Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 19 Jan 2012 22:24:20 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Ronald van den Blink <oss-security@...urityview.nl>
Subject: Re: CVE request - Batavi 1.2.1 Fixes Blind SQL Injection
 vulnerability in boxToReload parameter of ajax.php

On 01/19/2012 01:29 AM, Ronald van den Blink wrote:
> On Jan 19, 2012, at 8:40 AM, Ronald van den Blink wrote:
>
>> On Jan 18, 2012, at 10:55 PM, Kurt Seifried wrote:
>>
>>> Can you include a link to the code commit(s) that fiix this? Thanks.
>> Hi Kurt,
>>
>> This is still a bit of a problem, as our internal svn is still not correctly set up to sync to SF's SVN. What I can do however is ask our developers to create a diff of the files which were changed to fix this and post them online?
>>
>> B.t.w. if someone knows a way to sync two SVN repositories to with each other, please contact me off list.
>>
>> With kind regards,
>>
>> Ronald
> Well, that went easier than I thought. In https://sourceforge.net/projects/batavi/files/upgrade/ you can find two files (database.1.2-1.2.1.sql and core.1.2-1.2.1.patch) which both contains fixes for the Blind SQL injection. You can find them on lines 12833 till 12860. Also a new DB method was introduced on lines 13289 till 13300. Both are in core.1.2-1.2.1.patch. I hope that this clarifies it enough?
>
> --
> Ronald
Thanks, this really helps (ensures no duplicates/etc.). Please use
CVE-2012-0069 for this issue.

-- 

-- Kurt Seifried / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ