openSUSE Security Update: typo3-cms-4_5/typo3-cms-4_6/typo3-cms-4_7: security and bugfix updates ______________________________________________________________________________ Announcement ID: openSUSE-SU-2013:0510-1 Rating: moderate References: #808528 Cross-References: CVE-2013-1842 CVE-2013-1843 Affected Products: openSUSE 12.3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: The Typo3 CMS versions were updated to receive security and bug fixes. - Raised to version 4.5.25 * bugfix: External URL regression by jumpurl security fix (Helmut Hummel), t3#46071 - Raised to version 4.5.24 * Raise submodule pointer (TYPO3 Release Team) * security: Open redirection with jumpurl (Franz G. Jahn), t3#28587, bnc#808528, CVE-2013-1843 * bugfix: Check minitems for TCAtree (Georg Ringer), t3#25003 * bugfix: Keep hyphens in custom HTML5 attributes (Jigal van Hemert), t3#34371 * Revert "[BUGFIX] FE session records are never removed" (Oliver Hader), t3#45570 - security fix: Typo3 Extbase Framework SQL Injection, bnc#808528, CVE-2013-1842 - Raised to version 4.5.23 * Raise submodule pointer * bugfix: t3lib_iconWorks must check if array exists before using it, t3#24248 * bugfix: BE user switch impossible when in adminOnly mode, t3#32686 * bugfix: Excludefieds must exclude admin only tables, t3#34460 * bugfix: TypoLink: absolute urls when installed in subfolder, t3#33214 * Raise submodule pointer * bugfix: [Cache][PDO] Duplicate cache entry possible, t3#34129 * bugfix: IE9 compatibility clear cache menu, t3#36364 * bugfix: Hook call modifyDBRow in ContentContentObject, t3#44416 * bugfix: Fix misspelling in RTE meta menu, t3#43886 * bugfix: load TCA before manipulation, t3#38505 * DataHandler::getAutoVersionId() should be public, t3#45050 * bugfix: Load date-time picker in scheduler module, t3#31027 * bugfix: Quick Edit triggers warnings of missing key uid, t3#42845 * Raise submodule pointer * bugfix: Fix warnings in em on tab Maintenance, t3#39680 * bugfix: Correct TCA inclusion for uploads rendering, t3#44145 * bugfix: Update description on changed error reporting defaults, t3#38240 * bugfix: Fix typos in stdWrap_crop description, t3#43919 * bugfix: Apc Cache backend has side effects, t3#38135 * bugfix: Invalid call to t3lib_TCEmain::processRemapStack(), t3#44301 * Raise submodule pointer * bugfix: Suggest wizard is behind form inputs, t3#42092 * bugfix: phpdoc: $urlParameters can be a string, t3#44263 * bugfix: FE session records are never removed, t3#34964 * bugfix: INTincScript_loadJSCode() causes PHP warnings, t3#32278 * bugfix: Enable the RTE with WebKit version 534 on iOS and Android, t3#43603 * bugfix: Remove HTML in RuntimeException from sysext 'install', t3#38472 * bugfix: Fix wrong column title in web>list for field colpos, t3#25113 * bugfix: SqlParser: trim all kinds of whitespaces, t3#43470 * Remove typo3.pageModule.js, t3#43459 * bugfix: Installer: Reference images wrong, t3#42292 * bugfix: Page Information shows incorrect number of total hits, t3#41608 * bugfix: Old logo on "Install Tool is locked" page, t3#42908 * openid: Update php-openid to 2.2.2, t3#42236 * Group excludefields by table, t3#34098 * bugfix: Hide version selector if workspaces are used, t3#43264 * Raise submodule pointer - Raised verstion to 4.6.18 * bugfix: External URL regression by jumpurl security fix (Helmut Hummel), t3#46071 - Raised version to 4.6.17 * Raise submodule pointer (TYPO3 Release Team) * security: Open redirection with jumpurl (Franz G. Jahn), t3#28587, bnc#808528, CVE-2013-1843 - security fix: Typo3 Extbase Framework SQL Injection, bnc#808528, CVE-2013-1842 - Raised version to 4.6.16 * bugfix: L10n fallback does not work for TS labels, t3#44099 * bugfix: L10n fallback does not work for ExtJS in BE, t3#44273 * Raise submodule pointer * bugfix: Allow "en" as language key, t3#42084 * Raise submodule pointer * bugfix: [Cache][PDO] Duplicate cache entry possible, t3#34129 * bugfix: IE9 compatibility clear cache menu, t3#36364 * bugfix: Hook call modifyDBRow in ContentContentObject, t3#44416 * bugfix: Fix misspelling in RTE meta menu, t3#43886 * bugfix: load TCA before manipulation, t3#38505 * bugfix: add check for empty form values in FORM View, t3#28606 * DataHandler::getAutoVersionId() should be public, t3#45050 * bugfix: Quick Edit triggers warnings of missing key uid, t3#42845 * Raise submodule pointer * bugfix: Fix warnings in em on tab Maintenance, t3#39680 * bugfix: Correct TCA inclusion for uploads rendering, t3#44145 * bugfix: Update description on changed error reporting defaults, t3#38240 * bugfix: Fix typos in stdWrap_crop description, t3#43919 * bugfix: Apc Cache backend has side effects, t3#38135 * bugfix: Invalid call to t3lib_TCEmain::processRemapStack(), t3#44301 * Raise submodule pointer * bugfix: Suggest wizard is behind form inputs, t3#42092 * bugfix: phpdoc: $urlParameters can be a string, t3#44263 * bugfix: FE session records are never removed, t3#34964 * bugfix: INTincScript_loadJSCode() causes PHP warnings, t3#32278 * bugfix: Fix broken logo file in Install Tool, t3#43426 * bugfix: Remove HTML in RuntimeException from sysext 'install', t3#38472 * bugfix: Fix wrong column title in web>list for field colpos, t3#25113 * bugfix: SqlParser: trim all kinds of whitespaces, t3#43470 * Remove typo3.pageModule.js, t3#43459 * bugfix: Installer: Reference images wrong, t3#42292 * bugfix: Page Information shows incorrect number of total hits, t3#41608 * bugfix: Old logo on "Install Tool is locked" page, t3#42908 * bugfix: Form values with newlines escaped in email, t3#32515 * openid: Update php-openid to 2.2.2, t3#42236 * bugfix: Wizard in HTML element moved to t3editor, t3#33813 * bugfix: Livesearch toolbar should close others, t3#32890 * bugfix: Hide version selector if workspaces are used, t3#43264 * bugfix: Subject field in FormWizard, t3#35787 * Raise submodule pointer * bugfix: Invalid behavior of search for integer in Backend search, t3#33700 * fluid, bugfix: Unit test fails with broken timezone, t3#45285 * fluid, bugfix: Date ViewHelper not using configured Timezones, t3#12769 * fluid, bugfix: Fix typo and improve backup of system settings, t3#45218 * fluid, bugfix: Remove PHP Error caused by setlocale call, t3#45118 * fluid, bugfix: Incomplete locale backup in unit test, t3#44835 * fluid, bugfix: selectViewHelper sorting should respect locales, t3#43445 * fluid, bugfix: Image viewhelper clears $GLOBALS['TSFE'] in backend context, t3#43446 * fluid, bugfix: AbstractFormFieldViewHelper always converts entities, t3#34091 * linkvalidator, bugfix: SQL error in getLinkCounts, t3#43322 * version, bugfix: Catchable fatal error when using the swap button, t3#42948 - Raised to version 4.7.10 * bugfix: External URL regression by jumpurl security fix (Helmut Hummel), t3#46071 - Added rpmlintrc to suppress duplicated files warning. - Raised to version 4.7.9 * Raise submodule pointer (TYPO3 Release Team) * security: Open redirection with jumpurl (Franz G. Jahn), t3#28587, bnc#808528, CVE-2013-1843 * bugfix: Invalid RSA key when submitting form twice (Benjamin Mack), t3#40085 - security fix: Typo3 Extbase Framework SQL Injection, bnc#808528, CVE-2013-1842 - Raised to version 4.7.8 * bugfix: L10n fallback does not work for TS labels, t3#44099 * bugfix: L10n fallback does not work for ExtJS in BE, t3#44273 * Raise submodule pointer * bugix: Allow "en" as language key, t3#42084 * Raise submodule pointer * bugfix: [Cache][PDO] Duplicate cache entry possible, t3#34129 * bugfix: IE9 compatibility clear cache menu, t3#36364 * bugfix: Hook call modifyDBRow in ContentContentObject, t3#44416 * bugfix: Fix misspelling in RTE meta menu, t3#43886 * bugfix: load TCA before manipulation, t3#38505 * bugfix: add check for empty form values in FORM View, t3#28606 * DataHandler::getAutoVersionId() should be public, t3#45050 * bugfix: Possible warning in about module, t3#44892 * bugfix: Quick Edit triggers warnings of missing key uid, t3#42845 * Raise submodule pointer * bugfix: Fix warnings in em on tab Maintenance, t3#39680 * bugfix: EXT:felogin: Multiple bugs with preserveGETvars, t3#19938 * bugfix: Correct TCA inclusion for uploads rendering, t3#44145 * bugfix: array_merge_recursive_overrule: __UNSET for array values, t3#43874 * bugfix: Update description on changed error reporting defaults, t3#38240 * bugfix: Fix typos in stdWrap_crop description, t3#43919 * Add save only button to Scheduler task, t3#44152 * bugfix: Apc Cache backend has side effects, t3#38135 * bugfix: Invalid call to t3lib_TCEmain::processRemapStack(), t3#44301 * Raise submodule pointer * Suggest wizard is behind form inputs, t3#42092 * bugfix: phpdoc: $urlParameters can be a string, t3#44263 * bugfix: FE session records are never removed, t3#34964 * bugfix: INTincScript_loadJSCode() causes PHP warnings, t3#32278 * bugfix: Fix broken logo file in Install Tool, t3#43426 * bugfix: Enable the RTE with WebKit version 534 on iOS and Android, t3#43603 * bugfix: IE9 crashes after saving with RTE, t3#43766 * bugfix: Remove HTML in RuntimeException from sysext 'install', t3#38472 * bugfix: Compatibility fix for get_html_translation_table(), t3#39287 * bugfix: Fix wrong column title in web>list for field colpos, t3#25113 * bugfix: SqlParser: trim all kinds of whitespaces, t3#43470 * Remove typo3.pageModule.js, t3#43459 * bugfix: Installer: Reference images wrong, t3#42292 * bugfix: Page Information shows incorrect number of total hits, t3#41608 * bugfix: Old logo on "Install Tool is locked" page, t3#42908 * bugfix: Form values with newlines escaped in email, t3#32515 * openid: Update php-openid to 2.2.2, t3#42236 * bugfix: Hide version selector if workspaces are used. t3#43264 * bugfix: Subject field in FormWizard, t3#35787 * Raise submodule pointer * Invalid behavior of search for integer in Backend search, t3#33700 Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 12.3: zypper in -t patch openSUSE-2013-232 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 12.3 (noarch): typo3-cms-4_5-4.5.25-2.4.1 typo3-cms-4_6-4.6.18-2.4.1 typo3-cms-4_7-4.7.10-2.4.1 References: http://support.novell.com/security/cve/CVE-2013-1842.html http://support.novell.com/security/cve/CVE-2013-1843.html https://bugzilla.novell.com/808528