Gentoo Bug 102151 - kde-base/kdeedu temp file vulnerability in langen2kvtml

Description:

Opened: 2005-08-11 12:22 0000

KDE Security Advisory: langen2kvtml tempfile vulnerability 
Original Release Date: 2008-08-15 
URL: http://www.kde.org/info/security/advisory-20050815-1.txt 
 
0. References 
 
 
 
1. Systems affected: 
 
        All KDE releases starting from KDE 3.0 up to including 
        KDE 3.4.2. 
 
 
2. Overview: 
 
        Ben Burton notified the KDE security team about several 
        tempfile handling related vulnerabilities in langen2kvtml, 
        a conversion script for kvoctrain. The script must 
        be manually invoked.  
 
        The script uses known filenames in /tmp which allow an 
        local attacker to overwrite files writeable by the 
        user invoking the conversion script. 
 
3. Impact: 
 
        A local file can overwrite files and possibly elevate 
        privileges. 
 
 
4. Solution: 
 
        Source code patches have been made available which fix these 
        vulnerabilities. Contact your OS vendor / binary package provider 
        for information about how to obtain updated binary packages. 
 
 
5. Patch: 
 
        Patch for KDE 3.4.2 is available from  
        ftp://ftp.kde.org/pub/kde/security_patches : 
 
        XXX 
 
        Patch for KDE 3.3.1 is available from  
        ftp://ftp.kde.org/pub/kde/security_patches : 
 
        651fba579516ea947fbefee373f40a6c  post-3.3.1-kdegraphics.diff

------- Comment #1 From Sune Kloppenborg Jeppesen 2005-08-11 12:23:28 0000 -------

Created an attachment (id=65692) [edit]
post-3.4.2-kdeedu.diff

Proposed upstream patch.

------- Comment #2 From Sune Kloppenborg Jeppesen 2005-08-11 12:35:08 0000 -------

RH seems to have accidentially put out updated kdeedu packages (though I 
haven't actually found it yet). If correct this is SEMIPUBLIC instead of 
CONFIDENTIAL.

------- Comment #4 From Carsten Lohrke 2005-08-14 16:37:19 0000 -------

<<< kdeedu-3.3.2-r2.ebuild
<<< kdeedu-3.4.1-r1.ebuild
<<< kvoctrain-3.4.1-r1.ebuild

are marked x86, the other archs are asked to follow.

------- Comment #5 From Stefan Cornelius (RETIRED) 2005-08-14 17:07:24 0000 -------

Well, i don't have a good feeling that these patches are in portage but since
it's semi-public, i just hope that it's ok. Would be too late now, anyways.

Arches, please test and mark kdeedu-3.3.2-r2 stable. if kde-3.4.1 was stable on
your arch, please do the same with kdeedu-3.4.1-r1 and kvoctrain-3.4.1-r1.
Thanks a lot.

------- Comment #6 From Sune Kloppenborg Jeppesen 2005-08-14 21:52:18 0000 -------

Removing arches and adding arch security liaisons instead. Please test and 
mark stable.

------- Comment #11 From Thierry Carrez (RETIRED) 2005-08-18 09:40:44 0000 -------

Closing, as we are done here.

*** This bug has been marked as a duplicate of 102577 ***

Filename	Description	Type	Creator	Created	Size	Actions
post-3.4.2-kdeedu.diff	post-3.4.2-kdeedu.diff	patch	Sune Kloppenborg Jeppesen	2005-08-11 12:23 0000	1.83 KB	Details \| Diff
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 102151 depends on:			Show dependency tree
Bug 102151 blocks:			Show dependency tree

Bugzilla Bug 102151

kde-base/kdeedu temp file vulnerability in langen2kvtml

Last modified: 2005-08-18 09:40:44 0000