Bug #87450
Harden CommandUtility invocations
100%
Associated revisions
[BUGFIX] Harden CommandUtility invocations
In order to harden CommandUtility API arguments used for invoking
system commands are escaped in addition. Since no insecure usages
have been identified in the TYPO3 core nor in public third party
extensions, this change is handled using a public workflow.
| In order to evaluate whether third party extensions open a | potential attack vector, usages of CommandUtility::checkCommand(), | CommandUtility::getCommand() and the registration of custom services | ($GLOBALS[‘T3_SERVICES’]) concerning their ‘exec’ argument have to | be checked.
Resolves: #87450
Releases: master, 9.5, 8.7
Security-Advisory: TYPO3-PSA-2019-001
Change-Id: If4f2a63045ac7b2473881992f9731a635a768d37
Reviewed-on: https://review.typo3.org/59448
Tested-by: TYPO3com <noreply@typo3.com>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Anja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
[BUGFIX] Harden CommandUtility invocations
In order to harden CommandUtility API arguments used for invoking
system commands are escaped in addition. Since no insecure usages
have been identified in the TYPO3 core nor in public third party
extensions, this change is handled using a public workflow.
| In order to evaluate whether third party extensions open a | potential attack vector, usages of CommandUtility::checkCommand(), | CommandUtility::getCommand() and the registration of custom services | ($GLOBALS[‘T3_SERVICES’]) concerning their ‘exec’ argument have to | be checked.
Resolves: #87450
Releases: master, 9.5, 8.7
Security-Advisory: TYPO3-PSA-2019-001
Change-Id: If4f2a63045ac7b2473881992f9731a635a768d37
Reviewed-on: https://review.typo3.org/59471
Tested-by: TYPO3com <noreply@typo3.com>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
[BUGFIX] Harden CommandUtility invocations
In order to harden CommandUtility API arguments used for invoking
system commands are escaped in addition. Since no insecure usages
have been identified in the TYPO3 core nor in public third party
extensions, this change is handled using a public workflow.
| In order to evaluate whether third party extensions open a | potential attack vector, usages of CommandUtility::checkCommand(), | CommandUtility::getCommand() and the registration of custom services | ($GLOBALS[‘T3_SERVICES’]) concerning their ‘exec’ argument have to | be checked.
Resolves: #87450
Releases: master, 9.5, 8.7
Security-Advisory: TYPO3-PSA-2019-001
Change-Id: If4f2a63045ac7b2473881992f9731a635a768d37
Reviewed-on: https://review.typo3.org/59472
Tested-by: TYPO3com <noreply@typo3.com>
Reviewed-by: Oliver Hader <oliver.hader@typo3.org>
Tested-by: Oliver Hader <oliver.hader@typo3.org>
History
#1
Updated by Gerrit Code Review 6 months ago
Updated by - Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/59448
#3
Updated by Gerrit Code Review 6 months ago
Patch set 1 for branch 9.5 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/59471
#4
Updated by Oliver Hader 6 months ago
Updated by - Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 71c15ee89a6bec616fac7fe4137284ef1177dbdc.
#5
Updated by Gerrit Code Review 6 months ago
- Status changed from Resolved to Under Review
Patch set 1 for branch TYPO3_8-7 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/59472
#6
Updated by Oliver Hader 6 months ago
- Status changed from Under Review to Resolved
Applied in changeset 8c382831d868a0ea7ad6c5747103c5c152ea3add.
#7
Updated by Benni Mack 3 months ago
Updated by - Status changed from Resolved to Closed