Upgrade pubcookie from 3.3.0-beta2 to 3.3.0a fixing serious XSS

vulnerabilities.

4 files changed, 100 insertions, 5 deletions

diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 22b0400268d1..48dd55ece9bd 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,99 @@ Note:  Please add new entries to the beginning of this file.
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="91afa94c-c452-11da-8bff-000ae42e9b93">
+    <topic>mod_pubcookie -- cross site scripting vulnerability</topic>
+    <affects>
+      <package>
+	<name>mod_pubcookie</name>
+	<range><lt>3.3.0</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Nathan Dors of the Pubcookie Project reports:</p>
+	<blockquote cite="http://www.pubcookie.org/news/20060306-apps-secadv.html">
+	  <p>Non-persistent XSS vulnerabilities were found in the
+            Pubcookie Apache module (mod_pubcookie) and ISAPI
+            filter. These components mishandle untrusted data when
+            printing responses to the browser. This makes them
+            vulnerable to carefully crafted requests containing script
+            or HTML. If an attacker can lure an unsuspecting user to
+            visit carefully staged content, the attacker can use it to
+            redirect the user to a vulnerable Pubcookie application
+            server and attempt to exploit the XSS vulnerabilities.</p>
+	  <p>These vulnerabilities are classified as *high* due to the
+            nature and purpose of Pubcookie application servers for user
+            authentication and Web Single Sign-on (SSO). An attacker
+            who injects malicious script through the vulnerabilities
+            might steal private Pubcookie data including a user's
+            authentication assertion ("granting") cookies and
+            application session cookies.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <certvu>314540</certvu>
+    </references>
+    <dates>
+      <discovery>2006-03-06</discovery>
+      <entry>2006-04-05</entry>
+    </dates>
+  </vuln>
+
+  <vuln vid="855cd9fa-c452-11da-8bff-000ae42e9b93">
+    <topic>pubcookie-login-server -- cross site scripting vulnerability</topic>
+    <affects>
+      <package>
+	<name>pubcookie-login-server</name>
+	<range><lt>3.3.0</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Nathan Dors of the Pubcookie Project reports:</p>
+	<blockquote cite="">
+	  <p> Multiple non-persistent XSS vulnerabilities were found
+            in the Pubcookie login server's compiled binary "index.cgi"
+            CGI program. The CGI program mishandles untrusted data when
+            printing responses to the browser. This makes the program
+            vulnerable to carefully crafted requests containing script
+            or HTML. If an attacker can lure an unsuspecting user to
+            visit carefully staged content, the attacker can use it to
+            redirect the user to his or her local Pubcookie login page
+            and attempt to exploit the XSS vulnerabilities.</p>
+	  <p> These vulnerabilities are classified as *critical* due
+            to the nature and purpose of the Pubcookie login server for
+            user authentication and Web Single Sign-on (SSO). Specific
+            threats include:</p>
+	  <ul>
+	    <li>An attacker who injects malicious script through the
+              vulnerabilities might steal senstive user data including
+              a user's authentication credentials (usernames and
+              passwords);</li>
+	    <li>An attacker who injects malicious script through the
+              vulnerabilities might steal private Pubcookie data
+              including a user's authentication assertion ("granting")
+              cookies and SSO ("login") session cookies;</li>
+	    <li>An attacker who injects HTML tags through the
+              vulnerabilities might deface a site's Pubcookie login page
+              for a single visit by a single user (i.e. a non-persistent
+              defacement).</li>
+	  </ul>
+	  <p>At the heart of these threats lies a violation of the
+	    user's trust in the Pubcookie login server.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <certvu>337585</certvu>
+    </references>
+    <dates>
+      <discovery>2006-03-06</discovery>
+      <entry>2006-04-05</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="37a5c10f-bf56-11da-b0e9-00123ffe8333">
     <topic>freeradius -- EAP-MSCHAPv2 Authentication Bypass</topic>
     <affects>
diff --git a/www/mod_pubcookie/Makefile b/www/mod_pubcookie/Makefile
index 46de63b79e7d..bee26d486e98 100644
--- a/www/mod_pubcookie/Makefile
+++ b/www/mod_pubcookie/Makefile
@@ -6,10 +6,11 @@
 #
 
 PORTNAME=	pubcookie
-DISTVERSION=	3.3.0-beta2
+PORTVERSION=	3.3.0
 CATEGORIES=	www security
 MASTER_SITES=	http://pubcookie.org/downloads/
 PKGNAMEPREFIX=	mod_
+DISTNAME=	${PORTNAME}-3.3.0a
 
 MAINTAINER=	brooks@FreeBSD.org
 COMMENT=	A single sign-on system for websites (apache module)
diff --git a/www/pubcookie-login-server/Makefile b/www/pubcookie-login-server/Makefile
index 11675a79e630..afd869ef5924 100644
--- a/www/pubcookie-login-server/Makefile
+++ b/www/pubcookie-login-server/Makefile
@@ -6,10 +6,11 @@
 #
 
 PORTNAME=	pubcookie
-DISTVERSION=	3.3.0-beta2
+PORTVERSION=	3.3.0
 CATEGORIES=	www security
 MASTER_SITES=	http://pubcookie.org/downloads/
 PKGNAMESUFFIX=	-login-server
+DISTNAME=	${PORTNAME}-3.3.0a
 
 MAINTAINER=	brooks@FreeBSD.org
 COMMENT=	A single sign-on system for websites (login server)
diff --git a/www/pubcookie-login-server/distinfo b/www/pubcookie-login-server/distinfo
index a78136f51261..28b1ef28ee46 100644
--- a/www/pubcookie-login-server/distinfo
+++ b/www/pubcookie-login-server/distinfo
@@ -1,3 +1,3 @@
-MD5 (pubcookie-3.3.0-beta2.tar.gz) = 37cb9ca0c729b1882e197e083aadceb1
-SHA256 (pubcookie-3.3.0-beta2.tar.gz) = 90e67b96abf14f2bf8a2bc75f7223f677e9be51b0e3d4bc07a95df4510c08962
-SIZE (pubcookie-3.3.0-beta2.tar.gz) = 2107442
+MD5 (pubcookie-3.3.0a.tar.gz) = e92194309fc8e784729d89742ac945c1
+SHA256 (pubcookie-3.3.0a.tar.gz) = 070643f556ad93f9031a097eb42260f0f12ae7b5bbe3971d8c0f1b7da8605261
+SIZE (pubcookie-3.3.0a.tar.gz) = 2111977