Ghost Release: 3.41.1

TL;DR

Ghost 3.41.1 Security Update

This patch release addresses a critical security vulnerability in the private site login functionality. The fix prevents potential open redirect attacks that could lead users to external malicious sites after providing their private site password. This update is essential for all Ghost installations, especially those using password-protected sites. Note that both 3.41.0 and 3.41.1 contain an issue with Stripe Checkout signups - users should update to 3.41.2.

Highlight of the Release

• Fixed critical security vulnerability in private site login functionality
• Prevented open redirect attacks that could occur after providing private site password
• Security fix credited to external contributor Max Schaefer

Migration Guide

No migration steps are required for this update. Site administrators can update to version 3.41.1 using the Ghost-CLI tool with standard update procedures.

However, please note that both 3.41.0 and 3.41.1 contain an issue with Stripe Checkout signups. It is recommended to update directly to version 3.41.2 instead, which addresses both the security vulnerability and the Stripe Checkout issue.

Upgrade Recommendations

This is a critical security update that all Ghost installations should apply immediately, especially those using password-protected sites.

However, since both 3.41.0 and 3.41.1 contain an issue with Stripe Checkout signups, it is recommended to update directly to version 3.41.2 instead of stopping at 3.41.1.

To update:

ghost update

Or specify the version:

ghost update --version 3.41.2

Bug Fixes

Security Bug Fix

• Fixed an open redirect vulnerability in the private site login functionality that could potentially allow attackers to redirect users to external malicious sites after they provided a password for a private Ghost site.

This fix ensures that redirect URLs are properly validated before being processed, preventing potential phishing attacks through malicious redirects.

New Features

No new features were introduced in this patch release. This is strictly a security update focused on addressing the open redirect vulnerability in the private site login functionality.

Security Updates

Open Redirect Vulnerability Fix

A security vulnerability was patched that could allow attackers to exploit the private site login functionality to perform open redirect attacks. This type of vulnerability could potentially be used in phishing campaigns by redirecting users to malicious sites after they entered their password on a legitimate Ghost site.

The fix implements proper validation of redirect URLs to ensure users can only be redirected to pages within the same Ghost site after authentication, preventing potential phishing attacks.

Credit for discovering this vulnerability goes to Max Schaefer.

Performance Improvements

No specific performance improvements were included in this patch release. The focus was exclusively on addressing the security vulnerability in the private site login functionality.

Impact Summary

This security patch addresses a significant vulnerability that could potentially be exploited for phishing attacks through open redirects after private site authentication. The fix ensures that users accessing password-protected Ghost sites cannot be redirected to external malicious websites after providing the correct password.

The impact is primarily positive for all users, as it eliminates a security risk without changing any functionality or requiring configuration changes. Site administrators should prioritize this update to protect their users, but should be aware that both 3.41.0 and 3.41.1 have an issue with Stripe Checkout signups, making it advisable to update directly to 3.41.2 instead.

This release demonstrates Ghost's commitment to security and rapid response to vulnerabilities, with credit appropriately given to the external security researcher who identified the issue.

Full Release Notes