to Public Security

** Also affects: mahara/1.5
   Importance: Undecided
       Status: New

** Also affects: mahara/1.6
   Importance: Undecided
       Status: New

** Also affects: mahara/1.7
   Importance: Undecided
       Status: New

** Changed in: mahara/1.5
       Status: New => Fix Released

** Changed in: mahara/1.5
    Milestone: None => 1.5.10

** Changed in: mahara/1.6
    Milestone: None => 1.6.5

** Changed in: mahara/1.7
    Milestone: None => 1.7.1

** Changed in: mahara/1.6
       Status: New => Fix Released

** Changed in: mahara/1.7
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contrib members
https://bugs.launchpad.net/bugs/1171714

Title:
  RSS block contents randomly copied from one block to another

Status in Mahara ePortfolio:
  Triaged
Status in Mahara 1.5 series:
  Fix Released
Status in Mahara 1.6 series:
  Fix Released
Status in Mahara 1.7 series:
  Fix Released

Bug description:
  We've identified a problem with RSS feeds, which is a regression
  caused by the patch for https://bugs.launchpad.net/mahara/+bug/1081431

  The cron job that refreshes the RSS feeds is not properly initializing
  a loop variable as it process each feed. As a result, if the attempt
  to fetch & parse a block's RSS feed errors out, the block gets its
  contents overwritten by the last RSS feed processed by the loop. There
  is no way to recover the data in the overwritten RSS feed block, and
  there is no automatic way to detect which RSS feeds have been
  overwritten by this bug, and which are genuine duplicate RSS feeds
  (from multiple users subscribing to the same feed).

  There are also security ramifications to this bug, because if an RSS
  feed which gets copied contains a username and password, they will be
  visible in plaintext to the user into whose Page they have been
  copied.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1171714/+subscriptions