Commit 92f101d4 authored by Mike Gabriel's avatar Mike Gabriel

fixup DLA-1942-1 advisory

parent 44f9d84b
<define-tag pagetitle>DLA-1942-1 phpbb3</define-tag>
<define-tag report_date>2019-10-01</define-tag>
<define-tag secrefs>CVE-2019-16993</define-tag>
<define-tag report_date>2019-10-06</define-tag>
<define-tag secrefs>CVE-2019-13776 CVE-2019-16993</define-tag>
<define-tag packages>phpbb3</define-tag>
<define-tag isvulnerable>yes</define-tag>
<define-tag fixed>yes</define-tag>
......
<define-tag description>LTS security update</define-tag>
<define-tag moreinfo>
<p>In phpBB, includes/acp/acp_bbcodes.php had improper verification of a
CSRF token on the BBCode page in the Administration Control Panel. An
actual CSRF attack was possible if an attacker also managed to retrieve
the session id of a reauthenticated administrator prior to targeting
them.</p>
<p>The description in this DLA does not match what has been documented in
the changelog.Debian.gz of this package version. After the upload of
phpbb3 3.0.12-5+deb8u4, it became evident that <a href="https://security-tracker.debian.org/tracker/CVE-2019-13776">CVE-2019-13776</a> has not yet
been fixed. The correct fix for <a href="https://security-tracker.debian.org/tracker/CVE-2019-13776">CVE-2019-13776</a> has been identified and
will be shipped in a soon-to-come follow-up security release of phpbb3.</p>
<define-tag moreinfo></p>
<ul>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-16993">CVE-2019-16993</a>
<p>In phpBB, includes/acp/acp_bbcodes.php had improper verification of a
CSRF token on the BBCode page in the Administration Control Panel. An
actual CSRF attack was possible if an attacker also managed to retrieve
the session id of a reauthenticated administrator prior to targeting
them.</p></li>
<li><a href="https://security-tracker.debian.org/tracker/CVE-2019-13776">CVE-2019-13776</a>
<p>phpBB allowed the stealing of an Administration Control Panel session id
by leveraging CSRF in the Remote Avatar feature. The CSRF Token Hijacking
lead to stored XSS.</p></li>
</ul>
<p>For Debian 8 <q>Jessie</q>, these problems have been fixed in version
3.0.12-5+deb8u4.</p>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment