28.03.2013 12:13, A.L.E.C wrote:
On 03/28/2013 09:54 AM, Vladislav Bogdanov wrote:
Patch for 0.6: http://ow.ly/jtQNd
Are previous versions affected?
Looking at my 0.4 installation, save_prefs is implemented absolutely differently, there are lists of prefs for each section, and they are cherry-picked from a what client sends.
It is r3787 (Mon, 28 Jun 2010) https://github.com/roundcube/roundcubemail/tree/bdb13a51f735623146f1ac81d932... with local patches to be precise.
0.4 is vulnerable too, you're looking in a wrong place. The issue is in steps/utils/save_pref.inc.
program/steps/settings/save_prefs.inc in my tree.
This one - https://github.com/roundcube/roundcubemail/blob/bdb13a51f735623146f1ac81d932...
This revision uses static lists of per-section prefs. I can't believe it is vulnerable.
We don't support such very old releases.
I understand. You go toooo fast for me to follow ;) Keep going!
It would be nice if you dig exact commit which introduced this.