FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ikiwiki -- multiple vulnerabilities

Affected packages
ikiwiki < 3.20161229

Details

VuXML ID 5ed094a0-0150-11e7-ae1b-002590263bf5
Discovery 2016-12-19
Entry 2017-03-05

Mitre reports:

ikiwiki 3.20161219 does not properly check if a revision changes the access permissions for a page on sites with the git and recentchanges plugins and the CGI interface enabled, which allows remote attackers to revert certain changes by leveraging permissions to change the page before the revision was made.

When CGI::FormBuilder->field("foo") is called in list context (and in particular in the arguments to a subroutine that takes named arguments), it can return zero or more values for foo from the CGI request, rather than the expected single value. This breaks the usual Perl parsing convention for named arguments, similar to CVE-2014-1572 in Bugzilla (which was caused by a similar API design issue in CGI.pm).

References

CVE Name CVE-2016-10026
CVE Name CVE-2016-9645
CVE Name CVE-2016-9646
URL https://ikiwiki.info/security/#index46h2
URL https://ikiwiki.info/security/#index47h2