Fixed bug #10134: XSS vulnerability in sysext indexed_search (thanks to the TYPO3...
authorIngo Renner <ingo.renner@typo3.org>
Tue, 20 Jan 2009 10:31:15 +0000 (10:31 +0000)
committerIngo Renner <ingo.renner@typo3.org>
Tue, 20 Jan 2009 10:31:15 +0000 (10:31 +0000)
git-svn-id: https://svn.typo3.org/TYPO3v4/Core/trunk@4771 709f56b5-9817-0410-a4d7-c38de5d9e867

ChangeLog
typo3/sysext/indexed_search/ChangeLog
typo3/sysext/indexed_search/ext_emconf.php
typo3/sysext/indexed_search/mod/index.php

index a16f456..5483771 100755 (executable)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,7 @@
 2009-01-20  Ingo Renner  <ingo@typo3.org>
 
        * Added missing license statement for using the "Silk" icon set of Mark James according to Creative Commons Attribution 2.5
+       * Fixed bug #10134: XSS vulnerability in sysext indexed_search (thanks to the TYPO3 Security Team and especially Marcus Krause)
 
 2009-01-19  Steffen Kamper  <info@sk-typo3.de>
 
index e1fef04..bbef903 100755 (executable)
@@ -1,3 +1,7 @@
+2009-01-20  Ingo Renner  <ingo@typo3.org>
+
+       * Fixed bug #10134: XSS vulnerability in sysext indexed_search (thanks to the TYPO3 Security Team and especially Marcus Krause)
+
 2008-04-01  Michael Stucki  <michael@typo3.org>
 
        * Fixed bug #7980: Fix wrong TypoScript code in plugin template
index ff33f95..1bef59a 100755 (executable)
@@ -32,7 +32,7 @@ $EM_CONF[$_EXTKEY] = array(
        'author_company' => 'Curby Soft Multimedia',
        'CGLcompliance' => '',
        'CGLcompliance_note' => '',
-       'version' => '2.11.0',
+       'version' => '2.12.0',
        '_md5_values_when_last_written' => 'a:54:{s:9:"ChangeLog";s:4:"b02b";s:17:"class.crawler.php";s:4:"df89";s:25:"class.doublemetaphone.php";s:4:"8d81";s:25:"class.external_parser.php";s:4:"7ed5";s:17:"class.indexer.php";s:4:"044d";s:15:"class.lexer.php";s:4:"ac05";s:21:"ext_conf_template.txt";s:4:"0c64";s:12:"ext_icon.gif";s:4:"4cbf";s:17:"ext_localconf.php";s:4:"732c";s:14:"ext_tables.php";s:4:"9bda";s:14:"ext_tables.sql";s:4:"f9e0";s:28:"ext_typoscript_editorcfg.txt";s:4:"0a34";s:24:"ext_typoscript_setup.txt";s:4:"c2e7";s:13:"locallang.xml";s:4:"0a76";s:26:"locallang_csh_indexcfg.xml";s:4:"f4f3";s:16:"locallang_db.xml";s:4:"2c55";s:7:"tca.php";s:4:"8991";s:29:"example/class.crawlerhook.php";s:4:"0ce8";s:24:"example/class.pihook.php";s:4:"e221";s:12:"cli/conf.php";s:4:"bbcd";s:21:"cli/indexer_cli.phpsh";s:4:"d236";s:44:"modfunc2/class.tx_indexedsearch_modfunc2.php";s:4:"b531";s:22:"modfunc2/locallang.xml";s:4:"a889";s:44:"modfunc1/class.tx_indexedsearch_modfunc1.php";s:4:"9fb3";s:22:"modfunc1/locallang.xml";s:4:"4806";s:29:"pi/class.tx_indexedsearch.php";s:4:"56ef";s:21:"pi/considerations.txt";s:4:"e3df";s:22:"pi/indexed_search.tmpl";s:4:"7ada";s:16:"pi/locallang.xml";s:4:"f62f";s:20:"pi/template_css.tmpl";s:4:"a2e2";s:14:"pi/res/csv.gif";s:4:"e413";s:14:"pi/res/doc.gif";s:4:"0975";s:15:"pi/res/html.gif";s:4:"5647";s:14:"pi/res/jpg.gif";s:4:"23ac";s:17:"pi/res/locked.gif";s:4:"c212";s:16:"pi/res/pages.gif";s:4:"1923";s:14:"pi/res/pdf.gif";s:4:"9451";s:14:"pi/res/pps.gif";s:4:"926b";s:14:"pi/res/ppt.gif";s:4:"ada5";s:14:"pi/res/rtf.gif";s:4:"f660";s:14:"pi/res/sxc.gif";s:4:"00a6";s:14:"pi/res/sxi.gif";s:4:"ef83";s:14:"pi/res/sxw.gif";s:4:"4a8f";s:14:"pi/res/tif.gif";s:4:"533b";s:14:"pi/res/txt.gif";s:4:"c576";s:14:"pi/res/xls.gif";s:4:"4a22";s:14:"pi/res/xml.gif";s:4:"2e7b";s:13:"mod/clear.gif";s:4:"cc11";s:12:"mod/conf.php";s:4:"9062";s:13:"mod/index.php";s:4:"4dbd";s:15:"mod/isearch.gif";s:4:"4cbf";s:21:"mod/locallang_mod.xml";s:4:"1624";s:14:"doc/README.txt";s:4:"a737";s:12:"doc/TODO.txt";s:4:"c804";}',
        'constraints' => array(
                'depends' => array(
index 3001f21..68e2fe4 100755 (executable)
@@ -318,7 +318,7 @@ class SC_mod_tools_isearch_index {
                        $grListRec = $this->getGrlistRecord($row["phash"]);
                        $recList[] = array(
                                $row["data_page_id"].($row["data_page_type"]?"/".$row["data_page_type"]:""),
-                               t3lib_div::fixed_lgd_cs($row["item_title"],30),
+                               htmlentities(t3lib_div::fixed_lgd_cs($row["item_title"],30)),
                                t3lib_div::formatSize($row["item_size"]),
                                $this->getNumberOfWords($row["phash"]),
                                t3lib_BEfunc::datetime($row["item_mtime"]),
@@ -385,7 +385,7 @@ class SC_mod_tools_isearch_index {
                        $cHash = count(unserialize($row["cHashParams"])) ? $this->formatCHash(unserialize($row["cHashParams"])) : "";
                        $grListRec = $this->getGrlistRecord($row["phash"]);
                        $recList[]=array(
-                               t3lib_div::fixed_lgd_cs($row["item_title"],30),
+                               htmlentities(t3lib_div::fixed_lgd_cs($row["item_title"],30)),
                                t3lib_div::formatSize($row["item_size"]),
                                $this->getNumberOfWords($row["phash"]),
                                t3lib_BEfunc::datetime($row["item_mtime"]),
@@ -396,7 +396,7 @@ class SC_mod_tools_isearch_index {
                                $row["pcount"],
                                $cHash,
                                $row["phash"],
-                               t3lib_div::fixed_lgd_cs($row["data_filename"],100)
+                               htmlentities(t3lib_div::fixed_lgd_cs($row["data_filename"],100))
                        );
 
                        if ($row["pcount"]>1)   {