+v2.1.2
+ * Fix XSS in $flavour (CVE-2008-2236). Thanks to Yoshinori Ohta of
+ Business Architects Inc. for making us aware of this issue.
+
v2.1.1
* The "never trust a dot zero release" bugfix release for 2.1.0.
* Added CVS Id keyword to file header.
# Blosxom
# Author: Rael Dornfest (2002-2003), The Blosxom Development Team (2005-2008)
-# Version: 2.1.1 ($Id: blosxom.cgi,v 1.83 2008/07/30 22:27:02 xtaran Exp $)
+# Version: 2.1.2 ($Id: blosxom.cgi,v 1.85 2008/10/02 01:09:41 xtaran Exp $)
# Home/Docs/Licensing: http://blosxom.sourceforge.net/
# Development/Downloads: http://sourceforge.net/projects/blosxom
use Time::Local;
use CGI qw/:standard :netscape/;
-$version = "2.1.1";
+$version = "2.1.2";
# Load configuration from $ENV{BLOSXOM_CONFIG_DIR}/blosxom.conf, if it exists
my $blosxom_config;
}
$flavour ||= $default_flavour;
+# Fix XSS in flavour name (CVE-2008-2236)
+$flavour = blosxom_html_escape($flavour);
+
+sub blosxom_html_escape {
+ my $string = shift;
+ my %escape = (
+ '<' => '<',
+ '>' => '>',
+ '&' => '&',
+ '"' => '"',
+ "'" => '''
+ );
+ my $escape_re = join '|' => keys %escape;
+ $string =~ s/($escape_re)/$escape{$1}/g;
+ $string;
+}
+
# Global variable to be used in head/foot.{flavour} templates
$path_info = '';
# Add all @path_info elements to $path_info till we come to one that could be a year
<description>Yet another Blosxom weblog.</description>
<language>en</language>
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
- <generator>blosxom/2.1.0</generator>
+ <generator>blosxom/2.1.2</generator>
<item>
<title>Lorem ipsum</title>
<pubDate>Wed, 19 Jul 2006 22:54:00 +0000</pubDate>
<link>http://localhost/2006/07/19#1</link>
<category></category>
- <guid isPermaLink="true">http://localhost/1</guid>
+ <guid isPermaLink="false">http://localhost/1</guid>
<description>Lorem ipsum dolor sit amet ipso facto.Lorem ipsum dolor sit amet ipso
facto.Lorem ipsum dolor sit amet ipso facto. Lorem ipsum dolor sit
amet ipso facto.Lorem ipsum dolor sit amet ipso facto.