Date: Sun, 13 Mar 2005 12:46:29 GMT From: Kang Liu <liukang@bjut.edu.cn> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/78779: [maintainer] Fix bad html filter in www/phpbb Message-ID: <200503131246.j2DCkT3R080595@www.freebsd.org> Resent-Message-ID: <200503131250.j2DCo2cN005639@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 78779
>Category: ports
>Synopsis: [maintainer] Fix bad html filter in www/phpbb
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Sun Mar 13 12:50:01 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Kang Liu
>Release: 5.3
>Organization:
Beijing University of Technology
>Environment:
FreeBSD 5.3-STABLE #0: Thu Jan 6 17:37:44 CST 2005
>Description:
There is a low risk vulnerability in www/phpbb that allows users to bypass forum-wide configuration (VuXML ID 4a0b334d-8d8d-11d9-afa0-003048705d5a). The patch below can fix this problem.
>How-To-Repeat:
>Fix:
--- /dev/null Sun Mar 13 20:38:18 2005
+++ files/patch-includes-usercp_register.php Sun Mar 13 20:29:28 2005
@@ -0,0 +1,23 @@
+--- includes/usercp_register.php.orig Sun Mar 13 19:44:02 2005
++++ includes/usercp_register.php Sun Mar 13 19:48:34 2005
+@@ -145,10 +145,9 @@
+ if ( $mode == 'register' )
+ {
+ $attachsig = ( isset($HTTP_POST_VARS['attachsig']) ) ? ( ($HTTP_POST_VARS['attachsig']) ? TRUE : 0 ) : $board_config['allow_sig'];
+-
+- $allowhtml = ( isset($HTTP_POST_VARS['allowhtml']) ) ? ( ($HTTP_POST_VARS['allowhtml']) ? TRUE : 0 ) : $board_config['allow_html'];
+- $allowbbcode = ( isset($HTTP_POST_VARS['allowbbcode']) ) ? ( ($HTTP_POST_VARS['allowbbcode']) ? TRUE : 0 ) : $board_config['allow_bbcode'];
+- $allowsmilies = ( isset($HTTP_POST_VARS['allowsmilies']) ) ? ( ($HTTP_POST_VARS['allowsmilies']) ? TRUE : 0 ) : $board_config['allow_smilies'];
++ $allowhtml = ( ($board_config['allowhtml']) ) ? TRUE : 0;
++ $allowbbcode = ( ($board_config['allowbbcode']) ) ? TRUE : 0;
++ $allowsmilies = ( ($board_config['allowsmilies']) ) ? TRUE : 0;
+ }
+ else
+ {
+@@ -1134,4 +1133,4 @@
+
+ include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
+
+-?>
+\ No newline at end of file
++?>
--- Makefile.orig Sun Mar 13 20:29:07 2005
+++ Makefile Sun Mar 13 20:40:29 2005
@@ -7,6 +7,7 @@
PORTNAME= phpbb
PORTVERSION= 2.0.13
+PORTREVISION= 1
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR= ${PORTNAME}
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200503131246.j2DCkT3R080595>