** Changed in: mahara
Status: Confirmed => Fix Committed
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1047111
Title:
XEE possible in mahara
Status in Mahara ePortfolio:
Fix Committed
Status in Mahara 1.4 series:
Fix Released
Status in Mahara 1.5 series:
Fix Released
Bug description:
There is a security issue with the default XML parser for PHP, where ENTITY
fields are
loaded and substituted in text parts.
This allows possible attackers to read from internal networks, or files
readable by the
web server user.
This includes reading of the config.php file, which contains sensitive
information such
as the database password, and the password salt field.
The fix for this was to include a call to libxml_disable_entity_loader(true)
during the
initialization of a page.
More information can be found at the following:
http://projects.webappsec.org/w/page/13247003/XML%20External%20Entities
http://websec.io/2012/08/27/Preventing-XEE-in-PHP.html
Reported by Mike Haworth.
To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1047111/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~mahara-contributors
Post to : mahara-contributors@lists.launchpad.net
Unsubscribe : https://launchpad.net/~mahara-contributors
More help : https://help.launchpad.net/ListHelp
