Package: release.debian.org Severity: normal Tags: bullseye User: release.debian....@packages.debian.org Usertags: pu
Dear Stable Release Managers, Salvatore Bonaccorso on the Security Team suggested me to fix a revealed XSS vulnerability trough the upcoming point release. The issue has got the assigned number CVE-2021-46709. The proposed fix is a trivial one- liner patch casting $_GET['newRows'] to (int). [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] phpliteadmin (1.9.8.2-1+deb11u1) bullseye; urgency=medium . * Fix CVE-2021-46709, an XSS issue with the newRows GET parameter.
diffstat for phpliteadmin-1.9.8.2 phpliteadmin-1.9.8.2 changelog | 6 ++++++ patches/Fix-newRows-XSS.patch | 18 ++++++++++++++++++ patches/series | 1 + 3 files changed, 25 insertions(+) diff -Nru phpliteadmin-1.9.8.2/debian/changelog phpliteadmin-1.9.8.2/debian/changelog --- phpliteadmin-1.9.8.2/debian/changelog 2019-09-18 18:20:28.000000000 +0300 +++ phpliteadmin-1.9.8.2/debian/changelog 2022-03-19 09:25:56.000000000 +0300 @@ -1,3 +1,9 @@ +phpliteadmin (1.9.8.2-1+deb11u1) bullseye; urgency=medium + + * Fix CVE-2021-46709, an XSS issue with the newRows GET parameter. + + -- Nicholas Guriev <guriev...@ya.ru> Sat, 19 Mar 2022 09:25:56 +0300 + phpliteadmin (1.9.8.2-1) unstable; urgency=medium * New upstream release. diff -Nru phpliteadmin-1.9.8.2/debian/patches/Fix-newRows-XSS.patch phpliteadmin-1.9.8.2/debian/patches/Fix-newRows-XSS.patch --- phpliteadmin-1.9.8.2/debian/patches/Fix-newRows-XSS.patch 1970-01-01 03:00:00.000000000 +0300 +++ phpliteadmin-1.9.8.2/debian/patches/Fix-newRows-XSS.patch 2022-03-19 09:21:01.000000000 +0300 @@ -0,0 +1,18 @@ +Description: Fix an XSS vulnerability with the newRows GET parameter + Forcibly cast value to integer. CVE-2021-46709 +Bug: https://bitbucket.org/phpliteadmin/public/issues/399/xss-vulnerability +Forwarded: https://bitbucket.org/phpliteadmin/public/pull-requests/16/fix-an-xss-vulnerability-with-the-newrows +Author: Nicholas Guriev <guriev...@ya.ru> +Last-Update: Sat, 19 Mar 2022 09:21:01 +0300 + +--- a/index.php ++++ b/index.php +@@ -2613,7 +2613,7 @@ if(isset($_GET['action']) && !isset($_GE + echo $params->getForm(array('action'=>'row_create','confirm'=>'1'), 'post', true); + $tableInfo = $db->getTableInfo($target_table); + if(isset($_GET['newRows'])) +- $num = $_GET['newRows']; ++ $num = (int)$_GET['newRows']; + else + $num = 1; + echo "<input type='hidden' name='newRows' value='".$num."'/>"; diff -Nru phpliteadmin-1.9.8.2/debian/patches/series phpliteadmin-1.9.8.2/debian/patches/series --- phpliteadmin-1.9.8.2/debian/patches/series 2019-09-18 18:20:28.000000000 +0300 +++ phpliteadmin-1.9.8.2/debian/patches/series 2022-03-19 09:21:01.000000000 +0300 @@ -1,2 +1,3 @@ Remove-spontaneous-access-to-Internet.patch Remove-using-build-date.patch +Fix-newRows-XSS.patch
signature.asc
Description: This is a digitally signed message part
