Fedora has issued an advisory on April 26: http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081284.html Cauldron will need updated as well.
CC: (none) => mageiaVersion: 2 => CauldronWhiteboard: (none) => MGA2TOO
An update is needed for Mageia 2. The version in Cauldron *is* vulnerable too.
CC: (none) => dmorganec
See https://bugs.mageia.org/show_bug.cgi?id=6480
CC: (none) => rod
See Also: (none) => https://bugs.mageia.org/show_bug.cgi?id=6480
As pointed out on Bug 6480, Cauldron is fixed. Updating to the same version for Mageia 2 would be sufficient.
Version: Cauldron => 2Whiteboard: MGA2TOO => (none)
(In reply to comment #3) > As pointed out on Bug 6480, Cauldron is fixed. I see Cauldron does indeed have dokuwiki-2012-01-25a.tgz, one new thing I saw with 2012-01-25a was httpd error_log entries when accessing the Admin page : File does not exist: /var/www/dokuwiki/data, referer: http://mga2/dokuwiki/doku.php?id=start&do=admin This wants to put a padlock image in the top right of the page via : <a style="border:none; float:right;" href="http://www.dokuwiki.org/security#web_access_security"> <img src="data/security.png" alt="Your data directory seems to be protected properly." onerror="this.parentNode.style.display='none'" /></a> That is the reason for the additional symlink in the SPEC mods seen in bug 6480 : +(cd %{buildroot}%{_var}/www/%{name} && ln -sf ../../..%{_datadir}/%{name}/lib/plugins/config/images data) With the symlink in place the img is seen, clicking this padlock image leads to http://www.dokuwiki.org/security#web_access_security for an explaination of what the padlock or other images mean.
There is also CVE-2012-3354, not sure what version it's fixed in: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3354
Summary: dokuwiki new security issues CVE-2012-2128 and CVE-2012-2129 => dokuwiki new security issues CVE-2012-2128, CVE-2012-2129, and CVE-2012-3354
Now 2012-01-25b has been released fixing CVE-2012-0283, also known as SA49196. http://www.securelist.com/en/advisories/49196
Version: 2 => CauldronSummary: dokuwiki new security issues CVE-2012-2128, CVE-2012-2129, and CVE-2012-3354 => dokuwiki new security issues CVE-2012-0283, CVE-2012-2128, CVE-2012-2129, and CVE-2012-3354Whiteboard: (none) => MGA2TOO
Updated package uploaded for Mageia 2 and Cauldron. CVE-2012-3354 has not been fixed, but it is unimportant and should not affect production systems (only systems with a PHP configuration appropriate for development machines are vulnerable). PoC for 2128/2129 is on https://bugzilla.redhat.com/show_bug.cgi?id=815122 Advisory: ======================== Updated dokuwiki package fixes security vulnerabilities: Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList function in inc/template.php in DokuWiki before 2012-01-25b allows remote attackers to inject arbitrary web script or HTML via the ns parameter in a medialist action to lib/exe/ajax.php (SA49196, CVE-2012-0283). A cross-site scripting (XSS) and cross-site request forgery (CSRF) flaws were found in the way DokuWiki, a standards compliant, simple to use Wiki, performed sanitization of the 'target' parameter when preprocessing edit form data. A remote attacker could provide a specially-crafted URL, which once visited by a valid DokuWiki user would lead to arbitrary HTML or web script execution in the context of logged in DokuWiki user (SA48848, CVE-2012-2128, CVE-2012-2129). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0283 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2128 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2129 https://secunia.com/advisories/48848/ http://www.securelist.com/en/advisories/49196 https://www.dokuwiki.org/changes http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081284.html ======================== Updated packages in core/updates_testing: ======================== dokuwiki-20120125-1.mga2 from dokuwiki-20120125-1.mga2.src.rpm
Version: Cauldron => 2Assignee: bugsquad => qa-bugsSummary: dokuwiki new security issues CVE-2012-0283, CVE-2012-2128, CVE-2012-2129, and CVE-2012-3354 => dokuwiki new security issues CVE-2012-0283, CVE-2012-2128, CVE-2012-2129Whiteboard: MGA2TOO => (none)
Severity: normal => major
I'll be testing Mageia 2 i586 shortly.
CC: (none) => davidwhodgins
Trying http://127.0.0.1/doku.php?do=edit&id=S9F8W2A&target=<script>alert(123)</script> with the core release version, I'm just getting a 404, page not found. I'll install the update, and just confirm it's working.
I did figure out it should be http://127.0.0.1/dokuwiki/doku.php?do=edit&id=S9F8W2A&target=<script>alert(123)</script> Doesn't work in chromium-browser, but does with firefox and opera. The update does fix the problem. Testing complete on Mageia 2 i586 and x86-64. Could someone from the sysadmin team push the srpm dokuwiki-20120125-1.mga2.src.rpm from Mageia 2 Core Updates Testing to Core Updates. Advisory: Updated dokuwiki package fixes security vulnerabilities: Cross-site scripting (XSS) vulnerability in the tpl_mediaFileList function in inc/template.php in DokuWiki before 2012-01-25b allows remote attackers to inject arbitrary web script or HTML via the ns parameter in a medialist action to lib/exe/ajax.php (SA49196, CVE-2012-0283). A cross-site scripting (XSS) and cross-site request forgery (CSRF) flaws were found in the way DokuWiki, a standards compliant, simple to use Wiki, performed sanitization of the 'target' parameter when preprocessing edit form data. A remote attacker could provide a specially-crafted URL, which once visited by a valid DokuWiki user would lead to arbitrary HTML or web script execution in the context of logged in DokuWiki user (SA48848, CVE-2012-2128, CVE-2012-2129). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0283 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2128 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2129 https://secunia.com/advisories/48848/ http://www.securelist.com/en/advisories/49196 https://www.dokuwiki.org/changes http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081284.html https://bugs.mageia.org/show_bug.cgi?id=6166
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugsWhiteboard: (none) => MGA2-32-OK MGA2-64-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0207
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED