You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@linkis.apache.org by pe...@apache.org on 2023/04/28 03:23:57 UTC

[linkis-website] branch dev updated: add cve doc (#700)

This is an automated email from the ASF dual-hosted git repository.

peacewong pushed a commit to branch dev
in repository https://gitbox.apache.org/repos/asf/linkis-website.git


The following commit(s) were added to refs/heads/dev by this push:
     new 0a868d8711 add cve doc (#700)
0a868d8711 is described below

commit 0a868d8711892522d47d46fcba4be808553d8c2b
Author: aiceflower <ki...@gmail.com>
AuthorDate: Fri Apr 28 11:23:50 2023 +0800

    add cve doc (#700)
    
    Co-authored-by: aiceflower <ki...@sina.com>
---
 community/security.md                              | 42 +++++++++++++++++++++-
 .../current/security.md                            | 27 ++++++++++++++
 2 files changed, 68 insertions(+), 1 deletion(-)

diff --git a/community/security.md b/community/security.md
index b58ba6b32e..dda1290672 100644
--- a/community/security.md
+++ b/community/security.md
@@ -13,4 +13,44 @@ Please specify the project name as "Linkis" in the email, and provide a descript
 
 The Apache Security Team and the Linkis community will get back to you after assessing and analyzing the findings.
 
-**Please note** that the security issue should be reported on the security email first, before disclosing it on any public domain.
\ No newline at end of file
+**Please note** that the security issue should be reported on the security email first, before disclosing it on any public domain.
+
+# Security fixes
+
+## Linkis 1.3.2
+
+### CVE-2023-27602
+
+
+Problem description: The upload interface of FsRestfulApi has an overreach problem. By default, the user has the permissions of the corresponding directory. The interface does not verify the relative path when uploading files. As a result, the user can upload files to a directory that is not the user's permission by using the relative path.
+
+
+Repair PR: https://github.com/apache/linkis/pull/4366
+
+
+
+### CVE-2023-27603
+
+
+Problem description: The material upload interface of FsRestfulApi has an overreach problem. The interface does not check the relative path. As a result, users upload materials to an illegal directory.
+
+
+Repair PR: https://github.com/apache/linkis/pull/4400
+
+
+### CVE-2023-27987
+
+
+Problem description: The default Token length configured by Linkis is too short and fixed. Attackers can guess the Token value by brent-force exhaustion, resulting in security risks.
+
+
+Repair PR: https://github.com/apache/linkis/pull/4349
+
+
+### CVE-2023-29215 and CVE-2023-29216
+
+
+Problem description: Linkis system data source module and JDBC engine connector plug-in, when configging Mysql link, background check coverage is not comprehensive. Unfiltered user-configured parameters such as allowLoadLocalInfile and autoDeserialize that have security risks.
+
+
+Repair of PR: https://github.com/apache/linkis/pull/4412
\ No newline at end of file
diff --git a/i18n/zh-CN/docusaurus-plugin-content-docs-community/current/security.md b/i18n/zh-CN/docusaurus-plugin-content-docs-community/current/security.md
index 5a4aee9d87..71b84a3b2a 100644
--- a/i18n/zh-CN/docusaurus-plugin-content-docs-community/current/security.md
+++ b/i18n/zh-CN/docusaurus-plugin-content-docs-community/current/security.md
@@ -10,3 +10,30 @@ Apache Software Foundation 在消除其软件项目中的安全问题方面采
 如果您对 Linkis 的安全性感到担忧,或者您发现了漏洞或潜在的威胁,请不要犹豫与 [Apache 安全团队](http://www.apache.org/security/) 联系,发送邮件至 [security@apache.org](mailto:security@apache.org)。 在邮件中请指明项目名称为 Linkis,并提供相关问题或潜在威胁的描述。同时推荐重现和复制安全问题的方法。在评估和分析调查结果后,Apache 安全团队和 Linkis 社区将直接与您回复。
 
 **请注意** 在提交安全邮件之前,请勿在公共领域披露安全电子邮件报告的安全问题。
+
+# 安全漏洞修复
+
+## Linkis 1.3.2 
+### CVE-2023-27602
+
+问题描述:FsRestfulApi的upload接口存在越权问题。用户默认是有自己对应目录的权限,该接口上传文件时缺少对相对路径的校验,导致用户可以使用相对路径的方式将文件上传至非该用户权限的目录下。
+
+修复PR:https://github.com/apache/linkis/pull/4366
+
+### CVE-2023-27603
+
+问题描述:FsRestfulApi的物料上传接口存在越权问题。接口未做相对路径校验,导致用户上传物料是存在访问非法目录的情况。
+
+修复PR:https://github.com/apache/linkis/pull/4400
+
+### CVE-2023-27987
+
+问题描述:Linkis 默认配置的 Token 长度太短且固定不变,攻击者可以用暴力穷举的方式猜出 Token 值,存在安全隐患。
+
+修复PR:https://github.com/apache/linkis/pull/4349
+
+### CVE-2023-29215 和 CVE-2023-29216
+
+问题描述:Linkis 系统 数据源模块和 JDBC 引擎连接器插件,在配置 Mysql 链接的时候,后台校验覆盖不全面。未过滤掉用户配置的 allowLoadLocalInfile、autoDeserialize 等存在安全隐患的参数。
+
+修复PR: https://github.com/apache/linkis/pull/4412
\ No newline at end of file


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@linkis.apache.org
For additional commands, e-mail: commits-help@linkis.apache.org