[2/4] archiva-site git commit: Adding info about new CVE

[ma...@apache.org]

Adding info about new CVE


Project: http://git-wip-us.apache.org/repos/asf/archiva-site/repo
Commit: http://git-wip-us.apache.org/repos/asf/archiva-site/commit/6325ca94
Tree: http://git-wip-us.apache.org/repos/asf/archiva-site/tree/6325ca94
Diff: http://git-wip-us.apache.org/repos/asf/archiva-site/diff/6325ca94

Branch: refs/heads/master
Commit: 6325ca94847af35ebc50938032b9085be3228d6d
Parents: 2e06a21
Author: Martin Stockhammer <m....@web.de>
Authored: Tue Apr 11 21:35:08 2017 +0200
Committer: Martin Stockhammer <m....@web.de>
Committed: Tue Apr 11 21:35:08 2017 +0200

----------------------------------------------------------------------
 src/site/apt/security.apt | 37 ++++++++++++++++++++++++++++++-------
 1 file changed, 30 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/archiva-site/blob/6325ca94/src/site/apt/security.apt
----------------------------------------------------------------------
diff --git a/src/site/apt/security.apt b/src/site/apt/security.apt
index 2b09dfd..6dded6e 100644
--- a/src/site/apt/security.apt
+++ b/src/site/apt/security.apt
@@ -31,7 +31,30 @@ Security Vulnerabilities
   For more information about reporting vulnerabilities, see the
   {{{http://www.apache.org/security/} Apache Security Team}} page.
 
-* CVE-2013-2251: Apache Archiva Remote Command Execution
+
+  This is a list of known issues
+
+%{toc|fromDepth=2|toDepth=2}
+
+
+* {CVE-2017-5657}: Apache Archiva CSRF vulnerabilities for various REST endpoints
+
+  Several REST service endpoints of Apache Archiva are not protected against CSRF attacks.
+  A malicious site opened in the same browser as the archiva site, may send HTML response
+  that performs arbitrary actions on archiva services, with the same rights as the active archiva
+  session (e.g. adminstrator rights).
+
+  Versions Affected:
+
+    * All versions before 2.2.2
+
+  Mitigation:
+
+    * Upgrade to {{{./download.cgi} Archiva 2.2.2 or higher}}, where additional measures are taken to verify
+      the origin of REST requests.
+
+
+* {CVE-2013-2251}: Apache Archiva Remote Command Execution
 
   Apache Archiva is affected by a vulnerability in the version of the Struts
   library being used, which allows a malicious user to run code on the
@@ -51,7 +74,7 @@ Security Vulnerabilities
 
   Archiva 2.0.0 and later is not affected by this issue.
 
-* CVE-2013-2187: Apache Archiva Cross-Site Scripting vulnerability
+* {CVE-2013-2187}: Apache Archiva Cross-Site Scripting vulnerability
 
   A request that included a specially crafted request parameter could be used
   to inject arbitrary HTML or Javascript into the Archiva home page.
@@ -69,7 +92,7 @@ Security Vulnerabilities
 
   Archiva 2.0.0 and later is not affected by this issue.
 
-* CVE-2010-1870: Struts2 remote commands execution
+* {CVE-2010-1870}: Struts2 remote commands execution
 
   Apache Archiva is affected by a vulnerability in the version of the Struts
   library being used, which allows a malicious user to run code on the
@@ -90,7 +113,7 @@ Security Vulnerabilities
 
   Archiva 1.4-M3 and later is not affected by this issue.
 
-* CVE-2011-1077: Multiple XSS issues
+* {CVE-2011-1077}: Multiple XSS issues
 
   Apache Archiva is vulnerable to multiple XSS issues, both stored (persistent) and reflected (non-persistent). Javascript which
   might contain malicious code can be appended in a request parameter or stored as a value in a submitted form, and get executed.
@@ -103,7 +126,7 @@ Security Vulnerabilities
 
   []
 
-* CVE-2011-1026: Multiple CSRF issues
+* {CVE-2011-1026}: Multiple CSRF issues
 
   An attacker can build a simple html page containing a hidden Image tag (eg: <<<<img src=vulnurl width=0 height=0 />>>>) and
   entice the administrator to access the page.
@@ -116,7 +139,7 @@ Security Vulnerabilities
 
   []  
 
-* CVE-2011-0533: Apache Archiva cross-site scripting vulnerability
+* {CVE-2011-0533}: Apache Archiva cross-site scripting vulnerability
 
   A request that included a specially crafted request parameter could be used to inject arbitrary HTML or Javascript into the
   Archiva user management page. This fix is available in version {{{./download.html} 1.3.4}} of Apache Archiva. All users must
@@ -130,7 +153,7 @@ Security Vulnerabilities
     
     []
 
-* CVE-2010-3449: Apache Archiva CSRF Vulnerability
+* {CVE-2010-3449}: Apache Archiva CSRF Vulnerability
 
   Apache Archiva doesn't check which form sends credentials. An attacker can create a specially crafted page and force
   archiva administrators to view it and change their credentials. To fix this, a referrer check was added to the security