zend-framework (1.9.4-0ubuntu2.1) karmic-security; urgency=low
* The security update fixes the following security issues: (LP: #506304)
+ ZF2010-03: Potential XSS vector in Zend_Filter_StripTags when comments
allowed
Zend_Filter_StripTags contained an optional setting to allow whitelisting
HTML comments in filtered text. Microsoft Internet Explorer and several
other
browsers allow developers to create conditional functionality via HTML
comments,
including execution of script events and rendering of additional
commented markup.
By allowing whitelisting of HTML comments, a malicious user could
potentially
include XSS exploits within HTML comments that would then be rendered in
the final output.
http://framework.zend.com/security/advisory/ZF2010-03
+ ZF2010-04: Potential MIME-type Injection in Zend_File_Transfer
Zend_File_Transfer had a potential MIME type injection vulnerability for
file uploads.
In certain situations where either PHP's ext/finfo extension is not
installed and
the mime_content_type() function was not available on a system,
Zend_File_Transfer would
use the user provided value for the type embedded inside the $_FILES
superglobal.
Additionally, in cases where the functionality was available, but where a
type could not
be determined by one of them, Zend_File_Transfer would also fallback on
the user provided type.
Using user provided information for a file's MIME type in uploads is
considered an insecure
practice, as it provides attack vectors by malicious users.
http://framework.zend.com/security/advisory/ZF2010-04
+ ZF2010-06: Potential XSS or HTML Injection vector in Zend_Json
Zend_Json_Encoder was not taking into account the solidus character ("/")
during encoding,
leading to incompatibilities with the JSON specification, and opening the
potential for XSS
or HTML injection attacks when returning HTML within a JSON string.
* debian/patches/99_ZF2010-03_Zend_Filter_Striptags.patch:
+ Patch was found at: http://framework.zend.com/issues/browse/ZF-8743
* debian/patches/99_ZF2010-04_Zend_File_Transfer.patch:
+ Patch was found at: http://framework.zend.com/issues/browse/ZF-8733
* debian/patches/99_ZF2010-06_Zend_Json.patch
+ Patch was found: http://framework.zend.com/issues/browse/ZF-8663
Date: Tue, 12 Jan 2010 10:30:47 +0000
Changed-By: Stephan Hermann <[email protected]>
Maintainer: Ubuntu MOTU Developers <[email protected]>
https://launchpad.net/ubuntu/karmic/+source/zend-framework/1.9.4-0ubuntu2.1
Format: 1.8
Date: Tue, 12 Jan 2010 10:30:47 +0000
Source: zend-framework
Binary: libzend-framework-php zend-framework-bin zend-framework
Architecture: source
Version: 1.9.4-0ubuntu2.1
Distribution: karmic-security
Urgency: low
Maintainer: Ubuntu MOTU Developers <[email protected]>
Changed-By: Stephan Hermann <[email protected]>
Description:
libzend-framework-php - a simple, straightforward, open-source software
framework for PHP
zend-framework - a simple, straightforward, open-source software framework for
PHP
zend-framework-bin - a simple, straightforward, open-source software framework
for PHP
Changes:
zend-framework (1.9.4-0ubuntu2.1) karmic-security; urgency=low
.
* The security update fixes the following security issues: (LP: #506304)
+ ZF2010-03: Potential XSS vector in Zend_Filter_StripTags when comments
allowed
Zend_Filter_StripTags contained an optional setting to allow whitelisting
HTML comments in filtered text. Microsoft Internet Explorer and several
other
browsers allow developers to create conditional functionality via HTML
comments,
including execution of script events and rendering of additional
commented markup.
By allowing whitelisting of HTML comments, a malicious user could
potentially
include XSS exploits within HTML comments that would then be rendered in
the final output.
http://framework.zend.com/security/advisory/ZF2010-03
+ ZF2010-04: Potential MIME-type Injection in Zend_File_Transfer
Zend_File_Transfer had a potential MIME type injection vulnerability for
file uploads.
In certain situations where either PHP's ext/finfo extension is not
installed and
the mime_content_type() function was not available on a system,
Zend_File_Transfer would
use the user provided value for the type embedded inside the $_FILES
superglobal.
Additionally, in cases where the functionality was available, but where
a type could not
be determined by one of them, Zend_File_Transfer would also fallback on
the user provided type.
Using user provided information for a file's MIME type in uploads is
considered an insecure
practice, as it provides attack vectors by malicious users.
http://framework.zend.com/security/advisory/ZF2010-04
+ ZF2010-06: Potential XSS or HTML Injection vector in Zend_Json
Zend_Json_Encoder was not taking into account the solidus character
("/") during encoding,
leading to incompatibilities with the JSON specification, and opening
the potential for XSS
or HTML injection attacks when returning HTML within a JSON string.
* debian/patches/99_ZF2010-03_Zend_Filter_Striptags.patch:
+ Patch was found at: http://framework.zend.com/issues/browse/ZF-8743
* debian/patches/99_ZF2010-04_Zend_File_Transfer.patch:
+ Patch was found at: http://framework.zend.com/issues/browse/ZF-8733
* debian/patches/99_ZF2010-06_Zend_Json.patch
+ Patch was found: http://framework.zend.com/issues/browse/ZF-8663
Checksums-Sha1:
f3d8e6ef4d0721dc201d61cb7b555abd40ee3939 1165
zend-framework_1.9.4-0ubuntu2.1.dsc
0932dcd9736fc2a589b945ac8120f0f76e736c35 12456
zend-framework_1.9.4-0ubuntu2.1.diff.gz
Checksums-Sha256:
f52fe30490b00adeaff0a14abdad1c10b4dcd299a0efb85193c053ff1c9189b4 1165
zend-framework_1.9.4-0ubuntu2.1.dsc
88768886bafe2c7082b450a1dc1dd5f1a1e51f991ff3da43239bbeac78aa9948 12456
zend-framework_1.9.4-0ubuntu2.1.diff.gz
Files:
f4f8fca0708c16678eb60d5fd72232d1 1165 web extra
zend-framework_1.9.4-0ubuntu2.1.dsc
a744ba795d30fe237fb3c8c6801559f8 12456 web extra
zend-framework_1.9.4-0ubuntu2.1.diff.gz
Launchpad-Bugs-Fixed: 506304
Original-Maintainer: Stephan Hermann <[email protected]>
--
Karmic-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/karmic-changes
