diff --git a/README.md b/README.md index 5a693ea..26391ae 100644 --- a/README.md +++ b/README.md @@ -91,6 +91,11 @@ good existing software is great: Security issues that have been addressed: + * 2024-01-21: Wander Nauta found out we could crash on logging an error + containing a malformed UTF-8 string + * 2024-01-21: Wander Nauta spotted that adding a linefeed to a content-type + would cause the webserver to not set a content-type, allowing you to host + random content without a content-type * 2024-01-19: Initialization/seeding of random generator was only 32 bits, leading to predictable session id's. Spotted by Josh Simmons. It turns out that the sample C++ code you see everywhere leads to only 32 bits of seed. Solar Designer subsequently pointed out (with proof) that the fix was not good enough, so it has been fixed again. * 2024-01-19: Trifecta allows you to upload .SVG files. It turns out that if a user visits a .SVG directly (so not through an <img> element), browsers will execute JavaScript embedded in the file. Spotted by Wander Nauta. Fixed with a Content-Security-Policy, consequences limited by making our cookie HttpOnly. * 2024-01-19: Wander Nauta found out that a hostile logged in user could get Trifecta to send email to arbitrary destinations, by injecting control characters in their email address. Trifecta is not designed for hostile users, but this still needed to be fixed. diff --git a/support.cc b/support.cc index 967f179..da84919 100644 --- a/support.cc +++ b/support.cc @@ -540,8 +540,13 @@ SimpleWebSystem::SimpleWebSystem(LockedSqw& lsqw) : d_lsqw(lsqw), d_users(lsqw), reason = "An unknown error occurred"; } cout<