Package: moodle Severity: important Tags: patch The version of libphp-adodb included in the moodle package is vulnerable to the cross site scripting vulnerabilities detailed in CVE-2006-0806[1].
The attached patch is what was used by upstream to resolve this issue. I'm not aware if it is necessary for you to have an embedded version of libphp-adodb for various possible reasons, but you may wish to consider just depending on the debian packaged version (it sure would make dealing with the numerous security issues that libphp-adodb seems to gather). 1. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0806 -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.15+vserver Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
diff -Nur libphp-adodb-4.52/build-tree/adodb/adodb-pager.inc.php libphp-adodb-4.52.new/build-tree/adodb/adodb-pager.inc.php --- libphp-adodb-4.52/build-tree/adodb/adodb-pager.inc.php 2004-08-10 01:26:22.000000000 -0700 +++ libphp-adodb-4.52.new/build-tree/adodb/adodb-pager.inc.php 2006-03-24 15:52:38.000000000 -0800 @@ -60,7 +60,7 @@ global $HTTP_SERVER_VARS,$PHP_SELF,$HTTP_SESSION_VARS,$HTTP_GET_VARS; $curr_page = $id.'_curr_page'; - if (empty($PHP_SELF)) $PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF']; + if (empty($PHP_SELF)) $PHP_SELF = htmlspecialchars($HTTP_SERVER_VARS['PHP_SELF']); // htmlspecialchars() to prevent XSS attacks $this->sql = $sql; $this->id = $id; @@ -70,7 +70,7 @@ $next_page = $id.'_next_page'; if (isset($HTTP_GET_VARS[$next_page])) { - $HTTP_SESSION_VARS[$curr_page] = $HTTP_GET_VARS[$next_page]; + $HTTP_SESSION_VARS[$curr_page] = (integer) $HTTP_GET_VARS[$next_page]; } if (empty($HTTP_SESSION_VARS[$curr_page])) $HTTP_SESSION_VARS[$curr_page] = 1; ## at first page @@ -284,4 +284,4 @@ } -?> \ No newline at end of file +?>