Fedora has issued an advisory on April 11: http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105273.html RedHat's bug says it's fixed upstream in 1.0.8.11, so Cauldron/Mageia 3 wouldn't be affected. Reproducible: Steps to Reproduce:
It seems Fedora fixed it by upgrading. I'll do the same.
Status: NEW => ASSIGNED
This bug has been resolved by doing an upgrade to version 1.0.8.11. I don't use this package (I have not tested it) and there are no other pacakges that require it. Please pus it to upgrades
CC: (none) => thomasAssignee: thomas => qa-bugs
Thanks Thomas! Advisory: ======================== Updated php-geshi package fix security vulnerabilities: A directory traversal and information disclosure (local file inclusion) flaws were found in the cssgen contrib module (application to generate custom CSS files) of GeSHi, a generic syntax highlighter, performed sanitization of 'geshi-path' and 'geshi-lang-path' HTTP GET / POST variables. A remote attacker could provide a specially-crafted URL that, when visited could lead to local file system traversal or, potentially, ability to read content of any local file, accessible with the privileges of the user running the webserver (CVE-2013-3251). A cross-site scripting (XSS) flaw was found in the way 'langwiz' example script of GeSHi, a generic syntax highlighter, performed sanitization of certain HTTP GET / POST request variables (prior dumping their content). A remote attacker could provide a specially-crafted URL that, when visited would lead to arbitrary HTML or web script execution (CVE-2013-3522). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3521 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3522 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105247.html ======================== Updated packages in core/updates_testing: ======================== php-geshi-1.0.8.11-1.mga2 from php-geshi-1.0.8.11-1.mga2.src.rpm
URL: (none) => http://lwn.net/Vulnerabilities/550574/
Fixing the CVE names in the advisory. Thanks Claire. Advisory: ======================== Updated php-geshi package fix security vulnerabilities: A directory traversal and information disclosure (local file inclusion) flaws were found in the cssgen contrib module (application to generate custom CSS files) of GeSHi, a generic syntax highlighter, performed sanitization of 'geshi-path' and 'geshi-lang-path' HTTP GET / POST variables. A remote attacker could provide a specially-crafted URL that, when visited could lead to local file system traversal or, potentially, ability to read content of any local file, accessible with the privileges of the user running the webserver (CVE-2012-3251). A cross-site scripting (XSS) flaw was found in the way 'langwiz' example script of GeSHi, a generic syntax highlighter, performed sanitization of certain HTTP GET / POST request variables (prior dumping their content). A remote attacker could provide a specially-crafted URL that, when visited would lead to arbitrary HTML or web script execution (CVE-2012-3522). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3521 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3522 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105247.html ======================== Updated packages in core/updates_testing: ======================== php-geshi-1.0.8.11-1.mga2 from php-geshi-1.0.8.11-1.mga2.src.rpm
Testing complete mga2 64 Example here: http://qbnz.com/highlighter/geshi-doc.html#basic-usage Can be tested at http://localhost/geshi.php using the following script saved as /var/www/html/geshi.php <?php echo "This is a test page for geshi."; echo "It should display syntax highlighted code below."; // // Include the GeSHi library// include_once '/usr/share/php/geshi.php'; //// Define some source to highlight, a language to use // and the path to the language files// $source = '$foo = 45; for ( $i = 1; $i < $foo; $i++ ){ echo "$foo\n"; --$foo; }';$language = 'php'; // // Create a GeSHi object// $geshi = new GeSHi($source, $language); // // And echo the result!// echo $geshi->parse_code(); ?>
Whiteboard: (none) => has_procedure mga2-64-ok
Note, it is necessary to give the full path to /usr/share/php/geshi.php in the script, include_once 'geshi.php'; doesn't work. Is this an issue?
Whiteboard: has_procedure mga2-64-ok => has_procedure mga2-64-ok feedback
Any feedback on this please. Other than needing the full path, it works fine. It's not a regression but doesn't seem right.
I believe this is normal. Please go ahead. There were no issues (Bug reports) with the current version except the security issue which this fixes.
Thanks Thomas Validating Advisory & srpm in comment 4 Could sysadmin please push from 2 core/updates_testing to core/updates Thanks!
Keywords: (none) => validated_updateWhiteboard: has_procedure mga2-64-ok feedback => has_procedure mga2-64-ok mga2-32-okCC: (none) => sysadmin-bugs
Update packages have been pushed.
Status: ASSIGNED => RESOLVEDCC: (none) => boklmResolution: (none) => FIXED
CC: boklm => (none)