
<div dir="ltr"><div class="gmail_quote"><br>View online: <a href="https://www.drupal.org/sa-contrib-2023-014" rel="noreferrer" target="_blank">https://www.drupal.org/sa-contrib-2023-014</a><br>

<br>

Project: S3 File System [1]<br>

Version: 8.x-3.18.x-3.08.x-3.0-rc28.x-3.0-rc18.x-3.0-beta78.x-3.0-beta68.x-3.0-beta58.x-3.0-beta48.x-3.0-beta38.x-3.0-beta28.x-3.0-beta18.x-3.0-alpha17<br>

Date: 2023-May-03<br>

Security risk: *Moderately critical* 13∕25<br>

AC:Complex/A:User/CI:Some/II:Some/E:Theoretical/TD:All [2]<br>

Vulnerability: Access bypass<br>

<br>

Description: <br>

S3 File System (s3fs) provides an additional file system to your Drupal site,<br>

which stores files in Amazon's Simple Storage Service (S3) or any other<br>

S3-compatible storage service.<br>

<br>

This module may fail to validate that a file being requested to be moved to<br>

storage was uploaded during the same web request, possibly allowing an<br>

attacker to move files that should normally be inaccessible to them.<br>

<br>

This vulnerability is mitigated by the fact that another vulnerability must<br>

already exist outside of s3fs.<br>

<br>

Solution: <br>

Install the latest version:<br>

<br>

   * If you use the S3 File System module for Drupal 8.x, upgrade to s3fs<br>

     8.x-3.2 [3]<br>

<br>

Reported By: <br>

   * Conrad Lara [4]<br>

<br>

Fixed By: <br>

   * Conrad Lara [5]<br>

<br>

Coordinated By: <br>

   * Greg Knaddison [6] of the Drupal Security Team<br>

<br>

<br>

[1] <a href="https://www.drupal.org/project/s3fs" rel="noreferrer" target="_blank">https://www.drupal.org/project/s3fs</a><br>

[2] <a href="https://www.drupal.org/security-team/risk-levels" rel="noreferrer" target="_blank">https://www.drupal.org/security-team/risk-levels</a><br>

[3] <a href="https://www.drupal.org/project/s3fs/releases/8.x-3.2" rel="noreferrer" target="_blank">https://www.drupal.org/project/s3fs/releases/8.x-3.2</a><br>

[4] <a href="https://www.drupal.org/user/1790054" rel="noreferrer" target="_blank">https://www.drupal.org/user/1790054</a><br>

[5] <a href="https://www.drupal.org/user/1790054" rel="noreferrer" target="_blank">https://www.drupal.org/user/1790054</a><br>

[6] <a href="https://www.drupal.org/user/36762" rel="noreferrer" target="_blank">https://www.drupal.org/user/36762</a><br>

<br>

_______________________________________________<br>

Security-news mailing list<br>

<a href="mailto:Security-news@drupal.org" target="_blank">Security-news@drupal.org</a><br>

Unsubscribe at <a href="https://lists.drupal.org/mailman/listinfo/security-news" rel="noreferrer" target="_blank">https://lists.drupal.org/mailman/listinfo/security-news</a></div><div class="gmail_quote"><br></div><div class="gmail_quote">

<div><div dir="ltr" class="gmail_signature"><div dir="ltr"><div>===</div><div>Computer Security Incident Response Team - CSIRT</div><div>Universidade Estadual de Campinas - Unicamp</div><div>Centro de Computacao - CCUEC</div><div>GnuPG Public Key: <a href="http://www.security.unicamp.br/security.asc" target="_blank">http://www.security.unicamp.br/security.asc</a> [^]</div><div>Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830</div></div></div></div>


</div></div>