|
Bugzilla – Full Text Bug Listing |
| Summary: | VUL-0: CVE-2015-7578: rubygem-rails-html-sanitizer: XSS vulnerability via attributes | ||
|---|---|---|---|
| Product: | [Novell Products] SUSE Security Incidents | Reporter: | Andreas Stieger <astieger> |
| Component: | Incidents | Assignee: | Security Team bot <security-team> |
| Status: | RESOLVED FIXED | QA Contact: | Security Team bot <security-team> |
| Severity: | Major | ||
| Priority: | P3 - Medium | CC: | adrian.schroeter, coolo, jmassaguerpla, juergen |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | Other | ||
| OS: | Other | ||
| Whiteboard: | CVSSv2:RedHat:CVE-2015-7578:4.3:(AV:N/AC:M/Au:N/C:N/I:P/A:N) | ||
| Found By: | Security Response Team | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
bugbot adjusting priority CRD: 2016-01-25 public at http://seclists.org/oss-sec/2016/q1/204 regarding openSUSE, this package is in Leap Jürgen, I saw your submission https://build.opensuse.org/request/show/356270 Could you check if fix for bug 963327 and bug 963328 are missing? Hello Andreas, yes, they are missing. I will add this two patches the package and update my request. This is the submission for openSUSE https://build.opensuse.org/request/show/356287 all submissions done. Assigning to security team. openSUSE-SU-2016:0356-1: An update that fixes three vulnerabilities is now available. Category: security (important) Bug References: 963326,963327,963328 CVE References: CVE-2015-7578,CVE-2015-7579,CVE-2015-7580 Sources used: openSUSE Leap 42.1 (src): rubygem-rails-html-sanitizer-1.0.2-5.1 SUSE-SU-2016:0391-1: An update that fixes three vulnerabilities is now available. Category: security (important) Bug References: 963326,963327,963328 CVE References: CVE-2015-7578,CVE-2015-7579,CVE-2015-7580 Sources used: SUSE Enterprise Storage 2.1 (src): rubygem-rails-html-sanitizer-1.0.2-7.1 released i think SUSE-SU-2016:1146-1: An update that fixes 10 vulnerabilities is now available. Category: security (important) Bug References: 963326,963327,963328,963563,963604,963608,963617,963625,963627,969943 CVE References: CVE-2015-7576,CVE-2015-7577,CVE-2015-7578,CVE-2015-7579,CVE-2015-7580,CVE-2015-7581,CVE-2016-0751,CVE-2016-0752,CVE-2016-0753,CVE-2016-2098 Sources used: SUSE Linux Enterprise Module for Containers 12 (src): portus-2.0.3-2.4 |
Created attachment 662970 [details] 1-0-sanitize_data_attributes.patch EMBARGOED via distros CRD: 2016-01-15 bundled in: OBS, Portus Possible XSS vulnerability in rails-html-sanitizer There is a possible XSS vulnerability in rails-html-sanitizer. This vulnerability has been assigned the CVE identifier CVE-2015-7578. Versions Affected: All. Not affected: None. Fixed Versions: 1.0.3 Impact ------ There is a possible XSS vulnerability in rails-html-sanitizer. Certain attributes are not removed from tags when they are sanitized, and these attributes can lead to an XSS attack on target applications. All users running an affected release should either upgrade or use one of the workarounds immediately. Releases -------- The FIXED releases are available at the normal locations. Workarounds ----------- There are no feasible workarounds for this issue. Patches ------- To aid users who aren't able to upgrade immediately we have provided patches for the two supported release series. They are in git-am format and consist of a single changeset. * 1-0-sanitize_data_attributes.patch - Patch for 1.0 series Credits ------- Thanks to Ben Murphy and Marien for reporting this