XSS attack vector in Zend_Filter_StripTags
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
zend-framework (Ubuntu) |
Fix Released
|
Undecided
|
Stephan Rügamer | ||
Hardy |
Fix Released
|
Undecided
|
Stephan Rügamer | ||
Intrepid |
Fix Released
|
Undecided
|
Stephan Rügamer | ||
Jaunty |
Fix Released
|
Undecided
|
Stephan Rügamer | ||
Karmic |
Fix Released
|
Undecided
|
Stephan Rügamer |
Bug Description
Binary package hint: zend-framework
From Zend PHP FW Mailing List:
The Zend Framework team was recently notified of an XSS attack vector in its Zend_Filter_
The XSS attack vector was due to a bug in matching HTML tag attributes to retain. If whitespace was introduced surrounding the attribute assignment operator or the value included newline characters, the attribute would always be included in the final output- even if it was not marked to retain.
A security fix has been created and released with Zend Framework 1.7.7.
Additionally, the fix has been back-ported to the 1.6, 1.5, and 1.0 release branches.
The Zend Framework team strongly recommends upgrading to version 1.7.7. If you cannot upgrade at this time, we recommend exporting from the release branch matching the minor release you are currently using, or downloading the file listed below and pushing it into your Zend Framework installation.
Thank you.
,Wil
visibility: | private → public |
Changed in zend-framework (Ubuntu Jaunty): | |
assignee: | nobody → Stephan Hermann (shermann) |
status: | New → Confirmed |
Changed in zend-framework (Ubuntu Intrepid): | |
assignee: | nobody → Stephan Hermann (shermann) |
status: | New → Confirmed |
Changed in zend-framework (Ubuntu Hardy): | |
assignee: | nobody → Stephan Hermann (shermann) |
status: | New → Confirmed |
Changed in zend-framework (Ubuntu): | |
assignee: | nobody → Stephan Hermann (shermann) |
Changed in zend-framework (Ubuntu Hardy): | |
status: | Confirmed → In Progress |
Changed in zend-framework (Ubuntu Intrepid): | |
status: | Confirmed → In Progress |
Changed in zend-framework (Ubuntu Jaunty): | |
status: | Confirmed → In Progress |
Changed in zend-framework (Ubuntu Karmic): | |
status: | Confirmed → Fix Released |
Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https:/ /wiki.ubuntu. com/SecurityUpd ateProcedures