Date: Tue, 4 Aug 2020 09:30:44 +0000 (UTC) From: Jochen Neumeister <joneum@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r544152 - head/security/vuxml Message-ID: <202008040930.0749UiE1022243@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: joneum Date: Tue Aug 4 09:30:44 2020 New Revision: 544152 URL: https://svnweb.freebsd.org/changeset/ports/544152 Log: add entry for typo3-9 and typo3-10 PR: 248430 248429 Sponsored by: Netzkommune GmbH Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Tue Aug 4 09:08:04 2020 (r544151) +++ head/security/vuxml/vuln.xml Tue Aug 4 09:30:44 2020 (r544152) @@ -58,6 +58,56 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="eab964f8-d632-11ea-9172-4c72b94353b5"> + <topic>typo3 -- multiple vulnerabilities</topic> + <affects> + <package> + <name>typo3-9-php72</name> + <name>typo3-9-php73</name> + <name>typo3-9-php74</name> + <range><lt>9.5.20</lt></range> + </package> + <package> + <name>typo3-10-php72</name> + <name>typo3-10-php73</name> + <name>typo3-10-php74</name> + <range><lt>10.4.6</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Typo3 Team reports:</p> + <blockquote cite="https://typo3.org/article/typo3-1046-and-9520-security-releases-published">; + <p>In case an attacker manages to generate a valid cryptographic message authentication + code (HMAC-SHA1) - either by using a different existing vulnerability or in case the + internal encryptionKey was exposed - it is possible to retrieve arbitrary files of a + TYPO3 installation. This includes the possibility to fetch typo3conf/LocalConfiguration.php + which again contains the encryptionKey as well as credentials of the database management + system being used. + In case a database server is directly accessible either via internet or in a shared hosting + network, this allows to completely retrieve, manipulate or delete database contents. + This includes creating an administration user account - which can be used to trigger remote + code execution by injecting custom extensions.</p> + <p>It has been discovered that an internal verification mechanism can be used to generate + arbitrary checksums. This allows to inject arbitrary data having a valid cryptographic + message authentication code (HMAC-SHA1) and can lead to various attack chains as described + below.</p> + </blockquote> + </body> + </description> + <references> + <url>https://typo3.org/article/typo3-1046-and-9520-security-releases-published</url>; + <url>https://typo3.org/security/advisory/typo3-core-sa-2020-007</url>; + <url>https://typo3.org/security/advisory/typo3-core-sa-2020-008</url>; + <cvename>CVE-2020-15098</cvename> + <cvename>CVE-2020-15099</cvename> + </references> + <dates> + <discovery>2020-07-28</discovery> + <entry>2020-08-04</entry> + </dates> + </vuln> + <vuln vid="3c7ba82a-d3fb-11ea-9aba-0c9d925bbbc0"> <topic>xorg-server -- Pixel Data Uninitialized Memory Information Disclosure</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202008040930.0749UiE1022243>