SecurityTeam/Specifications/USNSpec

USNSpec

Revision 2 as of 2009-05-25 20:02:07

Launchpad Entry: security-karmic-usn-format
Created:
Contributors:
Packages affected:

Summary

This should provide an overview of the issue/functionality/change proposed here. Focus here on what will actually be DONE, summarising that so that other people don't have to read the whole spec. See also CategorySpec for examples.

Release Note

This section should include a paragraph describing the end-user impact of this change. It is meant to be included in the release notes of the first release in which it is implemented. (Not all of these will actually be included in the release notes, at the release manager's discretion; but writing them is a useful exercise.)

It is mandatory.

Rationale

This should cover the _why_: why is this change being proposed, what justifies it, where we see this justified.

User stories

Assumptions

Design

You can have subsections that better describe specific parts of the issue.

Implementation

This section should describe a plan of action (the "how") to implement the changes discussed. Could include subsections like:

Proposed format

Ubuntu Security Notice USN-716-1           January 30, 2009
MoinMoin vulnerabilities

A security issue affects the following releases of Ubuntu and its derivatives:
 Ubuntu 6.06 LTS
 Ubuntu 7.10
 Ubuntu 8.04 LTS
 Ubuntu 8.10

Summary:
 [issue summary] MoinMoin could be pwnd, yo.  ...
 [package summary] MoinMoin is...

Details:
Fernando Quintero discovered than MoinMoin did not properly sanitize its
input when processing login requests, resulting in cross-site scripting (XSS)
vulnerabilities. With cross-site scripting vulnerabilities, if a user were
tricked into viewing server output during a crafted server request, a remote
attacker could exploit this to modify the contents, or steal confidential data,
within the same domain. This issue affected Ubuntu 7.10 and 8.04 LTS.
(CVE-2008-0780)

Fernando Quintero discovered that MoinMoin did not properly sanitize its input
when attaching files, resulting in cross-site scripting vulnerabilities. This
issue affected Ubuntu 6.06 LTS, 7.10 and 8.04 LTS. (CVE-2008-0781)

It was discovered that MoinMoin did not properly sanitize its input when
processing user forms. A remote attacker could submit crafted cookie values and
overwrite arbitrary files via directory traversal. This issue affected Ubuntu
6.06 LTS, 7.10 and 8.04 LTS. (CVE-2008-0782)

It was discovered that MoinMoin did not properly sanitize its input when
editing pages, resulting in cross-site scripting vulnerabilities. This issue
only affected Ubuntu 6.06 LTS and 7.10. (CVE-2008-1098)

It was discovered that MoinMoin did not properly enforce access controls,
which could allow a remoter attacker to view private pages. This issue only
affected Ubuntu 6.06 LTS and 7.10. (CVE-2008-1099)

It was discovered that MoinMoin did not properly sanitize its input when
attaching files and using the rename parameter, resulting in cross-site
scripting vulnerabilities. (CVE-2009-0260)

It was discovered that MoinMoin did not properly sanitize its input when
displaying error messages after processing spam, resulting in cross-site
scripting vulnerabilities. (CVE-2009-0312)

Update instructions:

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 6.06 LTS:
  python2.4-moinmoin        1.5.2-1ubuntu2.4

Ubuntu 7.10:
  python-moinmoin           1.5.7-3ubuntu2.1

Ubuntu 8.04 LTS:
  python-moinmoin           1.5.8-5.1ubuntu2.2

Ubuntu 8.10:
  python-moinmoin           1.7.1-1ubuntu1.1

To update your system, follow these instructions: https://halp.ubuntu.com/...

In general, a standard system update is sufficient to effect the
necessary changes.

ATTENTION: abi fun fun fun
...

References:
  CVE-2008-0780, CVE-2008-0781, CVE-2008-0782, CVE-2008-1098,
  CVE-2008-1099, CVE-2009-0260, CVE-2009-0312
  https://bugs.launchpad.net/bug/123456

Package Information:
  https://launchpad.net/ubuntu/+source/moin/1.5.8-5.1ubuntu2.2
  https://launchpad.net/ubuntu/+source/moin/1.5.8-5.1ubuntu2.2
  https://launchpad.net/ubuntu/+source/moin/1.5.8-5.1ubuntu2.2
  https://launchpad.net/ubuntu/+source/moin/1.5.8-5.1ubuntu2.2

Migration

Include:

data migration, if any
redirects from old URLs to new ones, if any
how users will be pointed to the new way of doing things, if necessary.

Test/Demo Plan

It's important that we are able to test new features, and demonstrate them to users. Use this section to describe a short plan that anybody can follow that demonstrates the feature is working. This can then be used during testing, and to show off after release. Please add an entry to http://testcases.qa.ubuntu.com/Coverage/NewFeatures for tracking test coverage.

This need not be added or completed until the specification is nearing beta.

Unresolved issues

This should highlight any issues that should be addressed in further specifications, and not problems with the specification itself; since any specification with problems cannot be approved.

BoF agenda and discussion

Use this section to take notes during the BoF; if you keep it in the approved spec, use it for summarising what was discussed and note any options that were rejected.

CategorySpec

Ubuntu Wiki