Mercurial > p > roundup > code
comparison CHANGES.txt @ 8062:28aa76443f58
fix(security): fix CVE-2024-39124, CVE-2024-39124, and CVE-2024-39125
Directions for fixing:
* `CVE-2024-39124`_ - :ref:`classhelpers (_generic.help.html) are
vulnerable to an XSS attack. <CVE-2024-39124>` Requires fixing
tracker homes.
* `CVE-2024-39125`_ - :ref:`if Referer header is set to a script
tag, it will be executed. <CVE-2024-39125>` Fixed in release 2.4.0,
directions available for fixing in prior versions.
* `CVE-2024-39126`_ - :ref:`PDF, XML and SVG files downloaded from
an issue can contain embedded JavaScript which is
executed. <CVE-2024-39126>` Fixed in release 2.4.0, directions
available for fixing in prior versions.
prior to 2.4.0 release this weekend that fixes the last two CVE's.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Tue, 09 Jul 2024 09:07:09 -0400 |
| parents | 0e382e97f0e3 |
| children | c06ca0d21872 |
comparison
equal
deleted
inserted
replaced
| 8061:b1d384d23cdb | 8062:28aa76443f58 |
|---|---|
| 14 | 14 |
| 15 2024-XX-YY 2.4.0 | 15 2024-XX-YY 2.4.0 |
| 16 | 16 |
| 17 Fixed: | 17 Fixed: |
| 18 | 18 |
| 19 - CVE-2024-39124 - The classhelpers (_generic.help.html) are | |
| 20 vulnerable to an XSS attack. A specially crafted URL that used | |
| 21 that endpoint would result in running a script embedded in the | |
| 22 URL. (Found/reported by Alec Romano (4rdr), fix/tests John | |
| 23 Rouillard) | |
| 24 - CVE-2024-39125 - If the Referer header is set to a script tag, | |
| 25 it will be executed when the error in the Referer header is | |
| 26 reported. (Found/reported by Alec Romano (4rdr), fix/tests John | |
| 27 Rouillard) | |
| 28 - CVE-2024-39126 - PDF, XML and SVG files attached to an issue can contain | |
| 29 embedded JavaScript. This JavaScript was executed when the file was | |
| 30 accessed. PDF files are now downloaded and not displayed in the | |
| 31 browser. A content security policy is added for all download files | |
| 32 which prevents code execution in SVG files. (Found/reported by Alec | |
| 33 Romano (4rdr), fix/tests John Rouillard) | |
| 19 - issue2551282 - MySQL utf8mb4 issues and | 34 - issue2551282 - MySQL utf8mb4 issues and |
| 20 issue2551115 - Use utf8mb4 as a default for MySQL instead of utf8 | 35 issue2551115 - Use utf8mb4 as a default for MySQL instead of utf8 |
| 21 The default database type and collations have been set to: | 36 The default database type and collations have been set to: |
| 22 utf8mb4, utf8mb4_unicode_ci and utf8mb4_0900_bin. They are (sadly) | 37 utf8mb4, utf8mb4_unicode_ci and utf8mb4_0900_bin. They are (sadly) |
| 23 configurable from config.ini. Require directions on upgrading the | 38 configurable from config.ini. Require directions on upgrading the |