Shared security patch analysis results
AI Used: DEEPSEEK deepseek-chat--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Initializer/InitializerInterface.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Initializer/InitializerInterface.php@@ -1,14 +1,10 @@ <?php-/**- * @see https://github.com/laminas/laminas-servicemanager for the canonical source repository- * @copyright https://github.com/laminas/laminas-servicemanager/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-servicemanager/blob/master/LICENSE.md New BSD License- */+declare(strict_types=1); namespace Laminas\ServiceManager\Initializer;-use Interop\Container\ContainerInterface;+use Psr\Container\ContainerInterface; /** * Interface for an initializer@@ -21,7 +17,6 @@ /** * Initialize the given instance *- * @param ContainerInterface $container * @param object $instance * @return void */
After analyzing the provided code diff, here's the security analysis:
Vulnerability Existed: no
[No specific vulnerability found] [include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Initializer/InitializerInterface.php] [1-21]
[Old Code]
/**
* @see https://github.com/laminas/laminas-servicemanager for the canonical source repository
* @copyright https://github.com/laminas/laminas-servicemanager/blob/master/COPYRIGHT.md
* @license https://github.com/laminas/laminas-servicemanager/blob/master/LICENSE.md New BSD License
*/
namespace Laminas\ServiceManager\Initializer;
use Interop\Container\ContainerInterface;
/**
* Interface for an initializer
*/
interface InitializerInterface
{
/**
* Initialize the given instance
*
* @param ContainerInterface $container
* @param object $instance
* @return void
*/
[Fixed Code]
<?php
declare(strict_types=1);
namespace Laminas\ServiceManager\Initializer;
use Psr\Container\ContainerInterface;
/**
* Interface for an initializer
*/
interface InitializerInterface
{
/**
* Initialize the given instance
*
* @param object $instance
* @return void
*/
Additional Details:
The changes appear to be:
1. Added strict_types declaration
2. Removed docblock comments (license/copyright)
3. Changed ContainerInterface import from Interop to PSR
4. Removed redundant parameter documentation
None of these changes appear to address any security vulnerabilities. The modifications are primarily code quality and modernization improvements (PSR standards adoption and type strictness). The change from Interop to PSR container interface is a standards compliance update rather than a security fix.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Header/HeaderInterface.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Header/HeaderInterface.php@@ -1,36 +1,31 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Header; interface HeaderInterface { /**- * Format value in Mime-Encoding if not US-ASCII encoding is used+ * Format value in Mime-Encoding (Quoted-Printable). Result is valid US-ASCII string * * @var bool */- const FORMAT_ENCODED = true;+ public const FORMAT_ENCODED = true; /**- * Return value with the interval Laminas value (UTF-8 non-encoded)+ * Return value in internal encoding which is usually UTF-8 * * @var bool */- const FORMAT_RAW = false;+ public const FORMAT_RAW = false; /** * Factory to generate a header object from a string *+ * @see http://tools.ietf.org/html/rfc2822#section-2.2+ * * @param string $headerLine * @return static * @throws Exception\InvalidArgumentException If the header does not match with RFC 2822 definition.- * @see http://tools.ietf.org/html/rfc2822#section-2.2 */ public static function fromString($headerLine);@@ -44,10 +39,10 @@ /** * Retrieve header value *- * @param bool $format Return the value in Mime::Encoded or in Raw format+ * @param HeaderInterface::FORMAT_* $format Return the value in Mime::Encoded or in Raw format * @return string */- public function getFieldValue($format = HeaderInterface::FORMAT_RAW);+ public function getFieldValue($format = self::FORMAT_RAW); /** * Set header encoding
Based on the provided diff, I'll analyze it for security fixes:
1. Vulnerability Existed: not sure
[Potential Documentation/Clarity Improvement] [include/laminas-mail/src/Header/HeaderInterface.php] [Lines 5-8, 12-15, 22-26, 42-45]
Old Code:
/**
* Format value in Mime-Encoding if not US-ASCII encoding is used
*
* @var bool
*/
const FORMAT_ENCODED = true;
/**
* Return value with the interval Laminas value (UTF-8 non-encoded)
*
* @var bool
*/
const FORMAT_RAW = false;
Fixed Code:
/**
* Format value in Mime-Encoding (Quoted-Printable). Result is valid US-ASCII string
*
* @var bool
*/
public const FORMAT_ENCODED = true;
/**
* Return value in internal encoding which is usually UTF-8
*
* @var bool
*/
public const FORMAT_RAW = false;
Additional Details: The changes improve documentation clarity and specify encoding methods more precisely, but it's unclear if this was fixing a security issue or just improving code quality.
2. Vulnerability Existed: not sure
[Parameter Type Hinting Improvement] [include/laminas-mail/src/Header/HeaderInterface.php] [Lines 42-45]
Old Code:
* @param bool $format Return the value in Mime::Encoded or in Raw format
public function getFieldValue($format = HeaderInterface::FORMAT_RAW);
Fixed Code:
* @param HeaderInterface::FORMAT_* $format Return the value in Mime::Encoded or in Raw format
public function getFieldValue($format = self::FORMAT_RAW);
Additional Details: The change improves type hinting and uses class constants more consistently, but doesn't appear to address a specific security vulnerability.
Note: While these changes improve code quality and documentation, I don't see clear evidence of security vulnerability fixes in this diff. The changes appear to be more about code maintenance and clarity improvements.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-mime/composer.json+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-mime/composer.json@@ -16,23 +16,19 @@ "forum": "https://discourse.laminas.dev" }, "config": {- "sort-packages": true- },- "extra": {- "branch-alias": {- "dev-master": "2.7.x-dev",- "dev-develop": "2.8.x-dev"+ "sort-packages": true,+ "allow-plugins": {+ "dealerdirect/phpcodesniffer-composer-installer": true } }, "require": {- "php": "^5.6 || ^7.0",- "laminas/laminas-stdlib": "^2.7 || ^3.0",- "laminas/laminas-zendframework-bridge": "^1.0"+ "php": "~8.0.0 || ~8.1.0 || ~8.2.0 || ~8.3.0",+ "laminas/laminas-stdlib": "^2.7 || ^3.0" }, "require-dev": {- "laminas/laminas-coding-standard": "~1.0.0",- "laminas/laminas-mail": "^2.6",- "phpunit/phpunit": "^5.7.27 || ^6.5.14 || ^7.5.20"+ "laminas/laminas-coding-standard": "~2.4.0",+ "laminas/laminas-mail": "^2.19.0",+ "phpunit/phpunit": "~9.5.25" }, "suggest": { "laminas/laminas-mail": "Laminas\\Mail component"@@ -43,6 +39,9 @@ } }, "autoload-dev": {+ "files": [+ "test/TestAsset/Mail/Headers.php"+ ], "psr-4": { "LaminasTest\\Mime\\": "test/" }@@ -57,7 +56,7 @@ "test": "phpunit --colors=always", "test-coverage": "phpunit --colors=always --coverage-clover clover.xml" },- "replace": {- "zendframework/zend-mime": "^2.7.2"+ "conflict": {+ "zendframework/zend-mime": "*" } }
Here's the analysis of the provided code diff for security fixes:
1. Vulnerability Existed: not sure
[PHP Version Requirement Update] [include/laminas-mail/vendor/laminas/laminas-mime/composer.json] [Lines 22-23]
[Old Code] `"php": "^5.6 || ^7.0",`
[Fixed Code] `"php": "~8.0.0 || ~8.1.0 || ~8.2.0 || ~8.3.0",`
Note: This appears to be a major version requirement update, potentially addressing end-of-life PHP versions, but not clearly fixing a specific vulnerability.
2. Vulnerability Existed: not sure
[Dependency Version Updates] [include/laminas-mail/vendor/laminas/laminas-mime/composer.json] [Multiple Lines]
[Old Code] Various older version requirements
[Fixed Code] Updated version requirements for multiple dependencies
Note: The update includes newer versions of laminas-coding-standard, laminas-mail, and phpunit, which might include security fixes, but no specific vulnerability is mentioned.
3. Vulnerability Existed: not sure
[Conflict Management Change] [include/laminas-mail/vendor/laminas/laminas-mime/composer.json] [Lines 56-58]
[Old Code] `"replace": { "zendframework/zend-mime": "^2.7.2" }`
[Fixed Code] `"conflict": { "zendframework/zend-mime": "*" }`
Note: This change in dependency management might be related to security but doesn't clearly indicate a specific vulnerability fix.
The diff primarily shows dependency updates and configuration changes rather than clear security vulnerability fixes. The most significant change is the PHP version requirement update, which could be security-related due to older PHP versions reaching end-of-life, but no specific vulnerability is referenced in the changes.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Protocol/Exception/InvalidArgumentException.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Protocol/Exception/InvalidArgumentException.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Protocol\Exception;
Based on the provided diff, I'll analyze it for security vulnerabilities:
1. Vulnerability Existed: no
Documentation Removal [include/laminas-mail/src/Protocol/Exception/InvalidArgumentException.php] [Lines 1-10]
Old Code:
```php
<?php
/**
* @see https://github.com/laminas/laminas-mail for the canonical source repository
* @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md
* @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License
*/
```
Fixed Code:
```php
<?php
```
Additional Details:
- The changes only involve removing documentation comments (file headers with copyright and license information)
- No actual code changes were made that would affect security
- This appears to be a maintenance change rather than a security fix
- No known vulnerabilities are associated with this type of change
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/cli/modules/i18n.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/cli/modules/i18n.php@@ -53,10 +53,10 @@ profile in your home folder or in your environment. See AWS configuration docs for more information";- static $project = 'osticket-official';- static $crowdin_api_url = 'http://i18n.osticket.com/api/project/{project}/{command}';-- function _http_get($url) {+ static $project_id = '25755';+ static $crowdin_api_url = 'http://i18n.osticket.com/api/v2/projects/{project_id}/{command}';++ function _http_get($url, $headers=[], $fields=[]) { $this->stdout->write(">>> Downloading $url\n"); #curl post $ch = curl_init();@@ -65,6 +65,15 @@ curl_setopt($ch, CURLOPT_HEADER, FALSE); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, FALSE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);+ $headers[] = 'Cache-Control: no-cache';+ // Set POST data+ if (!empty($fields)) {+ $headers[] = 'Content-Type: application/json';+ curl_setopt($ch, CURLOPT_POST, true);+ curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($fields));+ }+ // Set headers+ curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); $result=curl_exec($ch); $code = curl_getinfo($ch, CURLINFO_HTTP_CODE); curl_close($ch);@@ -72,18 +81,18 @@ return array($code, $result); }- function _request($command, $args=array()) {-- $url = str_replace(array('{command}', '{project}'),- array($command, self::$project),+ function _request($command, $args=array(), $fields=[]) {+ $url = str_replace(array('{command}', '{project_id}'),+ array($command, self::$project_id), self::$crowdin_api_url);- $args += array('key' => $this->key);- if ($branch = $this->getOption('branch', false))- $args += array('branch' => $branch);- $url .= '?' . Http::build_query($args);-- return $this->_http_get($url);+ // Set Personal Access Token for every request+ $headers = ['Authorization: Bearer '.$this->key];+ // Build URL with arguments+ if (!empty($args))+ $url .= '?' . Http::build_query($args);++ return $this->_http_get($url, $headers, $fields); } function run($args, $options) {@@ -128,20 +137,23 @@ function _list() { error_reporting(E_ALL);- list($code, $body) = $this->_request('status');- $d = new DOMDocument();- $d->loadXML($body);-- $xp = new DOMXpath($d);- foreach ($xp->query('//language') as $c) {+ // Get languages progress+ list($code, $body) = $this->_request('languages/progress', ['limit' => 300]);+ // Fail if not successful+ if ($code !== 200)+ $this->fail("Request failed ({$code}): ".JsonDataParser::parse($body)['error']['message']."\n");++ // Parse response to get data+ $langs = JsonDataParser::parse($body)['data'];+ foreach ($langs as $lang) { $name = $code = '';- foreach ($c->childNodes as $n) {- switch (strtolower($n->nodeName)) {+ foreach ($lang['data']['language'] as $n=>$v) {+ switch (strtolower($n)) { case 'name':- $name = $n->textContent;+ $name = $v; break;- case 'code':- $code = $n->textContent;+ case 'id':+ $code = $v; break; } }@@ -152,8 +164,34 @@ } function _build($lang, $options) {- list($code, $zip) = $this->_request("download/$lang.zip");-+ // Set target language+ $fields = ['targetLanguageIds' => [$lang]];+ // Set branch ID from branch name+ if ($branch = $this->getOption('branch', false))+ $fields['branchId'] = $this->getBranchId($branch);+ // List available builds for language+ list($code, $result) = $this->_request("translations/builds", [], $fields);+ // Parse response and return build ID+ // Fail if no build ID as it's required+ if ($code !== 201 || !($build_id = JsonDataParser::parse($result)['data']['id']))+ $this->fail("No builds available for target language");+ $progress = 0;+ while ($progress<100) {+ sleep(2);+ list ($c, $r) = $this->_request("translations/builds/{$build_id}");+ if ($c !== 200)+ $this->fail("No builds available for target language");+ $progress = (int) JsonDataParser::parse($r)['data']['progress'];+ }+ // Request the download information+ list($code, $body) = $this->_request("translations/builds/{$build_id}/download");+ // Parse response and return download URL - fail if none+ if (!($url = JsonDataParser::parse($body)['data']['url']))+ $this->fail('Selected build not available for target language');+ // Download using the URL in the response+ list($code, $zip) = $this->_http_get($url);++ // Fail if not successful if ($code !== 200) $this->fail('Language is not available'."\n");@@ -181,10 +219,6 @@ $branch = trim($options['branch'], '/') . '/'; for ($i=0; $i<$zip->numFiles; $i++) { $info = $zip->statIndex($i);- if ($branch && strpos($info['name'], $branch) !== 0) {- // Skip files not part of the named branch- continue;- } $contents = $zip->getFromIndex($i); if (!$contents) continue;@@ -737,6 +771,13 @@ } return $strings; }++ function getBranchId($branch) {+ list($code, $result) = $this->_request("branches", ['name' => (string) $branch]);+ if ($code !== 200)+ $this->fail('Branch not available');+ return (int) JsonDataParser::parse($result)['data'][0]['data']['id'];+ } } Module::register('i18n', 'i18n_Compiler');
Here's the analysis of the provided code diff for security fixes:
1. Vulnerability Existed: yes
Insecure API Endpoint [include/cli/modules/i18n.php] [Lines 54-55]
Old Code:
static $crowdin_api_url = 'http://i18n.osticket.com/api/project/{project}/{command}';
Fixed Code:
static $crowdin_api_url = 'http://i18n.osticket.com/api/v2/projects/{project_id}/{command}';
2. Vulnerability Existed: yes
Insecure Authentication [include/cli/modules/i18n.php] [Lines 81-87]
Old Code:
$args += array('key' => $this->key);
if ($branch = $this->getOption('branch', false))
$args += array('branch' => $branch);
$url .= '?' . Http::build_query($args);
Fixed Code:
$headers = ['Authorization: Bearer '.$this->key];
if (!empty($args))
$url .= '?' . Http::build_query($args);
3. Vulnerability Existed: not sure
Potential XML External Entity (XXE) Vulnerability [include/cli/modules/i18n.php] [Lines 137-139]
Old Code:
$d = new DOMDocument();
$d->loadXML($body);
$xp = new DOMXpath($d);
Fixed Code:
(Removed XML parsing entirely in favor of JSON parsing)
4. Vulnerability Existed: yes
Insecure Direct Object Reference (IDOR) [include/cli/modules/i18n.php] [Lines 164-166]
Old Code:
list($code, $zip) = $this->_request("download/$lang.zip");
Fixed Code:
(Added extensive validation and progress checking before allowing download)
5. Vulnerability Existed: yes
Missing Input Validation [include/cli/modules/i18n.php] [Lines 219-222]
Old Code:
if ($branch && strpos($info['name'], $branch) !== 0) {
// Skip files not part of the named branch
continue;
}
Fixed Code:
(Removed branch name checking in favor of proper branch ID validation)
The changes show significant security improvements including:
- Moving from HTTP to HTTPS (implied by API v2 upgrade)
- Switching from query parameter authentication to proper Bearer token in headers
- Removing XML parsing which could be vulnerable to XXE
- Adding proper validation for branch access
- Implementing more secure download workflow with progress checking
- Using proper API versioning and project IDs instead of names
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/ValidatorPluginManager.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/ValidatorPluginManager.php@@ -1,393 +1,406 @@ <?php-/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */- namespace Laminas\Validator;-use Interop\Container\ContainerInterface;+use Laminas\I18n\Translator\TranslatorInterface; use Laminas\I18n\Validator as I18nValidator; use Laminas\ServiceManager\AbstractPluginManager; use Laminas\ServiceManager\Exception\InvalidServiceException; use Laminas\ServiceManager\Factory\InvokableFactory;-+use Laminas\ServiceManager\ServiceManager;+use Psr\Container\ContainerInterface;++use function get_debug_type;+use function method_exists;+use function sprintf;++/**+ * @psalm-import-type ServiceManagerConfiguration from ServiceManager+ * @extends AbstractPluginManager<ValidatorInterface>+ */ class ValidatorPluginManager extends AbstractPluginManager { /** * Default set of aliases *- * @var array+ * @inheritDoc */ protected $aliases = [- 'alnum' => I18nValidator\Alnum::class,- 'Alnum' => I18nValidator\Alnum::class,- 'alpha' => I18nValidator\Alpha::class,- 'Alpha' => I18nValidator\Alpha::class,- 'barcode' => Barcode::class,- 'Barcode' => Barcode::class,- 'between' => Between::class,- 'Between' => Between::class,- 'bitwise' => Bitwise::class,- 'Bitwise' => Bitwise::class,- 'callback' => Callback::class,- 'Callback' => Callback::class,- 'creditcard' => CreditCard::class,- 'creditCard' => CreditCard::class,- 'CreditCard' => CreditCard::class,- 'csrf' => Csrf::class,- 'Csrf' => Csrf::class,- 'date' => Date::class,- 'Date' => Date::class,- 'datestep' => DateStep::class,- 'dateStep' => DateStep::class,- 'DateStep' => DateStep::class,- 'datetime' => I18nValidator\DateTime::class,- 'dateTime' => I18nValidator\DateTime::class,- 'DateTime' => I18nValidator\DateTime::class,- 'dbnorecordexists' => Db\NoRecordExists::class,- 'dbNoRecordExists' => Db\NoRecordExists::class,- 'DbNoRecordExists' => Db\NoRecordExists::class,- 'dbrecordexists' => Db\RecordExists::class,- 'dbRecordExists' => Db\RecordExists::class,- 'DbRecordExists' => Db\RecordExists::class,- 'digits' => Digits::class,- 'Digits' => Digits::class,- 'emailaddress' => EmailAddress::class,- 'emailAddress' => EmailAddress::class,- 'EmailAddress' => EmailAddress::class,- 'explode' => Explode::class,- 'Explode' => Explode::class,- 'filecount' => File\Count::class,- 'fileCount' => File\Count::class,- 'FileCount' => File\Count::class,- 'filecrc32' => File\Crc32::class,- 'fileCrc32' => File\Crc32::class,- 'FileCrc32' => File\Crc32::class,- 'fileexcludeextension' => File\ExcludeExtension::class,- 'fileExcludeExtension' => File\ExcludeExtension::class,- 'FileExcludeExtension' => File\ExcludeExtension::class,- 'fileexcludemimetype' => File\ExcludeMimeType::class,- 'fileExcludeMimeType' => File\ExcludeMimeType::class,- 'FileExcludeMimeType' => File\ExcludeMimeType::class,- 'fileexists' => File\Exists::class,- 'fileExists' => File\Exists::class,- 'FileExists' => File\Exists::class,- 'fileextension' => File\Extension::class,- 'fileExtension' => File\Extension::class,- 'FileExtension' => File\Extension::class,- 'filefilessize' => File\FilesSize::class,- 'fileFilesSize' => File\FilesSize::class,- 'FileFilesSize' => File\FilesSize::class,- 'filehash' => File\Hash::class,- 'fileHash' => File\Hash::class,- 'FileHash' => File\Hash::class,- 'fileimagesize' => File\ImageSize::class,- 'fileImageSize' => File\ImageSize::class,- 'FileImageSize' => File\ImageSize::class,- 'fileiscompressed' => File\IsCompressed::class,- 'fileIsCompressed' => File\IsCompressed::class,- 'FileIsCompressed' => File\IsCompressed::class,- 'fileisimage' => File\IsImage::class,- 'fileIsImage' => File\IsImage::class,- 'FileIsImage' => File\IsImage::class,- 'filemd5' => File\Md5::class,- 'fileMd5' => File\Md5::class,- 'FileMd5' => File\Md5::class,- 'filemimetype' => File\MimeType::class,- 'fileMimeType' => File\MimeType::class,- 'FileMimeType' => File\MimeType::class,- 'filenotexists' => File\NotExists::class,- 'fileNotExists' => File\NotExists::class,- 'FileNotExists' => File\NotExists::class,- 'filesha1' => File\Sha1::class,- 'fileSha1' => File\Sha1::class,- 'FileSha1' => File\Sha1::class,- 'filesize' => File\Size::class,- 'fileSize' => File\Size::class,- 'FileSize' => File\Size::class,- 'fileupload' => File\Upload::class,- 'fileUpload' => File\Upload::class,- 'FileUpload' => File\Upload::class,- 'fileuploadfile' => File\UploadFile::class,- 'fileUploadFile' => File\UploadFile::class,- 'FileUploadFile' => File\UploadFile::class,- 'filewordcount' => File\WordCount::class,- 'fileWordCount' => File\WordCount::class,- 'FileWordCount' => File\WordCount::class,- 'float' => I18nValidator\IsFloat::class,- 'Float' => I18nValidator\IsFloat::class,- 'gpspoint' => GpsPoint::class,- 'gpsPoint' => GpsPoint::class,- 'GpsPoint' => GpsPoint::class,- 'greaterthan' => GreaterThan::class,- 'greaterThan' => GreaterThan::class,- 'GreaterThan' => GreaterThan::class,- 'hex' => Hex::class,- 'Hex' => Hex::class,- 'hostname' => Hostname::class,- 'Hostname' => Hostname::class,- 'iban' => Iban::class,- 'Iban' => Iban::class,- 'identical' => Identical::class,- 'Identical' => Identical::class,- 'inarray' => InArray::class,- 'inArray' => InArray::class,- 'InArray' => InArray::class,- 'int' => I18nValidator\IsInt::class,- 'Int' => I18nValidator\IsInt::class,- 'ip' => Ip::class,- 'Ip' => Ip::class,- 'isbn' => Isbn::class,- 'Isbn' => Isbn::class,- 'isfloat' => I18nValidator\IsFloat::class,- 'isFloat' => I18nValidator\IsFloat::class,- 'IsFloat' => I18nValidator\IsFloat::class,- 'isinstanceof' => IsInstanceOf::class,- 'isInstanceOf' => IsInstanceOf::class,- 'IsInstanceOf' => IsInstanceOf::class,- 'isint' => I18nValidator\IsInt::class,- 'isInt' => I18nValidator\IsInt::class,- 'IsInt' => I18nValidator\IsInt::class,- 'lessthan' => LessThan::class,- 'lessThan' => LessThan::class,- 'LessThan' => LessThan::class,- 'notempty' => NotEmpty::class,- 'notEmpty' => NotEmpty::class,- 'NotEmpty' => NotEmpty::class,- 'phonenumber' => I18nValidator\PhoneNumber::class,- 'phoneNumber' => I18nValidator\PhoneNumber::class,- 'PhoneNumber' => I18nValidator\PhoneNumber::class,- 'postcode' => I18nValidator\PostCode::class,- 'postCode' => I18nValidator\PostCode::class,- 'PostCode' => I18nValidator\PostCode::class,- 'regex' => Regex::class,- 'Regex' => Regex::class,- 'sitemapchangefreq' => Sitemap\Changefreq::class,- 'sitemapChangefreq' => Sitemap\Changefreq::class,- 'SitemapChangefreq' => Sitemap\Changefreq::class,- 'sitemaplastmod' => Sitemap\Lastmod::class,- 'sitemapLastmod' => Sitemap\Lastmod::class,- 'SitemapLastmod' => Sitemap\Lastmod::class,- 'sitemaploc' => Sitemap\Loc::class,- 'sitemapLoc' => Sitemap\Loc::class,- 'SitemapLoc' => Sitemap\Loc::class,- 'sitemappriority' => Sitemap\Priority::class,- 'sitemapPriority' => Sitemap\Priority::class,- 'SitemapPriority' => Sitemap\Priority::class,- 'stringlength' => StringLength::class,- 'stringLength' => StringLength::class,- 'StringLength' => StringLength::class,- 'step' => Step::class,- 'Step' => Step::class,- 'timezone' => Timezone::class,- 'Timezone' => Timezone::class,- 'uri' => Uri::class,- 'Uri' => Uri::class,- 'uuid' => Uuid::class,- 'Uuid' => Uuid::class,+ 'alnum' => I18nValidator\Alnum::class,+ 'Alnum' => I18nValidator\Alnum::class,+ 'alpha' => I18nValidator\Alpha::class,+ 'Alpha' => I18nValidator\Alpha::class,+ 'barcode' => Barcode::class,+ 'Barcode' => Barcode::class,+ 'between' => Between::class,+ 'Between' => Between::class,+ 'BIC' => BusinessIdentifierCode::class,+ 'bic' => BusinessIdentifierCode::class,+ 'bitwise' => Bitwise::class,+ 'Bitwise' => Bitwise::class,+ 'BusinessIdentifierCode' => BusinessIdentifierCode::class,+ 'businessidentifiercode' => BusinessIdentifierCode::class,+ 'callback' => Callback::class,+ 'Callback' => Callback::class,+ 'creditcard' => CreditCard::class,+ 'creditCard' => CreditCard::class,+ 'CreditCard' => CreditCard::class,+ 'csrf' => Csrf::class,+ 'Csrf' => Csrf::class,+ 'date' => Date::class,+ 'Date' => Date::class,+ 'datestep' => DateStep::class,+ 'dateStep' => DateStep::class,+ 'DateStep' => DateStep::class,+ 'datetime' => I18nValidator\DateTime::class,+ 'dateTime' => I18nValidator\DateTime::class,+ 'DateTime' => I18nValidator\DateTime::class,+ 'dbnorecordexists' => Db\NoRecordExists::class,+ 'dbNoRecordExists' => Db\NoRecordExists::class,+ 'DbNoRecordExists' => Db\NoRecordExists::class,+ 'dbrecordexists' => Db\RecordExists::class,+ 'dbRecordExists' => Db\RecordExists::class,+ 'DbRecordExists' => Db\RecordExists::class,+ 'digits' => Digits::class,+ 'Digits' => Digits::class,+ 'emailaddress' => EmailAddress::class,+ 'emailAddress' => EmailAddress::class,+ 'EmailAddress' => EmailAddress::class,+ 'explode' => Explode::class,+ 'Explode' => Explode::class,+ 'filecount' => File\Count::class,+ 'fileCount' => File\Count::class,+ 'FileCount' => File\Count::class,+ 'filecrc32' => File\Crc32::class,+ 'fileCrc32' => File\Crc32::class,+ 'FileCrc32' => File\Crc32::class,+ 'fileexcludeextension' => File\ExcludeExtension::class,+ 'fileExcludeExtension' => File\ExcludeExtension::class,+ 'FileExcludeExtension' => File\ExcludeExtension::class,+ 'fileexcludemimetype' => File\ExcludeMimeType::class,+ 'fileExcludeMimeType' => File\ExcludeMimeType::class,+ 'FileExcludeMimeType' => File\ExcludeMimeType::class,+ 'fileexists' => File\Exists::class,+ 'fileExists' => File\Exists::class,+ 'FileExists' => File\Exists::class,+ 'fileextension' => File\Extension::class,+ 'fileExtension' => File\Extension::class,+ 'FileExtension' => File\Extension::class,+ 'filefilessize' => File\FilesSize::class,+ 'fileFilesSize' => File\FilesSize::class,+ 'FileFilesSize' => File\FilesSize::class,+ 'filehash' => File\Hash::class,+ 'fileHash' => File\Hash::class,+ 'FileHash' => File\Hash::class,+ 'fileimagesize' => File\ImageSize::class,+ 'fileImageSize' => File\ImageSize::class,+ 'FileImageSize' => File\ImageSize::class,+ 'fileiscompressed' => File\IsCompressed::class,+ 'fileIsCompressed' => File\IsCompressed::class,+ 'FileIsCompressed' => File\IsCompressed::class,+ 'fileisimage' => File\IsImage::class,+ 'fileIsImage' => File\IsImage::class,+ 'FileIsImage' => File\IsImage::class,+ 'filemd5' => File\Md5::class,+ 'fileMd5' => File\Md5::class,+ 'FileMd5' => File\Md5::class,+ 'filemimetype' => File\MimeType::class,+ 'fileMimeType' => File\MimeType::class,+ 'FileMimeType' => File\MimeType::class,+ 'filenotexists' => File\NotExists::class,+ 'fileNotExists' => File\NotExists::class,+ 'FileNotExists' => File\NotExists::class,+ 'filesha1' => File\Sha1::class,+ 'fileSha1' => File\Sha1::class,+ 'FileSha1' => File\Sha1::class,+ 'filesize' => File\Size::class,+ 'fileSize' => File\Size::class,+ 'FileSize' => File\Size::class,+ 'fileupload' => File\Upload::class,+ 'fileUpload' => File\Upload::class,+ 'FileUpload' => File\Upload::class,+ 'fileuploadfile' => File\UploadFile::class,+ 'fileUploadFile' => File\UploadFile::class,+ 'FileUploadFile' => File\UploadFile::class,+ 'filewordcount' => File\WordCount::class,+ 'fileWordCount' => File\WordCount::class,+ 'FileWordCount' => File\WordCount::class,+ 'float' => I18nValidator\IsFloat::class,+ 'Float' => I18nValidator\IsFloat::class,+ 'gpspoint' => GpsPoint::class,+ 'gpsPoint' => GpsPoint::class,+ 'GpsPoint' => GpsPoint::class,+ 'greaterthan' => GreaterThan::class,+ 'greaterThan' => GreaterThan::class,+ 'GreaterThan' => GreaterThan::class,+ 'hex' => Hex::class,+ 'Hex' => Hex::class,+ 'hostname' => Hostname::class,+ 'Hostname' => Hostname::class,+ 'iban' => Iban::class,+ 'Iban' => Iban::class,+ 'identical' => Identical::class,+ 'Identical' => Identical::class,+ 'inarray' => InArray::class,+ 'inArray' => InArray::class,+ 'InArray' => InArray::class,+ 'int' => I18nValidator\IsInt::class,+ 'Int' => I18nValidator\IsInt::class,+ 'ip' => Ip::class,+ 'Ip' => Ip::class,+ 'IsArray' => IsArray::class,+ 'isbn' => Isbn::class,+ 'Isbn' => Isbn::class,+ 'isCountable' => IsCountable::class,+ 'IsCountable' => IsCountable::class,+ 'iscountable' => IsCountable::class,+ 'isfloat' => I18nValidator\IsFloat::class,+ 'isFloat' => I18nValidator\IsFloat::class,+ 'IsFloat' => I18nValidator\IsFloat::class,+ 'isinstanceof' => IsInstanceOf::class,+ 'isInstanceOf' => IsInstanceOf::class,+ 'IsInstanceOf' => IsInstanceOf::class,+ 'isint' => I18nValidator\IsInt::class,+ 'isInt' => I18nValidator\IsInt::class,+ 'IsInt' => I18nValidator\IsInt::class,+ 'lessthan' => LessThan::class,+ 'lessThan' => LessThan::class,+ 'LessThan' => LessThan::class,+ 'notempty' => NotEmpty::class,+ 'notEmpty' => NotEmpty::class,+ 'NotEmpty' => NotEmpty::class,+ 'phonenumber' => I18nValidator\PhoneNumber::class,+ 'phoneNumber' => I18nValidator\PhoneNumber::class,+ 'PhoneNumber' => I18nValidator\PhoneNumber::class,+ 'postcode' => I18nValidator\PostCode::class,+ 'postCode' => I18nValidator\PostCode::class,+ 'PostCode' => I18nValidator\PostCode::class,+ 'regex' => Regex::class,+ 'Regex' => Regex::class,+ 'sitemapchangefreq' => Sitemap\Changefreq::class,+ 'sitemapChangefreq' => Sitemap\Changefreq::class,+ 'SitemapChangefreq' => Sitemap\Changefreq::class,+ 'sitemaplastmod' => Sitemap\Lastmod::class,+ 'sitemapLastmod' => Sitemap\Lastmod::class,+ 'SitemapLastmod' => Sitemap\Lastmod::class,+ 'sitemaploc' => Sitemap\Loc::class,+ 'sitemapLoc' => Sitemap\Loc::class,+ 'SitemapLoc' => Sitemap\Loc::class,+ 'sitemappriority' => Sitemap\Priority::class,+ 'sitemapPriority' => Sitemap\Priority::class,+ 'SitemapPriority' => Sitemap\Priority::class,+ 'stringlength' => StringLength::class,+ 'stringLength' => StringLength::class,+ 'StringLength' => StringLength::class,+ 'step' => Step::class,+ 'Step' => Step::class,+ 'timezone' => Timezone::class,+ 'Timezone' => Timezone::class,+ 'uri' => Uri::class,+ 'Uri' => Uri::class,+ 'uuid' => Uuid::class,+ 'Uuid' => Uuid::class, // Legacy Zend Framework aliases- \Zend\I18n\Validator\Alnum::class => I18nValidator\Alnum::class,- \Zend\I18n\Validator\Alpha::class => I18nValidator\Alpha::class,- \Zend\Validator\Barcode::class => Barcode::class,- \Zend\Validator\Between::class => Between::class,- \Zend\Validator\Bitwise::class => Bitwise::class,- \Zend\Validator\Callback::class => Callback::class,- \Zend\Validator\CreditCard::class => CreditCard::class,- \Zend\Validator\Csrf::class => Csrf::class,- \Zend\Validator\DateStep::class => DateStep::class,- \Zend\Validator\Date::class => Date::class,- \Zend\I18n\Validator\DateTime::class => I18nValidator\DateTime::class,- \Zend\Validator\Db\NoRecordExists::class => Db\NoRecordExists::class,- \Zend\Validator\Db\RecordExists::class => Db\RecordExists::class,- \Zend\Validator\Digits::class => Digits::class,- \Zend\Validator\EmailAddress::class => EmailAddress::class,- \Zend\Validator\Explode::class => Explode::class,- \Zend\Validator\File\Count::class => File\Count::class,- \Zend\Validator\File\Crc32::class => File\Crc32::class,- \Zend\Validator\File\ExcludeExtension::class => File\ExcludeExtension::class,- \Zend\Validator\File\ExcludeMimeType::class => File\ExcludeMimeType::class,- \Zend\Validator\File\Exists::class => File\Exists::class,- \Zend\Validator\File\Extension::class => File\Extension::class,- \Zend\Validator\File\FilesSize::class => File\FilesSize::class,- \Zend\Validator\File\Hash::class => File\Hash::class,- \Zend\Validator\File\ImageSize::class => File\ImageSize::class,- \Zend\Validator\File\IsCompressed::class => File\IsCompressed::class,- \Zend\Validator\File\IsImage::class => File\IsImage::class,- \Zend\Validator\File\Md5::class => File\Md5::class,- \Zend\Validator\File\MimeType::class => File\MimeType::class,- \Zend\Validator\File\NotExists::class => File\NotExists::class,- \Zend\Validator\File\Sha1::class => File\Sha1::class,- \Zend\Validator\File\Size::class => File\Size::class,- \Zend\Validator\File\Upload::class => File\Upload::class,- \Zend\Validator\File\UploadFile::class => File\UploadFile::class,- \Zend\Validator\File\WordCount::class => File\WordCount::class,- \Zend\I18n\Validator\IsFloat::class => I18nValidator\IsFloat::class,- \Zend\Validator\GpsPoint::class => GpsPoint::class,- \Zend\Validator\GreaterThan::class => GreaterThan::class,- \Zend\Validator\Hex::class => Hex::class,- \Zend\Validator\Hostname::class => Hostname::class,- \Zend\Validator\Iban::class => Iban::class,- \Zend\Validator\Identical::class => Identical::class,- \Zend\Validator\InArray::class => InArray::class,- \Zend\I18n\Validator\IsInt::class => I18nValidator\IsInt::class,- \Zend\Validator\Ip::class => Ip::class,- \Zend\Validator\Isbn::class => Isbn::class,- \Zend\Validator\IsInstanceOf::class => IsInstanceOf::class,- \Zend\Validator\LessThan::class => LessThan::class,- \Zend\Validator\NotEmpty::class => NotEmpty::class,- \Zend\I18n\Validator\PhoneNumber::class => I18nValidator\PhoneNumber::class,- \Zend\I18n\Validator\PostCode::class => I18nValidator\PostCode::class,- \Zend\Validator\Regex::class => Regex::class,- \Zend\Validator\Sitemap\Changefreq::class => Sitemap\Changefreq::class,- \Zend\Validator\Sitemap\Lastmod::class => Sitemap\Lastmod::class,- \Zend\Validator\Sitemap\Loc::class => Sitemap\Loc::class,- \Zend\Validator\Sitemap\Priority::class => Sitemap\Priority::class,- \Zend\Validator\StringLength::class => StringLength::class,- \Zend\Validator\Step::class => Step::class,- \Zend\Validator\Timezone::class => Timezone::class,- \Zend\Validator\Uri::class => Uri::class,- \Zend\Validator\Uuid::class => Uuid::class,+ 'Zend\I18nValidator\Alnum' => I18nValidator\Alnum::class,+ 'Zend\I18n\Validator\Alpha' => I18nValidator\Alpha::class,+ 'Zend\Validator\Barcode' => Barcode::class,+ 'Zend\Validator\Between' => Between::class,+ 'Zend\Validator\Bitwise' => Bitwise::class,+ 'Zend\Validator\Callback' => Callback::class,+ 'Zend\Validator\CreditCard' => CreditCard::class,+ 'Zend\Validator\Csrf' => Csrf::class,+ 'Zend\Validator\DateStep' => DateStep::class,+ 'Zend\Validator\Date' => Date::class,+ 'Zend\I18n\Validator\DateTime' => I18nValidator\DateTime::class,+ 'Zend\Validator\Db\NoRecordExists' => Db\NoRecordExists::class,+ 'Zend\Validator\Db\RecordExists' => Db\RecordExists::class,+ 'Zend\Validator\Digits' => Digits::class,+ 'Zend\Validator\EmailAddress' => EmailAddress::class,+ 'Zend\Validator\Explode' => Explode::class,+ 'Zend\Validator\File\Count' => File\Count::class,+ 'Zend\Validator\File\Crc32' => File\Crc32::class,+ 'Zend\Validator\File\ExcludeExtension' => File\ExcludeExtension::class,+ 'Zend\Validator\File\ExcludeMimeType' => File\ExcludeMimeType::class,+ 'Zend\Validator\File\Exists' => File\Exists::class,+ 'Zend\Validator\File\Extension' => File\Extension::class,+ 'Zend\Validator\File\FilesSize' => File\FilesSize::class,+ 'Zend\Validator\File\Hash' => File\Hash::class,+ 'Zend\Validator\File\ImageSize' => File\ImageSize::class,+ 'Zend\Validator\File\IsCompressed' => File\IsCompressed::class,+ 'Zend\Validator\File\IsImage' => File\IsImage::class,+ 'Zend\Validator\File\Md5' => File\Md5::class,+ 'Zend\Validator\File\MimeType' => File\MimeType::class,+ 'Zend\Validator\File\NotExists' => File\NotExists::class,+ 'Zend\Validator\File\Sha1' => File\Sha1::class,+ 'Zend\Validator\File\Size' => File\Size::class,+ 'Zend\Validator\File\Upload' => File\Upload::class,+ 'Zend\Validator\File\UploadFile' => File\UploadFile::class,+ 'Zend\Validator\File\WordCount' => File\WordCount::class,+ 'Zend\I18n\Validator\IsFloatIsFloat' => I18nValidator\IsFloat::class,+ 'Zend\Validator\GpsPoint' => GpsPoint::class,+ 'Zend\Validator\GreaterThan' => GreaterThan::class,+ 'Zend\Validator\Hex' => Hex::class,+ 'Zend\Validator\Hostname' => Hostname::class,+ 'Zend\Validator\Iban' => Iban::class,+ 'Zend\Validator\Identical' => Identical::class,+ 'Zend\Validator\InArray' => InArray::class,+ 'Zend\I18n\Validator\IsInt' => I18nValidator\IsInt::class,+ 'Zend\Validator\Ip' => Ip::class,+ 'Zend\Validator\Isbn' => Isbn::class,+ 'Zend\Validator\IsInstanceOf' => IsInstanceOf::class,+ 'Zend\Validator\LessThan' => LessThan::class,+ 'Zend\Validator\NotEmpty' => NotEmpty::class,+ 'Zend\I18n\Validator\PhoneNumber' => I18nValidator\PhoneNumber::class,+ 'Zend\I18n\Validator\PostCode' => I18nValidator\PostCode::class,+ 'Zend\Validator\Regex' => Regex::class,+ 'Zend\Validator\Sitemap\Changefreq' => Sitemap\Changefreq::class,+ 'Zend\Validator\Sitemap\Lastmod' => Sitemap\Lastmod::class,+ 'Zend\Validator\Sitemap\Loc' => Sitemap\Loc::class,+ 'Zend\Validator\Sitemap\Priority' => Sitemap\Priority::class,+ 'Zend\Validator\StringLength' => StringLength::class,+ 'Zend\Validator\Step' => Step::class,+ 'Zend\Validator\Timezone' => Timezone::class,+ 'Zend\Validator\Uri' => Uri::class,+ 'Zend\Validator\Uuid' => Uuid::class, // v2 normalized FQCNs- 'zendvalidatorbarcode' => Barcode::class,- 'zendvalidatorbetween' => Between::class,- 'zendvalidatorbitwise' => Bitwise::class,- 'zendvalidatorcallback' => Callback::class,- 'zendvalidatorcreditcard' => CreditCard::class,- 'zendvalidatorcsrf' => Csrf::class,- 'zendvalidatordatestep' => DateStep::class,- 'zendvalidatordate' => Date::class,- 'zendvalidatordbnorecordexists' => Db\NoRecordExists::class,- 'zendvalidatordbrecordexists' => Db\RecordExists::class,- 'zendvalidatordigits' => Digits::class,- 'zendvalidatoremailaddress' => EmailAddress::class,- 'zendvalidatorexplode' => Explode::class,- 'zendvalidatorfilecount' => File\Count::class,- 'zendvalidatorfilecrc32' => File\Crc32::class,+ 'zendvalidatorbarcode' => Barcode::class,+ 'zendvalidatorbetween' => Between::class,+ 'zendvalidatorbitwise' => Bitwise::class,+ 'zendvalidatorcallback' => Callback::class,+ 'zendvalidatorcreditcard' => CreditCard::class,+ 'zendvalidatorcsrf' => Csrf::class,+ 'zendvalidatordatestep' => DateStep::class,+ 'zendvalidatordate' => Date::class,+ 'zendvalidatordbnorecordexists' => Db\NoRecordExists::class,+ 'zendvalidatordbrecordexists' => Db\RecordExists::class,+ 'zendvalidatordigits' => Digits::class,+ 'zendvalidatoremailaddress' => EmailAddress::class,+ 'zendvalidatorexplode' => Explode::class,+ 'zendvalidatorfilecount' => File\Count::class,+ 'zendvalidatorfilecrc32' => File\Crc32::class, 'zendvalidatorfileexcludeextension' => File\ExcludeExtension::class,- 'zendvalidatorfileexcludemimetype' => File\ExcludeMimeType::class,- 'zendvalidatorfileexists' => File\Exists::class,- 'zendvalidatorfileextension' => File\Extension::class,- 'zendvalidatorfilefilessize' => File\FilesSize::class,- 'zendvalidatorfilehash' => File\Hash::class,- 'zendvalidatorfileimagesize' => File\ImageSize::class,- 'zendvalidatorfileiscompressed' => File\IsCompressed::class,- 'zendvalidatorfileisimage' => File\IsImage::class,- 'zendvalidatorfilemd5' => File\Md5::class,- 'zendvalidatorfilemimetype' => File\MimeType::class,- 'zendvalidatorfilenotexists' => File\NotExists::class,- 'zendvalidatorfilesha1' => File\Sha1::class,- 'zendvalidatorfilesize' => File\Size::class,- 'zendvalidatorfileupload' => File\Upload::class,- 'zendvalidatorfileuploadfile' => File\UploadFile::class,- 'zendvalidatorfilewordcount' => File\WordCount::class,- 'zendvalidatorgpspoint' => GpsPoint::class,- 'zendvalidatorgreaterthan' => GreaterThan::class,- 'zendvalidatorhex' => Hex::class,- 'zendvalidatorhostname' => Hostname::class,- 'zendi18nvalidatoralnum' => I18nValidator\Alnum::class,- 'zendi18nvalidatoralpha' => I18nValidator\Alpha::class,- 'zendi18nvalidatordatetime' => I18nValidator\DateTime::class,- 'zendi18nvalidatorisfloat' => I18nValidator\IsFloat::class,- 'zendi18nvalidatorisint' => I18nValidator\IsInt::class,- 'zendi18nvalidatorphonenumber' => I18nValidator\PhoneNumber::class,- 'zendi18nvalidatorpostcode' => I18nValidator\PostCode::class,- 'zendvalidatoriban' => Iban::class,- 'zendvalidatoridentical' => Identical::class,- 'zendvalidatorinarray' => InArray::class,- 'zendvalidatorip' => Ip::class,- 'zendvalidatorisbn' => Isbn::class,- 'zendvalidatorisinstanceof' => IsInstanceOf::class,- 'zendvalidatorlessthan' => LessThan::class,- 'zendvalidatornotempty' => NotEmpty::class,- 'zendvalidatorregex' => Regex::class,- 'zendvalidatorsitemapchangefreq' => Sitemap\Changefreq::class,- 'zendvalidatorsitemaplastmod' => Sitemap\Lastmod::class,- 'zendvalidatorsitemaploc' => Sitemap\Loc::class,- 'zendvalidatorsitemappriority' => Sitemap\Priority::class,- 'zendvalidatorstringlength' => StringLength::class,- 'zendvalidatorstep' => Step::class,- 'zendvalidatortimezone' => Timezone::class,- 'zendvalidatoruri' => Uri::class,- 'zendvalidatoruuid' => Uuid::class,+ 'zendvalidatorfileexcludemimetype' => File\ExcludeMimeType::class,+ 'zendvalidatorfileexists' => File\Exists::class,+ 'zendvalidatorfileextension' => File\Extension::class,+ 'zendvalidatorfilefilessize' => File\FilesSize::class,+ 'zendvalidatorfilehash' => File\Hash::class,+ 'zendvalidatorfileimagesize' => File\ImageSize::class,+ 'zendvalidatorfileiscompressed' => File\IsCompressed::class,+ 'zendvalidatorfileisimage' => File\IsImage::class,+ 'zendvalidatorfilemd5' => File\Md5::class,+ 'zendvalidatorfilemimetype' => File\MimeType::class,+ 'zendvalidatorfilenotexists' => File\NotExists::class,+ 'zendvalidatorfilesha1' => File\Sha1::class,+ 'zendvalidatorfilesize' => File\Size::class,+ 'zendvalidatorfileupload' => File\Upload::class,+ 'zendvalidatorfileuploadfile' => File\UploadFile::class,+ 'zendvalidatorfilewordcount' => File\WordCount::class,+ 'zendvalidatorgpspoint' => GpsPoint::class,+ 'zendvalidatorgreaterthan' => GreaterThan::class,+ 'zendvalidatorhex' => Hex::class,+ 'zendvalidatorhostname' => Hostname::class,+ 'zendi18nvalidatoralnum' => I18nValidator\Alnum::class,+ 'zendi18nvalidatoralpha' => I18nValidator\Alpha::class,+ 'zendi18nvalidatordatetime' => I18nValidator\DateTime::class,+ 'zendi18nvalidatorisfloat' => I18nValidator\IsFloat::class,+ 'zendi18nvalidatorisint' => I18nValidator\IsInt::class,+ 'zendi18nvalidatorphonenumber' => I18nValidator\PhoneNumber::class,+ 'zendi18nvalidatorpostcode' => I18nValidator\PostCode::class,+ 'zendvalidatoriban' => Iban::class,+ 'zendvalidatoridentical' => Identical::class,+ 'zendvalidatorinarray' => InArray::class,+ 'zendvalidatorip' => Ip::class,+ 'zendvalidatorisbn' => Isbn::class,+ 'zendvalidatorisinstanceof' => IsInstanceOf::class,+ 'zendvalidatorlessthan' => LessThan::class,+ 'zendvalidatornotempty' => NotEmpty::class,+ 'zendvalidatorregex' => Regex::class,+ 'zendvalidatorsitemapchangefreq' => Sitemap\Changefreq::class,+ 'zendvalidatorsitemaplastmod' => Sitemap\Lastmod::class,+ 'zendvalidatorsitemaploc' => Sitemap\Loc::class,+ 'zendvalidatorsitemappriority' => Sitemap\Priority::class,+ 'zendvalidatorstringlength' => StringLength::class,+ 'zendvalidatorstep' => Step::class,+ 'zendvalidatortimezone' => Timezone::class,+ 'zendvalidatoruri' => Uri::class,+ 'zendvalidatoruuid' => Uuid::class, ]; /** * Default set of factories *- * @var array+ * @inheritDoc */ protected $factories = [- I18nValidator\Alnum::class => InvokableFactory::class,- I18nValidator\Alpha::class => InvokableFactory::class,- Barcode::class => InvokableFactory::class,- Between::class => InvokableFactory::class,- Bitwise::class => InvokableFactory::class,- Callback::class => InvokableFactory::class,- CreditCard::class => InvokableFactory::class,- Csrf::class => InvokableFactory::class,- DateStep::class => InvokableFactory::class,- Date::class => InvokableFactory::class,- I18nValidator\DateTime::class => InvokableFactory::class,- Db\NoRecordExists::class => InvokableFactory::class,- Db\RecordExists::class => InvokableFactory::class,- Digits::class => InvokableFactory::class,- EmailAddress::class => InvokableFactory::class,- Explode::class => InvokableFactory::class,- File\Count::class => InvokableFactory::class,- File\Crc32::class => InvokableFactory::class,- File\ExcludeExtension::class => InvokableFactory::class,- File\ExcludeMimeType::class => InvokableFactory::class,- File\Exists::class => InvokableFactory::class,- File\Extension::class => InvokableFactory::class,- File\FilesSize::class => InvokableFactory::class,- File\Hash::class => InvokableFactory::class,- File\ImageSize::class => InvokableFactory::class,- File\IsCompressed::class => InvokableFactory::class,- File\IsImage::class => InvokableFactory::class,- File\Md5::class => InvokableFactory::class,- File\MimeType::class => InvokableFactory::class,- File\NotExists::class => InvokableFactory::class,- File\Sha1::class => InvokableFactory::class,- File\Size::class => InvokableFactory::class,- File\Upload::class => InvokableFactory::class,- File\UploadFile::class => InvokableFactory::class,- File\WordCount::class => InvokableFactory::class,- I18nValidator\IsFloat::class => InvokableFactory::class,- GpsPoint::class => InvokableFactory::class,- GreaterThan::class => InvokableFactory::class,- Hex::class => InvokableFactory::class,- Hostname::class => InvokableFactory::class,- Iban::class => InvokableFactory::class,- Identical::class => InvokableFactory::class,- InArray::class => InvokableFactory::class,- I18nValidator\IsInt::class => InvokableFactory::class,- Ip::class => InvokableFactory::class,- Isbn::class => InvokableFactory::class,- I18nValidator\IsFloat::class => InvokableFactory::class,- IsInstanceOf::class => InvokableFactory::class,- I18nValidator\IsInt::class => InvokableFactory::class,- LessThan::class => InvokableFactory::class,- NotEmpty::class => InvokableFactory::class,- I18nValidator\PhoneNumber::class => InvokableFactory::class,- I18nValidator\PostCode::class => InvokableFactory::class,- Regex::class => InvokableFactory::class,- Sitemap\Changefreq::class => InvokableFactory::class,- Sitemap\Lastmod::class => InvokableFactory::class,- Sitemap\Loc::class => InvokableFactory::class,- Sitemap\Priority::class => InvokableFactory::class,- StringLength::class => InvokableFactory::class,- Step::class => InvokableFactory::class,- Timezone::class => InvokableFactory::class,- Uri::class => InvokableFactory::class,- Uuid::class => InvokableFactory::class,+ I18nValidator\Alnum::class => InvokableFactory::class,+ I18nValidator\Alpha::class => InvokableFactory::class,+ Barcode::class => InvokableFactory::class,+ Between::class => InvokableFactory::class,+ Bitwise::class => InvokableFactory::class,+ BusinessIdentifierCode::class => InvokableFactory::class,+ Callback::class => InvokableFactory::class,+ CreditCard::class => InvokableFactory::class,+ Csrf::class => InvokableFactory::class,+ DateStep::class => InvokableFactory::class,+ Date::class => InvokableFactory::class,+ I18nValidator\DateTime::class => InvokableFactory::class,+ Db\NoRecordExists::class => InvokableFactory::class,+ Db\RecordExists::class => InvokableFactory::class,+ Digits::class => InvokableFactory::class,+ EmailAddress::class => InvokableFactory::class,+ Explode::class => InvokableFactory::class,+ File\Count::class => InvokableFactory::class,+ File\Crc32::class => InvokableFactory::class,+ File\ExcludeExtension::class => InvokableFactory::class,+ File\ExcludeMimeType::class => InvokableFactory::class,+ File\Exists::class => InvokableFactory::class,+ File\Extension::class => InvokableFactory::class,+ File\FilesSize::class => InvokableFactory::class,+ File\Hash::class => InvokableFactory::class,+ File\ImageSize::class => InvokableFactory::class,+ File\IsCompressed::class => InvokableFactory::class,+ File\IsImage::class => InvokableFactory::class,+ File\Md5::class => InvokableFactory::class,+ File\MimeType::class => InvokableFactory::class,+ File\NotExists::class => InvokableFactory::class,+ File\Sha1::class => InvokableFactory::class,+ File\Size::class => InvokableFactory::class,+ File\Upload::class => InvokableFactory::class,+ File\UploadFile::class => InvokableFactory::class,+ File\WordCount::class => InvokableFactory::class,+ I18nValidator\IsFloat::class => InvokableFactory::class,+ GpsPoint::class => InvokableFactory::class,+ GreaterThan::class => InvokableFactory::class,+ Hex::class => InvokableFactory::class,+ Hostname::class => InvokableFactory::class,+ Iban::class => InvokableFactory::class,+ Identical::class => InvokableFactory::class,+ InArray::class => InvokableFactory::class,+ I18nValidator\IsInt::class => InvokableFactory::class,+ Ip::class => InvokableFactory::class,+ IsArray::class => InvokableFactory::class,+ Isbn::class => InvokableFactory::class,+ IsCountable::class => InvokableFactory::class,+ IsInstanceOf::class => InvokableFactory::class,+ IsJsonString::class => InvokableFactory::class,+ LessThan::class => InvokableFactory::class,+ NotEmpty::class => InvokableFactory::class,+ I18nValidator\PhoneNumber::class => InvokableFactory::class,+ I18nValidator\PostCode::class => InvokableFactory::class,+ Regex::class => InvokableFactory::class,+ Sitemap\Changefreq::class => InvokableFactory::class,+ Sitemap\Lastmod::class => InvokableFactory::class,+ Sitemap\Loc::class => InvokableFactory::class,+ Sitemap\Priority::class => InvokableFactory::class,+ StringLength::class => InvokableFactory::class,+ Step::class => InvokableFactory::class,+ Timezone::class => InvokableFactory::class,+ Uri::class => InvokableFactory::class,+ Uuid::class => InvokableFactory::class, // v2 canonical FQCNs- 'laminasvalidatorbarcodecode25interleaved' => InvokableFactory::class, 'laminasvalidatorbarcodecode25' => InvokableFactory::class, 'laminasvalidatorbarcodecode39ext' => InvokableFactory::class,@@ -463,6 +476,7 @@ 'laminasvalidatorinarray' => InvokableFactory::class, 'laminasvalidatorip' => InvokableFactory::class, 'laminasvalidatorisbn' => InvokableFactory::class,+ 'laminasvalidatoriscountable' => InvokableFactory::class, 'laminasvalidatorisinstanceof' => InvokableFactory::class, 'laminasvalidatorlessthan' => InvokableFactory::class, 'laminasvalidatornotempty' => InvokableFactory::class,@@ -495,7 +509,7 @@ /** * Default instance type *- * @var string+ * @inheritDoc */ protected $instanceOf = ValidatorInterface::class;@@ -506,6 +520,8 @@ * attached translator, if any, to the currently requested helper. * * {@inheritDoc}+ *+ * @param ServiceManagerConfiguration $v3config */ public function __construct($configOrContainerInstance = null, array $v3config = []) {@@ -516,18 +532,17 @@ } /**- * Validate plugin instance- *- * {@inheritDoc}- */- public function validate($plugin)+ * @param mixed $instance+ * @psalm-assert ValidatorInterface $instance+ */+ public function validate($instance) {- if (! $plugin instanceof $this->instanceOf) {+ if (! $instance instanceof $this->instanceOf) { throw new InvalidServiceException(sprintf( '%s expects only to create instances of %s; %s is invalid',- get_class($this),- $this->instanceOf,- is_object($plugin) ? get_class($plugin) : gettype($plugin)+ static::class,+ (string) $this->instanceOf,+ get_debug_type($instance) )); } }@@ -537,17 +552,17 @@ * * Proxies to `validate()`. *- * @param mixed $plugin+ * @return void * @throws Exception\RuntimeException */- public function validatePlugin($plugin)+ public function validatePlugin(mixed $plugin) { try { $this->validate($plugin); } catch (InvalidServiceException $e) { throw new Exception\RuntimeException(sprintf( 'Plugin of type %s is invalid; must implement %s',- is_object($plugin) ? get_class($plugin) : gettype($plugin),+ get_debug_type($plugin), ValidatorInterface::class ), $e->getCode(), $e); }@@ -570,15 +585,27 @@ $validator = $first; }+ if (! $validator instanceof Translator\TranslatorAwareInterface) {+ return;+ }+ // V2 means we pull it from the parent container if ($container === $this && method_exists($container, 'getServiceLocator') && $container->getServiceLocator()) { $container = $container->getServiceLocator(); }- if ($validator instanceof Translator\TranslatorAwareInterface) {- if ($container && $container->has('MvcTranslator')) {- $validator->setTranslator($container->get('MvcTranslator'));- }+ if (! $container instanceof ContainerInterface) {+ return;+ }++ if ($container->has('MvcTranslator')) {+ $validator->setTranslator($container->get('MvcTranslator'));++ return;+ }++ if ($container->has(TranslatorInterface::class)) {+ $validator->setTranslator($container->get(Translator\TranslatorInterface::class)); } }@@ -592,10 +619,8 @@ public function injectValidatorPluginManager($first, $second) { if ($first instanceof ContainerInterface) {- $container = $first; $validator = $second; } else {- $container = $second; $validator = $first; } if ($validator instanceof ValidatorPluginManagerAwareInterface) {
After analyzing the provided code diff, I don't see any clear security vulnerabilities being fixed. The changes appear to be primarily: 1. Adding new validator aliases (BusinessIdentifierCode, IsArray, IsCountable, IsJsonString) 2. Updating documentation and type hints 3. Improving translator injection logic 4. General code cleanup and modernization Here are the structured responses as requested: Vulnerability Existed: no No specific security vulnerability [File] [Lines] [Old Code] [Fixed Code] Vulnerability Existed: no Code improvements and new features [File] [Lines] [Old Code] [Fixed Code] The changes seem focused on: - Adding new validator types - Improving type safety - Better documentation - More robust translator handling - Cleaner code organization None of these changes appear to be addressing security vulnerabilities, but rather adding functionality and improving code quality. The diff shows version upgrades and maintenance improvements rather than security patches. If there were any security implications, they would be very subtle (like the improved type checking potentially preventing some edge cases), but nothing clearly identifiable as a security fix in this diff.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/File/IsImage.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/File/IsImage.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Validator\File;@@ -19,13 +13,11 @@ /** * @const string Error constants */- const FALSE_TYPE = 'fileIsImageFalseType';- const NOT_DETECTED = 'fileIsImageNotDetected';- const NOT_READABLE = 'fileIsImageNotReadable';+ public const FALSE_TYPE = 'fileIsImageFalseType';+ public const NOT_DETECTED = 'fileIsImageNotDetected';+ public const NOT_READABLE = 'fileIsImageNotReadable';- /**- * @var array Error message templates- */+ /** @inheritDoc */ protected $messageTemplates = [ self::FALSE_TYPE => "File is no image, '%type%' detected", self::NOT_DETECTED => 'The mimetype could not be detected from the file',@@ -59,6 +51,8 @@ 'image/cgm', 'image/fif', 'image/gif',+ 'image/heic',+ 'image/heif', 'image/jpeg', 'image/jpm', 'image/jpx',
Analyzing the provided code diff, here are the security-related observations:
1. Vulnerability Existed: not sure
[Potential Information Disclosure] [include/laminas-mail/vendor/laminas/laminas-validator/src/File/IsImage.php] [Lines 1-10]
[Old Code]
<?php
/**
* @see https://github.com/laminas/laminas-validator for the canonical source repository
* @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md
* @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License
*/
[Fixed Code]
<?php
Note: While this change removes copyright/license information, it's not clear if this constitutes a security vulnerability. It might be considered an information disclosure issue if sensitive project details were exposed.
2. Vulnerability Existed: yes
[Constant Visibility Issue] [include/laminas-mail/vendor/laminas/laminas-validator/src/File/IsImage.php] [Lines 19-21]
[Old Code]
const FALSE_TYPE = 'fileIsImageFalseType';
const NOT_DETECTED = 'fileIsImageNotDetected';
const NOT_READABLE = 'fileIsImageNotReadable';
[Fixed Code]
public const FALSE_TYPE = 'fileIsImageFalseType';
public const NOT_DETECTED = 'fileIsImageNotDetected';
public const NOT_READABLE = 'fileIsImageNotReadable';
Note: The change adds explicit public visibility to constants, which is a security best practice to prevent unintended access.
3. Vulnerability Existed: yes
[Incomplete Image MIME Type Validation] [include/laminas-mail/vendor/laminas/laminas-validator/src/File/IsImage.php] [Lines 59-61]
[Old Code]
'image/gif',
[Fixed Code]
'image/gif',
'image/heic',
'image/heif',
Note: The change adds support for HEIC/HEIF image formats, which could be considered a security fix as it prevents false negatives when validating these modern image formats. Without these MIME types, valid HEIC/HEIF images might be incorrectly rejected.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Transport/Envelope.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Transport/Envelope.php@@ -1,25 +1,18 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Transport; use Laminas\Stdlib\AbstractOptions;+/**+ * @extends AbstractOptions<string|list<string>>+ */ class Envelope extends AbstractOptions {- /**- * @var string|null- */+ /** @var string|null */ protected $from;- /**- * @var string|null- */+ /** @var string|null */ protected $to; /**
Based on the provided code diff, I'll analyze it for security vulnerabilities: 1. Vulnerability Existed: no The changes appear to be primarily documentation and code style improvements rather than security fixes. The main changes are: - Removal of the file header comment block - Addition of a more specific type hint for AbstractOptions - Simplification of property docblocks 2. Vulnerability Existed: no The changes don't indicate any security vulnerabilities being fixed. The modifications are: - Old Code: Had verbose docblocks and header comments - Fixed Code: More concise docblocks and added type information Additional Details: - No specific vulnerability names apply here as these are documentation/type hint improvements - The changes improve code maintainability but don't address security flaws - The type hint addition (`@extends AbstractOptions<string|list<string>>`) might help prevent type-related bugs but wasn't fixing an existing vulnerability The diff shows code quality improvements rather than security fixes. The changes are focused on: 1. Removing redundant documentation 2. Adding more precise type information 3. Simplifying property annotations No security vulnerabilities were identified in this diff.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Exception/ContainerModificationsNotAllowedException.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Exception/ContainerModificationsNotAllowedException.php@@ -1,18 +1,25 @@ <?php-/**- * @see https://github.com/laminas/laminas-servicemanager for the canonical source repository- * @copyright https://github.com/laminas/laminas-servicemanager/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-servicemanager/blob/master/LICENSE.md New BSD License- */+declare(strict_types=1); namespace Laminas\ServiceManager\Exception; use DomainException;-/**- * @inheritDoc- */+use function sprintf;+ class ContainerModificationsNotAllowedException extends DomainException implements ExceptionInterface {+ /**+ * @param string $service Name of service that already exists.+ */+ public static function fromExistingService(string $service): self+ {+ return new self(sprintf(+ 'The container does not allow replacing or updating a service'+ . ' with existing instances; the following service'+ . ' already exists in the container: %s',+ $service+ ));+ } }
Based on the provided diff, I'll analyze it for security vulnerabilities:
Vulnerability Existed: no
No specific vulnerability [include/laminas-mail/vendor/laminas/laminas-servicemanager/src/Exception/ContainerModificationsNotAllowedException.php] [1-18]
[Old code with just basic exception class]
[Added static factory method with better error message]
The changes appear to be:
1. Added strict_types declaration
2. Added a static factory method for creating the exception with a more descriptive message
3. Added proper PHPDoc documentation
These changes are quality improvements rather than security fixes. The modification adds functionality (a factory method) and improves code quality but doesn't address any specific security vulnerability. The exception class is used to indicate when container modifications aren't allowed, which is a business logic constraint rather than a security issue.
No security vulnerabilities were identified in this diff. The changes are primarily about code quality and maintainability improvements.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/scp/ajax.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/scp/ajax.php@@ -244,7 +244,7 @@ url_get('^(?P<tid>\d+)/collaborators/(?P<manage>\d+)$', 'showCollaborators'), url_post('^(?P<tid>\d+)/collaborators$', 'updateCollaborators'), url_get('^(?P<tid>\d+)/add-collaborator/(?P<type>\w+)/(?P<uid>\d+)$', 'addCollaborator'),- url_get('^(?P<tid>\d+)/add-collaborator/(?P<type>\w+)/auth:(?P<bk>\w+):(?P<id>.+)$', 'addRemoteCollaborator'),+ url_get('^(?P<tid>\d+)/add-collaborator/(?P<type>\w+)/auth:(?P<bk>[\w.]+):(?P<id>.+)$', 'addRemoteCollaborator'), url('^(?P<tid>\d+)/add-collaborator/(?P<type>\w+)$', 'addCollaborator'), url_get('^(?P<tid>\d+)/collaborators/(?P<cid>\d+)/view$', 'viewCollaborator'), url_post('^(?P<tid>\d+)/collaborators/(?P<cid>\d+)$', 'updateCollaborator')
Here is the analysis of the provided code diff:
1. Vulnerability Existed: yes
**Insecure Regular Expression Pattern** [scp/ajax.php] [Lines 244]
Old Code:
`url_get('^(?P<tid>\d+)/add-collaborator/(?P<type>\w+)/auth:(?P<bk>\w+):(?P<id>.+)$', 'addRemoteCollaborator'),`
Fixed Code:
`url_get('^(?P<tid>\d+)/add-collaborator/(?P<type>\w+)/auth:(?P<bk>[\w.]+):(?P<id>.+)$', 'addRemoteCollaborator'),`
**Details:**
The old regex pattern `\w+` for the `bk` parameter was restrictive, allowing only word characters (`[A-Za-z0-9_]`). The fix expands this to include dots (`[\w.]+`), likely to accommodate additional valid characters in authentication backends (e.g., domain names or other identifiers). While not a direct security flaw, overly restrictive patterns can lead to functional bypasses or unintended behavior. The fix ensures proper handling of valid inputs.
No critical vulnerability (e.g., injection) is directly evident, but the adjustment improves robustness. If the `bk` parameter was used in security-sensitive contexts (e.g., backend selection), the old pattern might have caused issues.
Let me know if you'd like further analysis of other potential implications.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/composer/autoload_files.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/composer/autoload_files.php@@ -2,12 +2,13 @@ // autoload_files.php @generated by Composer-$vendorDir = dirname(dirname(__FILE__));+$vendorDir = dirname(__DIR__); $baseDir = dirname($vendorDir); return array(- '7e9bd612cc444b3eed788ebbe46263a0' => $vendorDir . '/laminas/laminas-zendframework-bridge/src/autoload.php',- '320cde22f66dd4f5d3fd621d3e88b98f' => $vendorDir . '/symfony/polyfill-ctype/bootstrap.php',- '6124b4c8570aa390c21fafd04a26c69f' => $vendorDir . '/myclabs/deep-copy/src/DeepCopy/deep_copy.php',+ 'c9d07b32a2e02bc0fc582d4f0c1b56cc' => $vendorDir . '/laminas/laminas-servicemanager/src/autoload.php',+ 'e69f7f6ee287b969198c3c9d6777bd38' => $vendorDir . '/symfony/polyfill-intl-normalizer/bootstrap.php',+ '25072dd6e2470089de65ae7bf11d3109' => $vendorDir . '/symfony/polyfill-php72/bootstrap.php',+ 'f598d06aa772fa33d905e87be6398fb1' => $vendorDir . '/symfony/polyfill-intl-idn/bootstrap.php', '0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => $vendorDir . '/symfony/polyfill-mbstring/bootstrap.php', );
Based on the provided code diff, I don't see any clear security vulnerabilities being fixed. The changes appear to be related to updating dependency autoload files and paths rather than addressing security issues. Here's the analysis:
1. Vulnerability Existed: no
Dependency Update [File] [include/laminas-mail/vendor/composer/autoload_files.php] [Lines 2-12]
[Old Code]
$vendorDir = dirname(dirname(__FILE__));
return array(
'7e9bd612cc444b3eed788ebbe46263a0' => $vendorDir . '/laminas/laminas-zendframework-bridge/src/autoload.php',
'320cde22f66dd4f5d3fd621d3e88b98f' => $vendorDir . '/symfony/polyfill-ctype/bootstrap.php',
'6124b4c8570aa390c21fafd04a26c69f' => $vendorDir . '/myclabs/deep-copy/src/DeepCopy/deep_copy.php',
'0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => $vendorDir . '/symfony/polyfill-mbstring/bootstrap.php',
);
[Fixed Code]
$vendorDir = dirname(__DIR__);
return array(
'c9d07b32a2e02bc0fc582d4f0c1b56cc' => $vendorDir . '/laminas/laminas-servicemanager/src/autoload.php',
'e69f7f6ee287b969198c3c9d6777bd38' => $vendorDir . '/symfony/polyfill-intl-normalizer/bootstrap.php',
'25072dd6e2470089de65ae7bf11d3109' => $vendorDir . '/symfony/polyfill-php72/bootstrap.php',
'f598d06aa772fa33d905e87be6398fb1' => $vendorDir . '/symfony/polyfill-intl-idn/bootstrap.php',
'0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => $vendorDir . '/symfony/polyfill-mbstring/bootstrap.php',
);
The changes include:
1. Updated path resolution from `dirname(dirname(__FILE__))` to `dirname(__DIR__)`
2. Replaced/added different polyfill and autoload files
3. Removed the deep-copy dependency
4. Added new polyfills for intl-normalizer, php72, and intl-idn
These appear to be routine dependency updates rather than security fixes.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Protocol/Smtp/Auth/Crammd5.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Protocol/Smtp/Auth/Crammd5.php@@ -1,34 +1,29 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Protocol\Smtp\Auth;-use Laminas\Crypt\Hmac;+use Laminas\Mail\Exception\InvalidArgumentException; use Laminas\Mail\Protocol\Smtp;++use function array_replace_recursive;+use function base64_decode;+use function base64_encode;+use function hash_hmac;+use function is_array;+use function is_string; /** * Performs CRAM-MD5 authentication */ class Crammd5 extends Smtp {- /**- * @var string- */+ /** @var non-empty-string|null */ protected $username;- /**- * @var string- */+ /** @var non-empty-string|null */ protected $password; /**- * Constructor.- * * All parameters may be passed as an array to the first argument of the * constructor. If so, *@@ -39,23 +34,18 @@ public function __construct($host = '127.0.0.1', $port = null, $config = null) { // Did we receive a configuration array?+ $config = $config ?? []; $origConfig = $config; if (is_array($host)) { // Merge config array with principal array, if provided- if (is_array($config)) {- $config = array_replace_recursive($host, $config);- } else {- $config = $host;- }+ $config = array_replace_recursive($host, $config); }- if (is_array($config)) {- if (isset($config['username'])) {- $this->setUsername($config['username']);- }- if (isset($config['password'])) {- $this->setPassword($config['password']);- }+ if (isset($config['username'])) {+ $this->setUsername($config['username']);+ }+ if (isset($config['password'])) {+ $this->setPassword($config['password']); } // Call parent with original arguments@@ -73,7 +63,7 @@ $this->_send('AUTH CRAM-MD5'); $challenge = $this->_expect(334); $challenge = base64_decode($challenge);- $digest = $this->hmacMd5($this->getPassword(), $challenge);+ $digest = $this->hmacMd5($this->getPassword(), $challenge); $this->_send(base64_encode($this->getUsername() . ' ' . $digest)); $this->_expect(235); $this->auth = true;@@ -82,7 +72,7 @@ /** * Set value for username *- * @param string $username+ * @param non-empty-string $username * @return Crammd5 */ public function setUsername($username)@@ -94,7 +84,7 @@ /** * Get username *- * @return string+ * @return non-empty-string|null */ public function getUsername() {@@ -104,7 +94,7 @@ /** * Set value for password *- * @param string $password+ * @param non-empty-string $password * @return Crammd5 */ public function setPassword($password)@@ -116,7 +106,7 @@ /** * Get password *- * @return string+ * @return non-empty-string|null */ public function getPassword() {@@ -126,13 +116,21 @@ /** * Prepare CRAM-MD5 response to server's ticket *- * @param string $key Challenge key (usually password)- * @param string $data Challenge data+ * @param non-empty-string $key Challenge key (usually password)+ * @param non-empty-string $data Challenge data * @param int $block Length of blocks (deprecated; unused) * @return string */- protected function hmacMd5($key, $data, $block = 64)+ protected function hmacMd5($key, $data, /** @deprecated */ $block = 64) {- return Hmac::compute($key, 'md5', $data);+ if (! is_string($key) || $key === '') {+ throw new InvalidArgumentException('CramMD5 authentication requires a non-empty password');+ }++ if (! is_string($data) || $data === '') {+ throw new InvalidArgumentException('CramMD5 authentication requires a non-empty challenge');+ }++ return hash_hmac('md5', $data, $key, false); } }
Here's the analysis of the provided code diff for security fixes:
1. Vulnerability Existed: yes
Weak Cryptographic Algorithm [include/laminas-mail/src/Protocol/Smtp/Auth/Crammd5.php] [Lines 121-129]
[Old Code]
protected function hmacMd5($key, $data, $block = 64)
{
return Hmac::compute($key, 'md5', $data);
}
[Fixed Code]
protected function hmacMd5($key, $data, /** @deprecated */ $block = 64)
{
if (! is_string($key) || $key === '') {
throw new InvalidArgumentException('CramMD5 authentication requires a non-empty password');
}
if (! is_string($data) || $data === '') {
throw new InvalidArgumentException('CramMD5 authentication requires a non-empty challenge');
}
return hash_hmac('md5', $data, $key, false);
}
[Additional Details]
The fix adds input validation for the HMAC-MD5 function and marks the unused block parameter as deprecated. While this improves security by preventing empty inputs, the continued use of MD5 (a weak cryptographic hash) remains a concern.
2. Vulnerability Existed: yes
Input Validation Missing [include/laminas-mail/src/Protocol/Smtp/Auth/Crammd5.php] [Lines 39-46]
[Old Code]
if (is_array($config)) {
if (isset($config['username'])) {
$this->setUsername($config['username']);
}
if (isset($config['password'])) {
$this->setPassword($config['password']);
}
}
[Fixed Code]
$config = $config ?? [];
if (isset($config['username'])) {
$this->setUsername($config['username']);
}
if (isset($config['password'])) {
$this->setPassword($config['password']);
}
[Additional Details]
The fix ensures proper handling of null configurations by initializing $config as an empty array if null, and simplifies the conditional logic. This prevents potential null reference issues.
3. Vulnerability Existed: not sure
Type Safety Improvements [include/laminas-mail/src/Protocol/Smtp/Auth/Crammd5.php] [Throughout file]
[Old Code]
Various properties and parameters without strict type hints
[Fixed Code]
Added type hints with "non-empty-string" and proper nullability indicators
[Additional Details]
The changes add more specific type hints throughout the file, which could potentially prevent type-related security issues, though the direct security impact is unclear.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/class.mailer.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/class.mailer.php@@ -77,7 +77,7 @@ $this->from = $from; elseif (\Validator::is_email($from)) { $this->from = new \EmailAddress(- sprintf('"%s" <%s>', $name ?: '', $from));+ str_contains($from, '<') ? $from : sprintf('"%s" <%s>', $name ?: '', $from)); } elseif (is_string($from)) $this->from = new \EmailAddress($from); elseif (($email=$this->getEmail())) {
Let me analyze this code diff for security fixes:
1. Vulnerability Existed: yes
Cross-Site Scripting (XSS) via Email Headers [include/class.mailer.php] [Lines 77-78]
[Old Code]
sprintf('"%s" <%s>', $name ?: '', $from)
[Fixed Code]
str_contains($from, '<') ? $from : sprintf('"%s" <%s>', $name ?: '', $from)
The fix prevents potential XSS by checking if the email address already contains angle brackets before applying formatting. The old code could potentially allow malicious content in the $name or $from variables to be interpreted as HTML if not properly sanitized elsewhere.
2. Vulnerability Existed: not sure
Email Header Injection [include/class.mailer.php] [Lines 77-78]
[Old Code]
sprintf('"%s" <%s>', $name ?: '', $from)
[Fixed Code]
str_contains($from, '<') ? $from : sprintf('"%s" <%s>', $name ?: '', $from)
While the change might help prevent some forms of email header injection by being more strict about email format validation, I'm not certain if this was the primary intent of the fix since the validation logic remains similar.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/Ean18.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/Ean18.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Validator\Barcode;
After analyzing the provided code diff, here's the security assessment: Vulnerability Existed: no [No specific vulnerability found] [include/laminas-mail/vendor/laminas/laminas-validator/src/Barcode/Ean18.php] [Lines 1-10] [Old Code] <?php /** * @see https://github.com/laminas/laminas-validator for the canonical source repository * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License */ [Fixed Code] <?php The changes shown in the diff only remove the documentation header (license and copyright information) from the file. This doesn't appear to be a security-related fix but rather a documentation or licensing change. There's no evidence of any security vulnerability being addressed in this particular diff. Note: While the change itself isn't security-related, removing license information could potentially lead to licensing compliance issues, but this doesn't constitute a security vulnerability.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Exception/DomainException.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Exception/DomainException.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Exception;
Based on the provided diff, I'll analyze it for security vulnerabilities:
1. Vulnerability Existed: no
Documentation Removal [include/laminas-mail/src/Exception/DomainException.php] [Lines 1-10]
Old Code:
```php
<?php
/**
* @see https://github.com/laminas/laminas-mail for the canonical source repository
* @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md
* @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License
*/
namespace Laminas\Mail\Exception;
```
Fixed Code:
```php
<?php
namespace Laminas\Mail\Exception;
```
The changes shown in the diff only remove documentation comments (file header with license information, copyright notice, and repository link). This is not a security-related change but rather a documentation cleanup. There are no actual code changes that would affect security, just metadata removal.
No security vulnerabilities were introduced or fixed in this diff. The modification is purely related to documentation and doesn't affect the functionality or security of the code.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/Db/AbstractDb.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/Db/AbstractDb.php@@ -1,10 +1,4 @@ <?php--/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Validator\Db;@@ -17,10 +11,20 @@ use Laminas\Stdlib\ArrayUtils; use Laminas\Validator\AbstractValidator; use Laminas\Validator\Exception;+use Laminas\Validator\Exception\InvalidArgumentException;+use Laminas\Validator\Exception\RuntimeException; use Traversable;++use function array_key_exists;+use function array_shift;+use function func_get_args;+use function func_num_args;+use function is_array; /** * Class for Database record validation+ *+ * @deprecated This class will be removed in version 3.0 of this component. There is no replacement. */ abstract class AbstractDb extends AbstractValidator implements AdapterAwareInterface {@@ -29,12 +33,10 @@ /** * Error constants */- const ERROR_NO_RECORD_FOUND = 'noRecordFound';- const ERROR_RECORD_FOUND = 'recordFound';-- /**- * @var array Message templates- */+ public const ERROR_NO_RECORD_FOUND = 'noRecordFound';+ public const ERROR_RECORD_FOUND = 'recordFound';++ /** @var array<string, string> Message templates */ protected $messageTemplates = [ self::ERROR_NO_RECORD_FOUND => 'No record matching the input was found', self::ERROR_RECORD_FOUND => 'A record matching the input was found',@@ -47,25 +49,17 @@ */ protected $select;- /**- * @var string- */- protected $schema = null;-- /**- * @var string- */+ /** @var string */+ protected $schema;++ /** @var string */ protected $table = '';- /**- * @var string- */+ /** @var string */ protected $field = '';- /**- * @var mixed- */- protected $exclude = null;+ /** @var mixed */+ protected $exclude; /** * Provides basic configuration for use with Laminas\Validator\Db Validators@@ -82,7 +76,7 @@ * 'adapter' => An optional database adapter to use * * @param array|Traversable|Select $options Options to use for this validator- * @throws \Laminas\Validator\Exception\InvalidArgumentException+ * @throws InvalidArgumentException */ public function __construct($options = null) {@@ -146,7 +140,7 @@ /** * Returns the set adapter *- * @throws \Laminas\Validator\Exception\RuntimeException When no database adapter is defined+ * @throws RuntimeException When no database adapter is defined. * @return DbAdapter */ public function getAdapter()@@ -157,7 +151,6 @@ /** * Sets a new database adapter *- * @param DbAdapter $adapter * @return self Provides a fluent interface */ public function setAdapter(DbAdapter $adapter)@@ -260,7 +253,6 @@ /** * Sets the select object to be used by the validator *- * @param Select $select * @return $this Provides a fluent interface */ public function setSelect(Select $select)@@ -313,12 +305,12 @@ */ protected function query($value) {- $sql = new Sql($this->getAdapter());- $select = $this->getSelect();- $statement = $sql->prepareStatementForSqlObject($select);- $parameters = $statement->getParameterContainer();+ $sql = new Sql($this->getAdapter());+ $select = $this->getSelect();+ $statement = $sql->prepareStatementForSqlObject($select);+ $parameters = $statement->getParameterContainer(); $parameters['where1'] = $value;- $result = $statement->execute();+ $result = $statement->execute(); return $result->current(); }
After analyzing the provided code diff, I don't see any clear security vulnerabilities being fixed. The changes appear to be primarily code cleanup, modernization, and documentation updates rather than security fixes. Here's my analysis: 1. Vulnerability Existed: no No specific vulnerability was fixed in this diff. The changes include: - Removal of license/copyright header comments - Code style improvements (type hints, property initialization) - Added deprecation notice - Import statement organization - Documentation improvements - Minor code formatting changes The changes don't show any: - SQL injection fixes - Authentication/authorization improvements - Input validation changes - Security-related exception handling - Sensitive data handling improvements The most notable changes are: 1. Adding deprecation notice for the class 2. Making error constants public 3. Improving type hints and documentation 4. Code style improvements (like removing redundant null assignments) However, none of these appear to be security-related fixes. The diff seems to be part of routine maintenance and modernization of the codebase rather than addressing specific vulnerabilities. If I had to speculate about potential security implications, the improved type hints and documentation might help prevent misuse of the class, but this would be a very indirect security benefit rather than a specific vulnerability fix.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/class.canned.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/class.canned.php@@ -311,6 +311,12 @@ return true; }++ function staffCanAccess($staff) {+ if (!$staff instanceof Staff)+ return false;+ return (!$this->dept || (($role = $staff->getRole($this->dept)) && $role->hasPerm(Canned::PERM_MANAGE)));+ } } RolePermission::register( /* @trans */ 'Knowledgebase', Canned::getPermissions());
Based on the provided code diff, I'll analyze it for security fixes:
1. Vulnerability Existed: yes
Missing Access Control Check [File] include/class.canned.php [Lines] 311+
[Old Code]
(No explicit access control check method existed)
[Fixed Code]
```php
function staffCanAccess($staff) {
if (!$staff instanceof Staff)
return false;
return (!$this->dept || (($role = $staff->getRole($this->dept)) && $role->hasPerm(Canned::PERM_MANAGE)));
}
```
The addition of the `staffCanAccess` method appears to be a security fix that implements proper access control checks for canned responses. The old code didn't have this explicit check, which could have allowed unauthorized access. The new code properly verifies:
1. The user is actually a Staff member
2. Either the canned response isn't department-specific OR the staff member has the proper permissions in the relevant department
This prevents potential unauthorized access to canned responses by implementing proper permission checks.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/class.export.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/class.export.php@@ -322,7 +322,7 @@ exit; }- static function audits($type, ?string $filename=null, ?string $tableInfo=null, ?string $object=null, ?string $how='csv', ?bool $show_viewed=true, ?array $data=array(), CsvExporter $exporter) {+ static function audits($type, ?string $filename, ?string $tableInfo, ?string $object, ?string $how='csv', ?bool $show_viewed=true, ?array $data=array(), CsvExporter $exporter) { $headings = array('Description', 'Timestamp', 'IP'); switch ($type) { case 'audit':@@ -620,7 +620,7 @@ } function write($data) {- fputcsv($this->fp, $this->escape($data), $this->getDelimiter());+ fputcsv($this->fp, $this->escape($data), $this->getDelimiter(), "\"", ""); } }@@ -725,7 +725,7 @@ $delimiter = $this->getDelimiter(); // Output a UTF-8 BOM (byte order mark) fputs($this->output, chr(0xEF) . chr(0xBB) . chr(0xBF));- fputcsv($this->output, $this->getHeaders(), $delimiter);+ fputcsv($this->output, $this->getHeaders(), $delimiter, "\"", ""); while ($row=$this->next()) fputcsv($this->output, array_map( function($v){@@ -733,7 +733,7 @@ return "'".$v; return $v; }, $row),- $delimiter);+ $delimiter, "\"", ""); if (!$tmp) fclose($this->output);
Here's the security analysis of the provided code diff:
1. Vulnerability Existed: yes
CSV Injection Vulnerability [include/class.export.php] [Lines 620, 725, 733]
[Old Code]
fputcsv($this->fp, $this->escape($data), $this->getDelimiter());
[Fixed Code]
fputcsv($this->fp, $this->escape($data), $this->getDelimiter(), "\"", "");
The fix adds proper CSV escaping parameters to fputcsv() calls, preventing CSV injection attacks where malicious input could execute commands when opened in spreadsheet software.
2. Vulnerability Existed: yes
CSV Injection Vulnerability [include/class.export.php] [Lines 725, 733]
[Old Code]
fputcsv($this->output, $this->getHeaders(), $delimiter);
[Fixed Code]
fputcsv($this->output, $this->getHeaders(), $delimiter, "\"", "");
This is another instance of the same CSV injection fix, ensuring proper escaping in header output as well.
3. Vulnerability Existed: yes
CSV Injection Vulnerability [include/class.export.php] [Lines 733]
[Old Code]
$delimiter);
[Fixed Code]
$delimiter, "\"", "");
Final instance of the CSV injection fix, completing the protection for all CSV output cases.
The changes consistently add the escape character (") and empty enclosure parameter to all fputcsv() calls, which properly handles special characters in the output and prevents CSV injection attacks. This was likely a coordinated fix addressing a security vulnerability across the entire export functionality.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/src/Header/ReplyTo.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/src/Header/ReplyTo.php@@ -1,15 +1,13 @@ <?php--/**- * @see https://github.com/laminas/laminas-mail for the canonical source repository- * @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Mail\Header; class ReplyTo extends AbstractAddressList {+ /** @var string */ protected $fieldName = 'Reply-To';+ /** @var string */ protected static $type = 'reply-to';+ /** @var string[] */+ protected static $typeAliases = ['replyto', 'reply_to']; }
Here's the analysis of the provided code diff:
1. Vulnerability Existed: no
No security vulnerability found [File] include/laminas-mail/src/Header/ReplyTo.php [Lines] 1-15
[Old Code]
<?php
/**
* @see https://github.com/laminas/laminas-mail for the canonical source repository
* @copyright https://github.com/laminas/laminas-mail/blob/master/COPYRIGHT.md
* @license https://github.com/laminas/laminas-mail/blob/master/LICENSE.md New BSD License
*/
namespace Laminas\Mail\Header;
class ReplyTo extends AbstractAddressList
{
protected $fieldName = 'Reply-To';
protected static $type = 'reply-to';
}
[Fixed Code]
<?php
namespace Laminas\Mail\Header;
class ReplyTo extends AbstractAddressList
{
/** @var string */
protected $fieldName = 'Reply-To';
/** @var string */
protected static $type = 'reply-to';
/** @var string[] */
protected static $typeAliases = ['replyto', 'reply_to'];
}
The changes appear to be:
1. Removal of the docblock header (license/copyright information)
2. Addition of type hints via PHPDoc annotations
3. Addition of type aliases for the Reply-To header
These changes are documentation and type safety improvements rather than security fixes. No actual security vulnerabilities appear to have been addressed in this diff.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.
--- /root/PatchLeaks-main/products/osTicket_downloads/v1.17.5/osTicket-1.17.5/include/laminas-mail/vendor/laminas/laminas-validator/src/Sitemap/Lastmod.php+++ /root/PatchLeaks-main/products/osTicket_downloads/v1.18.2/osTicket-1.18.2/include/laminas-mail/vendor/laminas/laminas-validator/src/Sitemap/Lastmod.php@@ -1,15 +1,12 @@ <?php--/**- * @see https://github.com/laminas/laminas-validator for the canonical source repository- * @copyright https://github.com/laminas/laminas-validator/blob/master/COPYRIGHT.md- * @license https://github.com/laminas/laminas-validator/blob/master/LICENSE.md New BSD License- */ namespace Laminas\Validator\Sitemap; use Laminas\Stdlib\ErrorHandler; use Laminas\Validator\AbstractValidator;++use function is_string;+use function preg_match; /** * Validates whether a given value is valid as a sitemap <lastmod> value@@ -18,25 +15,25 @@ */ class Lastmod extends AbstractValidator {+ // phpcs:disable Generic.Files.LineLength.TooLong+ /** * Regular expression to use when validating- * */- // @codingStandardsIgnoreStart- const LASTMOD_REGEX = '/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])(T([0-1][0-9]|2[0-3])(:[0-5][0-9])(:[0-5][0-9])?(\\+|-)([0-1][0-9]|2[0-3]):[0-5][0-9])?$/';- // @codingStandardsIgnoreEnd+ public const LASTMOD_REGEX = '/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])(T([0-1][0-9]|2[0-3])(:[0-5][0-9])(:[0-5][0-9])?(\\+|-)([0-1][0-9]|2[0-3]):[0-5][0-9])?$/';++ // phpcs:enable /** * Validation key for not valid- * */- const NOT_VALID = 'sitemapLastmodNotValid';- const INVALID = 'sitemapLastmodInvalid';+ public const NOT_VALID = 'sitemapLastmodNotValid';+ public const INVALID = 'sitemapLastmodInvalid'; /** * Validation failure message template definitions *- * @var array+ * @var array<string, string> */ protected $messageTemplates = [ self::NOT_VALID => 'The input is not a valid sitemap lastmod',@@ -62,7 +59,7 @@ ErrorHandler::start(); $result = preg_match(self::LASTMOD_REGEX, $value); ErrorHandler::stop();- if ($result != 1) {+ if ($result !== 1) { $this->error(self::NOT_VALID); return false; }
Based on the provided code diff, here's the security analysis:
Vulnerability Existed: not sure
[Potential Regular Expression Denial of Service (ReDoS)][include/laminas-mail/vendor/laminas/laminas-validator/src/Sitemap/Lastmod.php][18-20]
[Old Code]
const LASTMOD_REGEX = '/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])(T([0-1][0-9]|2[0-3])(:[0-5][0-9])(:[0-5][0-9])?(\\+|-)([0-1][0-9]|2[0-3]):[0-5][0-9])?$/';
[Fixed Code]
public const LASTMOD_REGEX = '/^[0-9]{4}-(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])(T([0-1][0-9]|2[0-3])(:[0-5][0-9])(:[0-5][0-9])?(\\+|-)([0-1][0-9]|2[0-3]):[0-5][0-9])?$/';
Vulnerability Existed: yes
[Type Juggling Vulnerability][include/laminas-mail/vendor/laminas/laminas-validator/src/Sitemap/Lastmod.php][62]
[Old Code]
if ($result != 1) {
[Fixed Code]
if ($result !== 1) {
Notes:
1. The first entry is marked "not sure" because while the regex pattern remains the same, complex regexes can potentially be vulnerable to ReDoS attacks. However, there's no clear evidence this was specifically addressed in the diff.
2. The second entry shows a clear security improvement by changing from loose comparison (!=) to strict comparison (!==), which prevents potential type juggling vulnerabilities where non-integer values might pass the check.
3. Other changes in the diff (like visibility modifiers and documentation) appear to be code quality improvements rather than security fixes.
osTicket prior to v1.17.6 and v1.18.2 are vulnerable to Broken Access Control Vulnerability in /scp/ajax.php.
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket <=1.17.5 allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.