Debian Bug report logs - #661064
movabletype-opensource: Multiple security issues

version graph

Package: movabletype-opensource; Maintainer for movabletype-opensource is Debian Movable Type and OpenMelody team <pkg-mt-om-devel@lists.alioth.debian.org>; Source for movabletype-opensource is src:movabletype-opensource.

Reported by: Dominic Hargreaves <dom@earth.li>

Date: Thu, 23 Feb 2012 22:27:01 UTC

Severity: grave

Found in versions movabletype-opensource/5.1.2+dfsg-3, movabletype-opensource/4.3.5+dfsg-2+squeeze2

Fixed in version movabletype-opensource/5.1.3+dfsg-1

Done: Dominic Hargreaves <dom@earth.li>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org:
Bug#661064; Package movabletype-opensource. (Thu, 23 Feb 2012 22:27:05 GMT) Full text and rfc822 format available.

Acknowledgement sent to Dominic Hargreaves <dom@earth.li>:
New Bug report received and forwarded. (Thu, 23 Feb 2012 22:27:05 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Dominic Hargreaves <dom@earth.li>
To: submit@bugs.debian.org
Subject: movabletype-opensource: Multiple security issues
Date: Thu, 23 Feb 2012 22:22:49 +0000
Package: movabletype-opensource
Version: 5.1.2+dfsg-3
Severity: grave
Justification: security

http://www.movabletype.org/2012/02/movable_type_513_507_and_438_security_updates.html

"5.13, 5.07, and 4.38 address the multiple vulnerabilities including:

- OS Command Injection exists in the file management system, the most
  serious of which may lead to arbitrary OS command execution by a user
  who has a permission to sign-in to the admin script and also has a
  permission to upload files.
- Session Hijack and CSRF exist in the commenting and the community
  script. A remote attacker could hijack the user session or could
  execute arbitrary script code on victim's browser under the certain
  circumstances.
- XSS exists in templates where the variables are not escaped properly.
  A remote attacker could inject client-side script into web pages
  viewed by other users.
- XSS exists in mt-wizard.cgi. This vulnerability was reported by
  Trustwave (TWSL2012-003)
"

-- 
Dominic Hargreaves | http://www.larted.org.uk/~dom/
PGP key 5178E2A5 from the.earth.li (keyserver,web,email)




Bug Marked as found in versions movabletype-opensource/4.3.5+dfsg-2+squeeze2. Request was from Dominic Hargreaves <dom@earth.li> to control@bugs.debian.org. (Thu, 23 Feb 2012 22:39:02 GMT) Full text and rfc822 format available.

Reply sent to Dominic Hargreaves <dom@earth.li>:
You have taken responsibility. (Fri, 24 Feb 2012 11:18:33 GMT) Full text and rfc822 format available.

Notification sent to Dominic Hargreaves <dom@earth.li>:
Bug acknowledged by developer. (Fri, 24 Feb 2012 11:18:34 GMT) Full text and rfc822 format available.

Message #12 received at 661064-close@bugs.debian.org (full text, mbox):

From: Dominic Hargreaves <dom@earth.li>
To: 661064-close@bugs.debian.org
Subject: Bug#661064: fixed in movabletype-opensource 5.1.3+dfsg-1
Date: Fri, 24 Feb 2012 11:17:58 +0000
Source: movabletype-opensource
Source-Version: 5.1.3+dfsg-1

We believe that the bug you reported is fixed in the latest version of
movabletype-opensource, which is due to be installed in the Debian FTP archive:

movabletype-opensource_5.1.3+dfsg-1.debian.tar.gz
  to main/m/movabletype-opensource/movabletype-opensource_5.1.3+dfsg-1.debian.tar.gz
movabletype-opensource_5.1.3+dfsg-1.dsc
  to main/m/movabletype-opensource/movabletype-opensource_5.1.3+dfsg-1.dsc
movabletype-opensource_5.1.3+dfsg-1_all.deb
  to main/m/movabletype-opensource/movabletype-opensource_5.1.3+dfsg-1_all.deb
movabletype-opensource_5.1.3+dfsg.orig.tar.gz
  to main/m/movabletype-opensource/movabletype-opensource_5.1.3+dfsg.orig.tar.gz
movabletype-plugin-core_5.1.3+dfsg-1_all.deb
  to main/m/movabletype-opensource/movabletype-plugin-core_5.1.3+dfsg-1_all.deb
movabletype-plugin-zemanta_5.1.3+dfsg-1_all.deb
  to main/m/movabletype-opensource/movabletype-plugin-zemanta_5.1.3+dfsg-1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 661064@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Dominic Hargreaves <dom@earth.li> (supplier of updated movabletype-opensource package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Fri, 24 Feb 2012 11:07:02 +0000
Source: movabletype-opensource
Binary: movabletype-opensource movabletype-plugin-core movabletype-plugin-zemanta
Architecture: source all
Version: 5.1.3+dfsg-1
Distribution: unstable
Urgency: high
Maintainer: Dominic Hargreaves <dom@earth.li>
Changed-By: Dominic Hargreaves <dom@earth.li>
Description: 
 movabletype-opensource - Well-known blogging engine
 movabletype-plugin-core - Core Movable Type plugins
 movabletype-plugin-zemanta - Zemanta Movable Type plugin
Closes: 661064
Changes: 
 movabletype-opensource (5.1.3+dfsg-1) unstable; urgency=high
 .
   * New upstream release
     - fixes multiple security vulnerabilities (closes: #661064)
Checksums-Sha1: 
 5c6585d8f17bcbced5c3595a31ebf3b7f34871ce 1575 movabletype-opensource_5.1.3+dfsg-1.dsc
 f9d0751da9cd4b089994a55f1f7c22cbf595680e 6153596 movabletype-opensource_5.1.3+dfsg.orig.tar.gz
 fa1a8debbf1042414948afd401b4141b4dd0f3f2 30184 movabletype-opensource_5.1.3+dfsg-1.debian.tar.gz
 d308d27fbe544834c79ea8fc347307b29a6cc550 4031490 movabletype-opensource_5.1.3+dfsg-1_all.deb
 42cd24c0a40bca5d6943be97c267431f53636556 170366 movabletype-plugin-core_5.1.3+dfsg-1_all.deb
 9df456968c7d98bf952cc8a9855f37041c1398df 16318 movabletype-plugin-zemanta_5.1.3+dfsg-1_all.deb
Checksums-Sha256: 
 16094ab4abc21737851f3b914f21152b3f5ea2d8e29a0bb13e81156e0cb6bee8 1575 movabletype-opensource_5.1.3+dfsg-1.dsc
 73e8a03eb19d3e0bc9fbe8776501b93e7c1f943d39e346611dddc9f5eeec7a99 6153596 movabletype-opensource_5.1.3+dfsg.orig.tar.gz
 804f3cbd11ef34ccac82a32f0e335609de8c2500fe0fdd2ec5088093a63e6ca4 30184 movabletype-opensource_5.1.3+dfsg-1.debian.tar.gz
 c7a318a8b104dbacfb565575214e888c7f934f8c7f75659b3b54ec6f104c23ce 4031490 movabletype-opensource_5.1.3+dfsg-1_all.deb
 b40f68dcf34404d6f005eb7cfd356e85d6ea28b605dbd078c9a74211fdfa5427 170366 movabletype-plugin-core_5.1.3+dfsg-1_all.deb
 043a473b42b19e81f5d1dba09194d384722061148ee822b5f855f515bf1db3c6 16318 movabletype-plugin-zemanta_5.1.3+dfsg-1_all.deb
Files: 
 ee5941eed06af1d16e42702d4090a994 1575 web optional movabletype-opensource_5.1.3+dfsg-1.dsc
 9f80ab7405683105693bdd328c96d599 6153596 web optional movabletype-opensource_5.1.3+dfsg.orig.tar.gz
 57b69e2c86fafd4943aa8539f48927c3 30184 web optional movabletype-opensource_5.1.3+dfsg-1.debian.tar.gz
 ebe9854e35729ba116a7a0117faea7c7 4031490 web optional movabletype-opensource_5.1.3+dfsg-1_all.deb
 af9f6c72c363171b364b73f0ea5979b4 170366 web optional movabletype-plugin-core_5.1.3+dfsg-1_all.deb
 2014eef927ddd340cfb86c3a7de5af65 16318 web optional movabletype-plugin-zemanta_5.1.3+dfsg-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFPR2+iYzuFKFF44qURAvvIAKC9/5VJ6oVuj12RSUbyb5lpdV+/xwCdFOnv
NIsCSpN/SnpuUY620u3pPUM=
=33ka
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 02 Jun 2013 08:09:04 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 10:26:52 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.