← Back to team overview

mahara-packaging team mailing list archive

[Bug 888358] Re: Several security updates for Mahara

 

This bug was fixed in the package mahara - 1.4.0-1ubuntu0.1

---------------
mahara (1.4.0-1ubuntu0.1) oneiric-security; urgency=low

  * SECURITY UPDATE: XSS in unvalidated URI attributes
    - Added a filter to sanitise user input urls (LP: #888358)
    - debian/patches/CVE-2011-2771.patch: upstream patch
    - CVE-2011-2771

  * SECURITY UPDATE: DoS attack via invalid or excessively large images
    - Added a check to evaluate available memory before processing
      (LP: #888358)
    - debian/patches/CVE-2011-2772.patch: upstream patch
    - CVE-2011-2772

  * SECURITY UPDATE: XSRF allowing attackers to trick an admin into adding
    them to an institution
    - remove unreferenced and vulnerable addtoinstitution.php (LP: #888358)
    - debian/patches/CVE-2011-2773.patch: upstream patch
    - CVE-2011-2773

  * SECURITY UPDATE: Information disclosure exposing private messages
    - User check to ensure they are conversation participant (LP: #888358)
    - debian/patches/CVE-2011-2774.patch: upstream patch
    - CVE-2011-2774

  * SECURITY UPDATE: Prevent masquerading users from jumping as others
    - Added a check to prevent jumping as other users. (LP: #888358)
    - debian/patches/mnet_masquerading.patch: upstream patch
 -- Melissa Draper <melissa@xxxxxxxxxxxxxxx>   Thu, 03 Nov 2011 22:32:45 +0000

** Changed in: mahara (Ubuntu Oneiric)
       Status: Confirmed => Fix Released

** Changed in: mahara (Ubuntu Natty)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Mahara
Packaging, which is subscribed to mahara in Ubuntu.
https://bugs.launchpad.net/bugs/888358

Title:
  Several security updates for Mahara

Status in “mahara” package in Ubuntu:
  Fix Released
Status in “mahara” source package in Lucid:
  Fix Released
Status in “mahara” source package in Maverick:
  Fix Released
Status in “mahara” source package in Natty:
  Fix Released
Status in “mahara” source package in Oneiric:
  Fix Released
Status in “mahara” source package in Precise:
  Fix Released

Bug description:
  Here are patches to fix a number of very serious security issues in
  lucid, maverick, natty and oneiric versions of Mahara.

  Issues affecting both 1.2.x and 1.4.0 are:

    * XSS in unvalidated URI attributes
      - CVE-2011-2771
      - Upstream advisory: http://mahara.org/interaction/forum/topic.php?id=4135
   
    * DoS attack via invalid or excessively large images
      - CVE-2011-2772
      - Upstream advisory: http://mahara.org/interaction/forum/topic.php?id=4133
   
    *  XSRF allowing attackers to trick an admin into adding them to an institution
      - CVE-2011-2773
      - Upstream advisory: http://mahara.org/interaction/forum/topic.php?id=4137
   
    *  Prevent masquerading users from jumping via XMLRPC as others
      - CVE pending from oss-sec list via debian security list
      - Upstream advisory: http://mahara.org/interaction/forum/topic.php?id=4138

  One issue affects the 1.4.0 version of Mahara in Oneiric:

     * Information disclosure exposing private messages
       - CVE-2011-2774
       - Upstream advisory: http://mahara.org/interaction/forum/topic.php?id=4134

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mahara/+bug/888358/+subscriptions