From owner-freebsd-ports-bugs@FreeBSD.ORG  Mon Dec 27 21:30:12 2010
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5D9031065675
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Mon, 27 Dec 2010 21:30:12 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 21E4A8FC0A
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Mon, 27 Dec 2010 21:30:12 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id oBRLUC8f031007
	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Mon, 27 Dec 2010 21:30:12 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.4/8.14.4/Submit) id oBRLUBla031006;
	Mon, 27 Dec 2010 21:30:11 GMT (envelope-from gnats)
Resent-Date: Mon, 27 Dec 2010 21:30:11 GMT
Resent-Message-Id: <201012272130.oBRLUBla031006@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org,
	Eygene Ryabinkin <rea@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 92F58106566B
	for <FreeBSD-gnats-submit@freebsd.org>;
	Mon, 27 Dec 2010 21:24:45 +0000 (UTC) (envelope-from rea@codelabs.ru)
Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45])
	by mx1.freebsd.org (Postfix) with ESMTP id 1C24B8FC0A
	for <FreeBSD-gnats-submit@freebsd.org>;
	Mon, 27 Dec 2010 21:24:44 +0000 (UTC)
Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25])
	by 0.mx.codelabs.ru with esmtps (TLSv1:CAMELLIA256-SHA:256)
	id 1PXKYR-000D03-JR for FreeBSD-gnats-submit@freebsd.org;
	Tue, 28 Dec 2010 00:24:44 +0300
Message-Id: <20101227212431.5554CDA81F@void.codelabs.ru>
Date: Tue, 28 Dec 2010 00:24:31 +0300 (MSK)
From: Eygene Ryabinkin <rea@FreeBSD.org>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
Cc: 
Subject: ports/153474: [VuXML] security/vuxml: document XSS in
	www/drupal6-views
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Eygene Ryabinkin <rea@FreeBSD.org>
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Dec 2010 21:30:12 -0000


>Number:         153474
>Category:       ports
>Synopsis:       [VuXML] security/vuxml: document XSS in www/drupal6-views
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 27 21:30:11 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     Eygene Ryabinkin
>Release:        FreeBSD 9.0-CURRENT amd64
>Organization:
Code Labs
>Environment:

System: FreeBSD 9.0-CURRENT amd64

>Description:

Cross-site scripting vulnerability was found in Drupal-6.x views
plugin: [1].

>How-To-Repeat:

[1] http://drupal.org/node/999380

>Fix:

The following VuXML entry should be evaluated and added:
--- vuln.xml begins here ---
  <vuln vid="ff8b419a-0ffa-11e0-becc-0022156e8794">
    <topic>Drupal Views plugin -- cross-site scripting</topic>
    <affects>
      <package>
        <name>drupal6-views</name>
        <range><lt>2.12</lt></range>
      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
        <p>Drupal security team reports:</p>
        <blockquote
          cite="http://drupal.org/node/999380">
          <p>The Views module provides a flexible method for Drupal site
          designers to control how lists and tables of content are
          presented. Under certain circumstances, Views could display
          parts of the page path without escaping, resulting in a
          relected Cross Site Scripting (XSS) vulnerability. An attacker
          could exploit this to gain full administrative access.</p>
          <p>Mitigating factors: This vulnerability only occurs with a
          specific combination of configuration options for a specific
          View, but this combination is used in the default Views
          provided by some additional modules. A malicious user would
          need to get an authenticated administrative user to visit a
          specially crafted URL.</p>
        </blockquote>
      </body>
    </description>
    <references>
      <cvename>CVE-2010-4521</cvename>
      <url>http://drupal.org/node/999380</url>
    </references>
    <dates>
      <discovery>2010-12-15</discovery>
      <entry>TODAY</entry>
    </dates>
  </vuln>
--- vuln.xml ends here ---

Port upgrade to 2.12 is on the go (I am the maintainer).
>Release-Note:
>Audit-Trail:
>Unformatted: