Red Hat Bugzilla – Bug 297611
CVE-2007-5034 elinks reveals POST data to HTTPS proxy
Last modified: 2012-06-20 10:05:55 EDT
Following problem was reported to elinks bugzilla :
If ELinks is making a POST request to an https URL, and a proxy has been defined
for https, ELinks takes the body and Content-* headers of the POST request and
adds them to the CONNECT request in cleartext. So the proxy can now snoop all
the data that was supposed to be hidden by TLS, as can anyone between ELinks and
the proxy. Apparently some proxies also entirely refuse such requests.
Fixed in 0.11.3, upstream bugzilla contains references to GIT commits in various
Support for HTTPS proxy was introduced in elinks version 0.5rc1. Version of
elinks as shipped in Red Hat Enterprise Linux 3 is therefore not vulnerable.
Also links as shipped in Red Hat Enterprise Linux 2.1 does not provide HTTPS
proxy support and is not affected by this problem.
Ok, so it seems to be that affected supported versions are FC-6, F-7, RHEL4 and
RHEL5 - because devel contains 0.11.3 version. I will update versions for
Fedora, because it is the easiest way, for RHEL4 and RHEL5 we should discuss the
way how to proceed.
Thanks Ondrej for feedback. Created tracking bugs for current Fedora versions.
Created attachment 204441 [details]
0.10.6 upstream patch
Created attachment 204461 [details]
Upstream patch for 0.11.1
Fixed in all affected products:
Red Hat Enterprise Linux:
updated to fixed upstream version