Package: release.debian.org Severity: normal Tags: stretch User: release.debian....@packages.debian.org Usertags: pu
Dear release team, I just uploaded an update for php-horde-gollem to stretch, fixing CVE-2020-8034. + * debian/patches: + + Add CVE-2020-8034.patch. Fix XSS vulnerability in breadcrumb output + (Reported by: polict of Shielder). (Closes: #961649, CVE-2020-8034). Greets, Mike -- System Information: Debian Release: 10.4 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-8-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
diff -Nru php-horde-gollem-3.0.10/debian/changelog php-horde-gollem-3.0.10/debian/changelog --- php-horde-gollem-3.0.10/debian/changelog 2016-12-18 21:55:24.000000000 +0100 +++ php-horde-gollem-3.0.10/debian/changelog 2020-05-31 16:43:57.000000000 +0200 @@ -1,3 +1,11 @@ +php-horde-gollem (3.0.10-1+deb9u1) stretch; urgency=medium + + * debian/patches: + + Add CVE-2020-8034.patch. Fix XSS vulnerability in breadcrumb output + (Reported by: polict of Shielder). (Closes: #961649, CVE-2020-8034). + + -- Mike Gabriel <sunwea...@debian.org> Sun, 31 May 2020 16:43:57 +0200 + php-horde-gollem (3.0.10-1) unstable; urgency=medium * New upstream version 3.0.10 diff -Nru php-horde-gollem-3.0.10/debian/patches/CVE-2020-8034.patch php-horde-gollem-3.0.10/debian/patches/CVE-2020-8034.patch --- php-horde-gollem-3.0.10/debian/patches/CVE-2020-8034.patch 1970-01-01 01:00:00.000000000 +0100 +++ php-horde-gollem-3.0.10/debian/patches/CVE-2020-8034.patch 2020-05-31 16:43:57.000000000 +0200 @@ -0,0 +1,44 @@ +From a73bef1aef27d4cbfc7b939c2a81dea69aabb083 Mon Sep 17 00:00:00 2001 +From: Jan Schneider <j...@horde.org> +Date: Wed, 4 Mar 2020 18:54:06 +0100 +Subject: [PATCH] [jan] SECURITY: Fix XSS vulnerability in breadcrumb output + (Reported by: polict of Shielder, CVE-2020-8034). + +--- + doc/changelog.yml | 3 ++- + lib/Gollem.php | 5 +++-- + 2 files changed, 5 insertions(+), 3 deletions(-) + +#diff --git a/doc/changelog.yml b/doc/changelog.yml +#index dbad6ef..3e429bd 100644 +#--- a/doc/changelog.yml +#+++ b/doc/changelog.yml +#@@ -18,7 +18,8 @@ +# license: +# identifier: GPL-2.0 +# uri: http://www.horde.org/licenses/gpl +#- notes: +#+ notes: | +#+ [jan] SECURITY: Fix XSS vulnerability in breadcrumb output (Reported by: polict of Shielder, CVE-2020-8034). +# 3.0.12: +# api: 3.0.0 +# state: +diff --git a/gollem-3.0.10/lib/Gollem.php b/gollem-3.0.10/lib/Gollem.php +index 9a4a7cd..ec255e7 100644 +--- a/gollem-3.0.10/lib/Gollem.php ++++ b/gollem-3.0.10/lib/Gollem.php +@@ -692,10 +692,11 @@ public static function directoryNavLink($currdir, $url) + $dir = implode('/', $part); + if ((strstr($dir, self::$backend['root']) !== false) && + (self::$backend['root'] != $dir)) { ++ $part = htmlspecialchars($parts[($i - 1)]); + if ($i == $parts_count) { +- $label[] = $parts[($i - 1)]; ++ $label[] = $part; + } else { +- $label[] = Horde::link($url->add('dir', $dir), sprintf(_("Up to %s"), $dir)) . htmlspecialchars($parts[($i - 1)]) . '</a>'; ++ $label[] = Horde::link($url->add('dir', $dir), sprintf(_("Up to %s"), $dir)) . $part . '</a>'; + } + } + } + diff -Nru php-horde-gollem-3.0.10/debian/patches/series php-horde-gollem-3.0.10/debian/patches/series --- php-horde-gollem-3.0.10/debian/patches/series 1970-01-01 01:00:00.000000000 +0100 +++ php-horde-gollem-3.0.10/debian/patches/series 2020-05-31 16:40:31.000000000 +0200 @@ -0,0 +1 @@ +CVE-2020-8034.patch
