1123692 – (CVE-2014-5027, CVE-2014-5028) CVE-2014-5027 CVE-2014-5028 ReviewBoard: two flaws fixed in the 1.7.27 release

Bug 1123692 (CVE-2014-5027, CVE-2014-5028) - CVE-2014-5027 CVE-2014-5028 ReviewBoard: two flaws fixed in the 1.7.27 release

Summary: CVE-2014-5027 CVE-2014-5028 ReviewBoard: two flaws fixed in the 1.7.27 release

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2014-5027, CVE-2014-5028
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1123693
Blocks:
TreeView+	depends on / blocked

Reported:	2014-07-28 01:32 UTC by Murray McAllister
Modified:	2021-10-20 10:45 UTC (History)
CC List:	2 users (show)
Fixed In Version:	Review Board 1.7.27
Clone Of:
Environment:
Last Closed:	2021-10-20 10:45:42 UTC
Embargoed:

Attachments	(Terms of Use)

Description Murray McAllister 2014-07-28 01:32:39 UTC

The 1.7.27 release of Review Board fixes the following flaws:

CVE-2014-5027:

""
Fixed a vulnerability where a URL to a diff fragment could be crafted that would inject custom HTML into the page. An attacker could send such a URL to another user and execute code in their browser session.
""

and CVE-2014-5028:

""
The Original File and Patched File resources could be used to access files on a private review request that the user did not have access to, if they knew the approciate database IDs.
""

Version 1.7.27 is already in Fedora testing.

References:

https://www.reviewboard.org/docs/releasenotes/reviewboard/1.7.27/
http://seclists.org/oss-sec/2014/q3/207

Comment 1 Murray McAllister 2014-07-28 01:33:36 UTC

Created ReviewBoard tracking bugs for this issue:

Affects: epel-6 [bug 1123693]

Note You need to log in before you can comment on or make changes to this bug.