Please let me know how/where to report security issues confidentially? I have couple of them to discuss.
Security reports can be sent to [email protected]
I have sent the details over, please check.
Also the following CVE IDs were assigned to these issues:
I pushed some fixes in branch 9:
01075081cbcd9130a72115cdb50ee61fc394edc1
63c0ab93fb21f86c1b736061af9fa1eee90148fd
9760ed5c8d04f4de446c9e76bb1543371e695fcf
For the CVE-2019-11199, I am not sure if the fix is adequate, some thoughts:
For CVE-2019-11200, any reason why preg_match() is used instead of a more specific method, say in_array() ? The preg_replace () call would be unecessary then.
The reason being an attacker can still bypass the /(\$|%)/ Regex (and this check would be inadequate against other types of $SHELL).
For CVE-2019-11200, any reason why
preg_match()is used instead of a more specific method, sayin_array()? Thepreg_replace ()call would be unecessary then.The reason being an attacker can still bypass the
/(\$|%)/Regex (and this check would be inadequate against other types of $SHELL).
Thanks. I replace the preg_match with an in_array in v10.0.1