RSS block contents randomly copied from one block to another
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Fix Released
|
Critical
|
Aaron Wells | ||
1.5 |
Fix Released
|
Critical
|
Unassigned | ||
1.6 |
Fix Released
|
Critical
|
Unassigned | ||
1.7 |
Fix Released
|
Critical
|
Unassigned |
Bug Description
We've identified a problem with RSS feeds, which is a regression caused by the patch for https:/
The cron job that refreshes the RSS feeds is not properly initializing a loop variable as it process each feed. As a result, if the attempt to fetch & parse a block's RSS feed errors out, the block gets its contents overwritten by the last RSS feed processed by the loop. There is no way to recover the data in the overwritten RSS feed block, and there is no automatic way to detect which RSS feeds have been overwritten by this bug, and which are genuine duplicate RSS feeds (from multiple users subscribing to the same feed).
There are also security ramifications to this bug, because if an RSS feed which gets copied contains a username and password, they will be visible in plaintext to the user into whose Page they have been copied.
CVE References
information type: | Private Security → Public Security |
Changed in mahara: | |
status: | Triaged → Fix Committed |
milestone: | none → 1.8.0rc1 |
status: | Fix Committed → Fix Released |
status: | Fix Released → Fix Committed |
milestone: | 1.8.0rc1 → none |
status: | Fix Committed → Fix Released |
Implementing a fix for https:/ /bugs.launchpad .net/mahara/ +bug/1016253 will mitigate the security ramifications.