diff options
author | Wenzong Fan <wenzong.fan@windriver.com> | 2015-11-14 04:47:56 -0500 |
---|---|---|
committer | Martin Jansa <Martin.Jansa@gmail.com> | 2015-12-18 12:44:42 +0100 |
commit | b12220887e7eabab269666d7a929211eacefcdb7 (patch) | |
tree | 3564a1f3341efcb378b11f893f1679b0362f447a /meta-webserver | |
parent | 4c21d7a02ff282411e2370802551aa4577b326fb (diff) | |
download | meta-openembedded-b12220887e7eabab269666d7a929211eacefcdb7.tar.gz |
phpmyadmin: fix CVE-2015-7873
The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1
and 4.5.x before 4.5.1 allows remote attackers to spoof content via the
url parameter.
Backport upstream commit to fix it:
https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706
Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Diffstat (limited to 'meta-webserver')
-rw-r--r-- | meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch | 48 | ||||
-rw-r--r-- | meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb | 1 |
2 files changed, 49 insertions, 0 deletions
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch new file mode 100644 index 000000000..1e6bcbda5 --- /dev/null +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin/Port-content-spoofing-fix-CVE-2015-7873.patch | |||
@@ -0,0 +1,48 @@ | |||
1 | From ae7eae1cc88cbdf2d27a6f10f097ef731823689e Mon Sep 17 00:00:00 2001 | ||
2 | From: Wenzong Fan <wenzong.fan@windriver.com> | ||
3 | Date: Sat, 14 Nov 2015 02:01:54 -0500 | ||
4 | Subject: [PATCH] Port content spoofing fix | ||
5 | |||
6 | Backport upstream commit for fixing CVE-2015-7873: | ||
7 | https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706 | ||
8 | |||
9 | Upstream-Status: Backport | ||
10 | |||
11 | Signed-off-by: Marc Delisle <marc@infomarc.info> | ||
12 | Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> | ||
13 | --- | ||
14 | ChangeLog | 4 ++++ | ||
15 | url.php | 3 ++- | ||
16 | 2 files changed, 6 insertions(+), 1 deletion(-) | ||
17 | |||
18 | diff --git a/ChangeLog b/ChangeLog | ||
19 | index 4cb6708..96936c8 100644 | ||
20 | --- a/ChangeLog | ||
21 | +++ b/ChangeLog | ||
22 | @@ -107,6 +107,10 @@ phpMyAdmin - ChangeLog | ||
23 | - issue #11448 Clarify doc about the MemoryLimit directive | ||
24 | - issue #11489 Cannot copy a database under certain conditions | ||
25 | |||
26 | +4.4.15.1 (2015-10-23) | ||
27 | +- issue #11464 phpMyAdmin suggests upgrading to newer version not usable on that system | ||
28 | +- issue [security] Content spoofing on url.php | ||
29 | + | ||
30 | 4.4.15.0 (not yet released) | ||
31 | - issue #11411 Undefined "replace" function on numeric scalar | ||
32 | - issue #11421 Stored-proc / routine - broken parameter parsing | ||
33 | diff --git a/url.php b/url.php | ||
34 | index eec78a5..9c4c884 100644 | ||
35 | --- a/url.php | ||
36 | +++ b/url.php | ||
37 | @@ -32,6 +32,7 @@ if (! PMA_isValid($_REQUEST['url']) | ||
38 | } | ||
39 | </script>"; | ||
40 | // Display redirecting msg on screen. | ||
41 | - printf(__('Taking you to %s.'), htmlspecialchars($_REQUEST['url'])); | ||
42 | + // Do not display the value of $_REQUEST['url'] to avoid showing injected content | ||
43 | + echo __('Taking you to the target site.'); | ||
44 | } | ||
45 | die(); | ||
46 | -- | ||
47 | 1.9.1 | ||
48 | |||
diff --git a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb index e28b66a23..9297d0c23 100644 --- a/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb +++ b/meta-webserver/recipes-php/phpmyadmin/phpmyadmin_4.5.0.2.bb | |||
@@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ | |||
6 | file://libraries/tcpdf/LICENSE.TXT;md5=5c87b66a5358ebcc495b03e0afcd342c" | 6 | file://libraries/tcpdf/LICENSE.TXT;md5=5c87b66a5358ebcc495b03e0afcd342c" |
7 | 7 | ||
8 | SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/4.5.0.2/phpMyAdmin-4.5.0.2-all-languages.tar.xz \ | 8 | SRC_URI = "https://files.phpmyadmin.net/phpMyAdmin/4.5.0.2/phpMyAdmin-4.5.0.2-all-languages.tar.xz \ |
9 | file://Port-content-spoofing-fix-CVE-2015-7873.patch \ | ||
9 | file://apache.conf" | 10 | file://apache.conf" |
10 | 11 | ||
11 | SRC_URI[md5sum] = "2d08d2fcc8f70f88a11a14723e3ca275" | 12 | SRC_URI[md5sum] = "2d08d2fcc8f70f88a11a14723e3ca275" |