https://bugzilla.redhat.com/show_bug.cgi?id=1150091
Bug ID: 1150091 Summary: CVE-2014-1571 CVE-2014-1572 CVE-2014-1573 bugzilla: security fixes release Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: vkaigoro@redhat.com CC: bazanluis20@gmail.com, emmanuel@seyman.fr, itamar@ispbrasil.com.br, mcepl@redhat.com, perl-devel@lists.fedoraproject.org
Upstream has issued an advisory today (October 6): http://www.bugzilla.org/security/4.0.14/
Class: Unauthorized Account Creation Versions: 2.23.3 to 4.0.14, 4.1.1 to 4.2.10, 4.3.1 to 4.4.5, 4.5.1 to 4.5.5 Fixed In: 4.0.15, 4.2.11, 4.4.6, 4.5.6 Description: An attacker creating a new Bugzilla account can override certain parameters when finalizing the account creation that can lead to the user being created with a different email address than originally requested. The overridden login name could be automatically added to groups based on the group's regular expression setting. References: https://bugzilla.mozilla.org/show_bug.cgi?id=1074812 CVE Number: CVE-2014-1572
Class: Cross-Site Scripting Versions: 2.17.1 to 4.0.14, 4.1.1 to 4.2.10, 4.3.1 to 4.4.5, 4.5.1 to 4.5.5 Fixed In: 4.0.15, 4.2.11, 4.4.6, 4.5.6 Description: During an audit of the Bugzilla code base, several places were found where cross-site scripting exploits could occur which could allow an attacker to access sensitive information. References: https://bugzilla.mozilla.org/show_bug.cgi?id=1075578 CVE Number: CVE-2014-1573
Class: Information Leak Versions: 2.17.1 to 4.0.14, 4.1.1 to 4.2.10, 4.3.1 to 4.4.5, 4.5.1 to 4.5.5 Fixed In: 4.0.15, 4.2.11, 4.4.6, 4.5.6 Description: If a new comment was marked private to the insider group, and a flag was set in the same transaction, the comment would be visible to flag recipients even if they were not in the insider group. References: https://bugzilla.mozilla.org/show_bug.cgi?id=1064140 CVE Number: CVE-2014-1571
Class: Social Engineering Versions: 2.17.1 to 4.0.14, 4.1.1 to 4.2.10, 4.3.1 to 4.4.5, 4.5.1 to 4.5.5 Fixed In: 4.0.15, 4.2.11, 4.4.6, 4.5.6 Description: Search results can be exported as a CSV file which can then be imported into external spreadsheet programs. Specially formatted field values can be interpreted as formulas which can be executed and used to attack a user's computer. References: https://bugzilla.mozilla.org/show_bug.cgi?id=1054702
https://bugzilla.redhat.com/show_bug.cgi?id=1150091
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1150092
--- Comment #1 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created bugzilla tracking bugs for this issue:
Affects: fedora-all [bug 1150092]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1150092 [Bug 1150092] CVE-2014-1573 CVE-2014-1572 CVE-2014-1571 bugzilla: security fixes release [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1150091
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2014 |impact=moderate,public=2014 |1006,reported=20141007,sour |1006,reported=20141007,sour |ce=mageia,fedora-all/bugzil |ce=mageia,fedora-all/bugzil |la=affected |la=affected,epel-all/bugzil | |la=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1150091
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1150096
--- Comment #2 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created bugzilla tracking bugs for this issue:
Affects: epel-all [bug 1150096]
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1150096 [Bug 1150096] CVE-2014-1573 CVE-2014-1572 CVE-2014-1571 bugzilla: security fixes release [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1150091
--- Comment #3 from Tomas Hoger thoger@redhat.com --- Further details of the CVE-2014-1572 issue:
http://blog.gerv.net/2014/10/new-class-of-vulnerability-in-perl-web-applicat...
https://bugzilla.redhat.com/show_bug.cgi?id=1150091
Tomas Hoger thoger@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed In Version|bugzilla 4.2.11 |bugzilla 4.0.15, bugzilla | |4.2.11, bugzilla 4.4.6, | |bugzilla 4.5.6
https://bugzilla.redhat.com/show_bug.cgi?id=1150091 Bug 1150091 depends on bug 1150092, which changed state.
Bug 1150092 Summary: CVE-2014-1573 CVE-2014-1572 CVE-2014-1571 bugzilla: security fixes release [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1150092
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1150091
--- Comment #4 from Fedora Update System updates@fedoraproject.org --- bugzilla-4.2.11-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1150091
--- Comment #5 from Fedora Update System updates@fedoraproject.org --- bugzilla-4.2.11-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1150091
--- Comment #6 from Fedora Update System updates@fedoraproject.org --- bugzilla-4.4.6-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1150091 Bug 1150091 depends on bug 1150096, which changed state.
Bug 1150096 Summary: CVE-2014-1573 CVE-2014-1572 CVE-2014-1571 bugzilla: security fixes release [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1150096
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |WONTFIX
perl-devel@lists.fedoraproject.org