-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Wed, 30 Nov 2005 11:52:53 +0100 Source: phpbb2 Binary: phpbb2-languages phpbb2-conf-mysql phpbb2 Architecture: source all Version: 2.0.13+1-6sarge2 Distribution: stable-security Urgency: high Maintainer: Jeroen van Wolffelaar <jeroen@wolffelaar.nl> Changed-By: Thijs Kinkhorst <kink@squirrelmail.org> Description: phpbb2 - A fully featured and skinneable flat (non-threaded) webforum phpbb2-conf-mysql - Automatic configurator for phpbb2 on MySQL database phpbb2-languages - phpBB2 additional languages Closes: 335662 336582 336587 Changes: phpbb2 (2.0.13+1-6sarge2) stable-security; urgency=high . * Security update by phpBB maintainers * Backport fixes for the following issues announced by upstream and independent researchers (Closes: #336582, #336587, #335662): - fixed validation of topic type when posting. - fixed potential to select images outside the specified path as avatars or smilies. - fixed ability to edit PM's you did not send. - CVE-2005-3419, CVE-2005-3420: fixed inadquate signature field input sanitising, which allowed for arbitrary code execution - CVE-2005-3310: compare imagetype on avatar uploading to match the file extension from uploaded file. . Additionally, the following three issues are fixed, though they are only a threat when running with the heavily discouraged register_globals = off setting: - CVE-2005-3415: bypass protection mechanisms that deregister global variables by setting both a GPC variable and a GLOBALS[] variable. - CVE-2005-3416: bypass security checks by setting the $_SESSION and $HTTP_SESSION_VARS variables to strings instead of arrays. - CVE-2005-3418: Multiple cross-site scripting (XSS) vulnerabilities. Files: 84a0dab5af965cf6ff418c2b2383a9ee 783 web optional phpbb2_2.0.13+1-6sarge2.dsc e644237009e5eff92b86f21a5f6f4cbe 64580 web optional phpbb2_2.0.13+1-6sarge2.diff.gz f88101af29bf00db9a8fdb264e35d891 525514 web optional phpbb2_2.0.13-6sarge2_all.deb 4cbfd2fe1e336214a3defddeff55ce65 37474 web extra phpbb2-conf-mysql_2.0.13-6sarge2_all.deb f71e21b77d9f5bffa076a25d6687b4c2 2873096 web optional phpbb2-languages_2.0.13-6sarge2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Signed by Jeroen van Wolffelaar <jeroen@wolffelaar.nl> iD8DBQFDpgbUl2uISwgTVp8RAgcyAJ93wvWZCBowQ74CtZRAIOXZ1ZQw3QCgrYEu iBIbdbFUbbhEctbUEWdfu0I= =R/22 -----END PGP SIGNATURE----- Accepted: phpbb2-conf-mysql_2.0.13-6sarge2_all.deb to pool/main/p/phpbb2/phpbb2-conf-mysql_2.0.13-6sarge2_all.deb phpbb2-languages_2.0.13-6sarge2_all.deb to pool/main/p/phpbb2/phpbb2-languages_2.0.13-6sarge2_all.deb phpbb2_2.0.13+1-6sarge2.diff.gz to pool/main/p/phpbb2/phpbb2_2.0.13+1-6sarge2.diff.gz phpbb2_2.0.13+1-6sarge2.dsc to pool/main/p/phpbb2/phpbb2_2.0.13+1-6sarge2.dsc phpbb2_2.0.13-6sarge2_all.deb to pool/main/p/phpbb2/phpbb2_2.0.13-6sarge2_all.deb
