Fixing CVE-2022-42731 for v2.5

Fixing CVE-2022-42731
Update CHANGELOG.md
2022-10-10 17:46:03 +03:00 · 2022-10-10 17:07:01 +03:00 · 2022-06-22 16:11:17 +03:00 · 2022-06-22 16:11:04 +03:00 · 2022-06-22 08:57:28 +03:00
4 changed files with 14 additions and 8 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,10 +1,14 @@
 # Change Log
+## 2.5.2
+* Fix: CVE-2022-42731: related to possibility of registration replay attack thanks to 'SSE (Secure Systems Engineering)' 
+   
 ## 2.5.0

   * Fixed: issue in the 'Authorize' button don't show on Firefox and Chrome on iOS.
     Note: It seems Firefox doesn't support WebAuthn on iOS
   * Fixed: Support for bootstrap5
-Thanks to @ezrajrice
+     Thanks to @ezrajrice
+   * Upgraded to fido2==1.0.0
  
 ## 2.4.0

--- a/README.md
+++ b/README.md
@@ -38,7 +38,7 @@ Depends on
 * ua-parser
 * user-agents
 * python-jose
-* fido2==0.9.0
+* fido2==1.0.0

 # Installation
 1. using pip 
--- a/mfa/FIDO2.py
+++ b/mfa/FIDO2.py
@@ -16,7 +16,7 @@ from .views import login, reset_cookie
 import datetime
 from .Common import get_redirect_url
 from django.utils import timezone
-
+from django.http import JsonResponse

 def recheck(request):
    """Starts FIDO2 recheck"""
@@ -49,13 +49,15 @@ def begin_registeration(request):
 def complete_reg(request):
    """Completes the registeration, called by API"""
    try:
+        if not "fido_state" in request.session:
+            return JsonResponse({'status': 'ERR', "message": "FIDO Status can't be found, please try again"})
        data = cbor.decode(request.body)

        client_data = CollectedClientData(data['clientDataJSON'])
        att_obj = AttestationObject((data['attestationObject']))
        server = getServer()
        auth_data = server.register_complete(
-            request.session['fido_state'],
+            request.session.pop('fido_state'),
            client_data,
            att_obj
        )
@@ -75,7 +77,7 @@ def complete_reg(request):
            client.captureException()
        except:
            pass
-        return HttpResponse(simplejson.dumps({'status': 'ERR', "message": "Error on server, please try again later"}))
+        return JsonResponse({'status': 'ERR', "message": "Error on server, please try again later"})


 def start(request):
--- a/setup.py
+++ b/setup.py
@@ -4,7 +4,7 @@ from setuptools import find_packages, setup

 setup(
    name='django-mfa2',
-    version='2.5.0b2',
+    version='2.5.2',
    description='Allows user to add 2FA to their accounts',
    long_description=open("README.md").read(),
    long_description_content_type="text/markdown",
@@ -31,7 +31,7 @@ setup(
    include_package_data=True,
    zip_safe=False, # because we're including static files
    classifiers=[
-        "Development Status :: 4 - Beta",
+        "Development Status :: 5 - Production/Stable",
        "Environment :: Web Environment",
        "Framework :: Django",
        "Framework :: Django :: 2.0",
Author	SHA1	Message	Date
Mohamed ElKalioby	90f297d90f	Fixing CVE-2022-42731 for v2.5	2022-10-10 17:46:03 +03:00
Mohamed ElKalioby	5fbb505e98	Fixing CVE-2022-42731	2022-10-10 17:07:01 +03:00
Mohamed El-Kalioby	0936ea2533	Update CHANGELOG.md	2022-06-22 16:11:17 +03:00
Mohamed El-Kalioby	383a3e8da6	Update CHANGELOG.md	2022-06-22 16:11:04 +03:00
Mohamed ElKalioby	843a4e676c	Merged v2.5	2022-06-22 08:57:28 +03:00