[Mahara-contributors] [Bug 1047111] A change has been merged

Tue, 16 Oct 2012 20:35:41 -0700 

Reviewed:  https://reviews.mahara.org/1791
Committed: 
http://gitorious.org/mahara/mahara/commit/ecc08a242be1b23fcb10bc4d96e93da128c3a3d6
Submitter: Melissa Draper (meli...@catalyst.net.nz)
Branch:    1.5_STABLE

commit ecc08a242be1b23fcb10bc4d96e93da128c3a3d6
Author: Hugh Davenport <h...@catalyst.net.nz>
Date:   Tue Oct 16 13:25:56 2012 +1300

    Fix Leap2A import from Moodle
    
    Related to bug #1047111
    
    That bug fixed the XXE attack by setting the following to true
     libxml_disable_entity_loader
    
    This caused issues with the leap2a importer used by mnet, which
    used the simplexml_load to load the xml which relies on file
    based remote entities. For this situation, a the following flag
    is used, which stops network based XXE attacks
     LIBXML_NONET
    
    Change-Id: I3d95ebc9c38374d339d66a80feaa39f5c15f1022
    Signed-off-by: Hugh Davenport <h...@catalyst.net.nz>

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/1047111

Title:
  XEE possible in mahara

Status in Mahara ePortfolio:
  Fix Committed
Status in Mahara 1.4 series:
  Fix Released
Status in Mahara 1.5 series:
  Fix Released

Bug description:
  There is a security issue with the default XML parser for PHP, where ENTITY 
fields are
  loaded and substituted in text parts. 

  This allows possible attackers to read from internal networks, or files 
readable by the
  web server user.

  This includes reading of the config.php file, which contains sensitive 
information such
  as the database password, and the password salt field.

  The fix for this was to include a call to libxml_disable_entity_loader(true) 
during the
  initialization of a page.

  More information can be found at the following:
   http://projects.webappsec.org/w/page/13247003/XML%20External%20Entities
   http://websec.io/2012/08/27/Preventing-XEE-in-PHP.html

  Reported by Mike Haworth.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1047111/+subscriptions

_______________________________________________
Mailing list: https://launchpad.net/~mahara-contributors
Post to     : mahara-contributors@lists.launchpad.net
Unsubscribe : https://launchpad.net/~mahara-contributors
More help   : https://help.launchpad.net/ListHelp

Reply via email to