[Koha-devel] Possible OPAC security pb
Robin Sheat
robin at catalyst.net.nz
Mon Jul 15 16:20:14 CEST 2013
Op 15/07/13 12:17, Fridolyn SOMERS schreef:
> I've just opened
> http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=10590.
> I've set it to critical because I think it is a security problem
> existing at OPAC :
So, on analysis, it is a terribly bad code smell that needs to be fixed,
however you're not likely to be in immediate danger unless your mysql
server has multiple statement execution turned on[0].
This said, there are two patches there now: Fridolyn's one that filters
on input, and my followup that parameterises the SQL to add another
layer of defence (also doing queries the way they're supposed to be
done.) These are in the process of being tested and QAed now, people are
encouraged to apply them as soon as they're in a release (or in git if
you run from that) in case there is some vulnerable path to it I haven't
thought of.
[0] http://dev.mysql.com/doc/refman/5.0/en/c-api-multiple-queries.html
-- thanks Galen for bringing that to my attention.
--
Robin Sheat
Catalyst IT Ltd.
✆ +64 4 803 2204
GPG: 5957 6D23 8B16 EFAB FEF8 7175 14D3 6485 A99C EB6D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.koha-community.org/pipermail/koha-devel/attachments/20130715/37ff8326/attachment.pgp>
More information about the Koha-devel
mailing list