Demo Discussion
Forum Config Examples Contributions Vulnerabilities
  Discussion forum about ELOG, Page 772 of 796  Not logged in ELOG logo
 Find |  Login |  Help 
 Full | Summary | Threaded | Hide attachments  Show only new entries    6362 Entries 
Goto page Previous  1, 2, 3 ... 771, 772, 773 ... 794, 795, 796   Next  
ID Dateup Icon Author Author Email Category OS ELOG Version Subject
  69591   Mon Dec 5 04:15:17 2022 Reply Konstantin Olchanskiolchansk@triumf.caBug reportLinux3.14 EL7 EPELremove elog from EPEL and Fedora.
> elogd binary from EPEL

thank you for bringing this up to our attention. we recently went through this with debian and ubuntu. the elog package was severely out of date and 
did not include the security patches that went it right before covid started in the Winter of 2020.

the elogd package in EPEL7 is insecure and should not be used. (I see it is removed from EPEL8, EPEL9 and current Fedora).

I will have to contact EPEL maintainers to have it removed from EPEL7 (or at least to have it marked as "insecure, do not use").

https://dl.fedoraproject.org/pub/epel/7/SRPMS/Packages/e/elog-3.1.4-1.20190113git283534d97d5a.el7.src.rpm

https://packages.fedoraproject.org/pkgs/elog/elog/
https://packages.fedoraproject.org/pkgs/elog/elog/fedora-35.html
https://packages.fedoraproject.org/pkgs/elog/elog/epel-7.html

note in the changelog "Update to post-release snapshot of 3.1.4. - Fix several security issues."

K.O.
  69592   Tue Dec 20 17:37:42 2022 Reply Germano Massullogermano.massullo@cern.chBug reportLinux3.14 EL7 EPELremove elog from EPEL and Fedora.
> > elogd binary from EPEL
> 
> thank you for bringing this up to our attention. we recently went through this with debian and ubuntu. the elog package was severely out of date and 
> did not include the security patches that went it right before covid started in the Winter of 2020.
> 
> the elogd package in EPEL7 is insecure and should not be used. (I see it is removed from EPEL8, EPEL9 and current Fedora).
> 
> I will have to contact EPEL maintainers to have it removed from EPEL7 (or at least to have it marked as "insecure, do not use").
> 
> https://dl.fedoraproject.org/pub/epel/7/SRPMS/Packages/e/elog-3.1.4-1.20190113git283534d97d5a.el7.src.rpm
> 
> https://packages.fedoraproject.org/pkgs/elog/elog/
> https://packages.fedoraproject.org/pkgs/elog/elog/fedora-35.html
> https://packages.fedoraproject.org/pkgs/elog/elog/epel-7.html
> 
> note in the changelog "Update to post-release snapshot of 3.1.4. - Fix several security issues."
> 
> K.O.


Good day, elog has never been retired in EPEL 7. It is still there
https://src.fedoraproject.org/rpms/elog/tree/epel7

I am pretty sure because I am a Fedora/RHEL package maintainer and a retired package should contain in its Git branch only a file named "dead.package"
  69593   Tue Dec 20 21:16:37 2022 Warning Germano Massullogermano.massullo@cern.chBug reportLinux3.1.4URL causes elog crash

Hello, the following URL

https://foo.bar/elog/Shift+Reports/?new_user_name=a2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.com&new_full_name=a2seferewd%40fanneat.com&new_user_email=a2seferewd%40fanneat.com&newpwd=asdf&newpwd2=asdf&cmd=Save

causes elog 3.1.4 to crash. I attach full GDB trace

(gdb) set height 0
(gdb) set print elements 0
(gdb) set print frame-arguments all
(gdb) thread apply all backtrace

Thread 1 (Thread 0x7fc6d1624840 (LWP 1126)):
#0  0x00007fc6d06c6387 in raise () from /lib64/libc.so.6
#1  0x00007fc6d06c7a78 in abort () from /lib64/libc.so.6
#2  0x00007fc6d0708f67 in __libc_message () from /lib64/libc.so.6
#3  0x00007fc6d07a87a7 in __fortify_fail () from /lib64/libc.so.6
#4  0x00007fc6d07a6922 in __chk_fail () from /lib64/libc.so.6
#5  0x00007fc6d07a5e2b in _IO_str_chk_overflow () from /lib64/libc.so.6
#6  0x00007fc6d070d031 in __GI__IO_default_xsputn () from /lib64/libc.so.6
#7  0x00007fc6d06dd033 in vfprintf () from /lib64/libc.so.6
#8  0x00007fc6d07a5eb8 in __vsprintf_chk () from /lib64/libc.so.6
#9  0x00007fc6d07a5e0d in __sprintf_chk () from /lib64/libc.so.6
#10 0x0000000000423b5b in sprintf (__fmt=<optimized out>, __s=<optimized out>) at /usr/include/bits/stdio2.h:33
#11 get_user_line (lbs=<optimized out>, lbs@entry=0x2833748, 
    user=user@entry=0x7fffc84d0780 "a2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.combasar", password=password@entry=0x0, full_name=full_name@entry=0x0, email=email@entry=0x0, email_notify=email_notify@entry=0x0, 
    last_logout=last_logout@entry=0x0, inactive=inactive@entry=0x0) at src/elogd.c:25739
#12 0x0000000000433d0a in save_user_config (lbs=lbs@entry=0x2833748, 
    user=0x7704fc <_value+1500> "a2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.coma2seferewd@fonomsdfef.com", new_user=new_user@entry=1) at src/elogd.c:13343
#13 0x0000000000456068 in do_self_register (lbs=0x2833748, command=0x7fffc84d2650 "Save") at src/elogd.c:26768
#14 0x000000000045c1f7 in interprete (lbook=lbook@entry=0x7fffc84f92f0 "Shift Reports", path=path@entry=0x7fffc84d4430 "") at src/elogd.c:27594
#15 0x000000000045ecc6 in decode_get (logbook=logbook@entry=0x7fffc84f92f0 "Shift Reports", string=<optimized out>) at src/elogd.c:28393
#16 0x0000000000460970 in process_http_request (request=<optimized out>, 
    request@entry=0x284bee8 "GET /Shift+Reports/?new_user_name=a2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.coma2seferewd%402sefddsfgfd.com&new_full_name=a2seferewd%40fanneat.com&new_user_email=a2seferewd%40fanneat.com&newpwd=asdf&newpwd2=asdf&cmd=Save", i_conn=i_conn@entry=1) at src/elogd.c:29201
#17 0x00000000004623d2 in server_loop () at src/elogd.c:30212
#18 0x0000000000404209 in main (argc=8, argv=0x7fffc84fb6c8) at src/elogd.c:3123

  69594   Tue Dec 27 12:44:52 2022 Warning Andreykowaraj4stuff@gmail.comInfoAllELOG V3.1.4-493Duplicated \n in "plain" format with new WebKit

Dear Stefan, 

There is a problem with editing an Elog page in "plain" format with the following "User Agent" :

"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Safari/605.1.15"

It duplicates the newline symbols such that "1<CRLF>2" becomes "1<CRLF><CRLF>2". If edited again - "1<CRLF><CRLF><CRLF><CRLF>2".

I blame the new version of the Apple WebKit. 

It works fine with Chrome (user agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36"). But fails with Safari. 
 

Could you please have a look? 

Thank you in advance, 

Andrey Pashnin

AMS collaboration

 

  69595   Wed Dec 28 16:09:30 2022 Reply Andreykowaraj4stuff@gmail.comInfoAllELOG V3.1.4-493bug report to webkit.org

It shound't be a "bug report", sorry. I have changed the category to "Info".

It seems to be really a bug in the WebKit core. I have created a bug report there. For reference: https://bugs.webkit.org/show_bug.cgi?id=249923

 

I am going to try to patch the ELOG code to handle the content of the textarea in the "plain" format.... it doesn't seem possible though. 

  69596   Thu Dec 29 20:26:11 2022 Reply Andreykowaraj4stuff@gmail.comBug fixAllELOG V3.1.4-493a hack around

FYI.

Removing "wrap=hard" on the line #11461 in the elogd.cxx file resolves my problem.

 

- rsprintf("<textarea rows=%d cols=%d wrap=hard name=\"Text\">\n", height, width);*/
+ rsprintf("<textarea rows=%d cols=%d name=\"Text\">\n", height, width);

  69597   Fri Dec 30 00:46:03 2022 Reply Konstantin Olchanskiolchansk@triumf.caBug fixAllELOG V3.1.4-493a hack around
- rsprintf(&quot;&lt;textarea rows=%d cols=%d wrap=hard name=\&quot;Text\&quot;&gt;\n&quot;, height, width);
+ rsprintf(&quot;&lt;textarea rows=%d cols=%d name=\&quot;Text\&quot;&gt;\n&quot;, height, width);

my vote is to remove "wrap=hard":

1) I try to read the specs and my head explodes: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/textarea
2) textarea should just accept input typed by user, should not try to "neatify" it. if user wants long lines, we should let them.
3) this bug (introduced in recent safari, the best I can tell)

K.O.
  69598   Mon Jan 2 12:32:13 2023 Reply Andrey Pashninkowaraj4stuff@gmail.comInfoAllELOG V3.1.4-493webkit bug
FYI

They seem to have accepted the bug report:
https://bugs.webkit.org/show_bug.cgi?id=249923
Goto page Previous  1, 2, 3 ... 771, 772, 773 ... 794, 795, 796   Next  
ELOG V3.1.5-2eba886