Javier Fern
Javier Fernández-Sanguino Peña from the Debian Security Audit team discovered that the syslogtocern script from thttpd, a tiny webserver, uses a temporary file insecurely, allowing a local attacker to craft a symlink attack to overwrite arbitrary files. Patch by Javier attached.
Created attachment 71583 [details, diff] patch.CVE-2005-3124.thttpd
Waiting for a hint on disclosure date
Already public. www-servers herd please check if we ship that script and bump with patch if necessary.
(In reply to comment #3) > Already public. > > www-servers herd please check if we ship that script and bump with patch if > necessary. Yes it is installed by make install. I've gone ahead and committed 2.25b-r3 but unless I get rid of the php stuff Stuart added to 2.25b-r2 I don't feel comfortable stabilizing (plus it needs a few deps stabilized first). Stuart, comments?
www-servers please make up your mind on which version we should ask to stable-ize to fix this security bug.
sent an email to stuart so that we get an answer on this.
Hi, I suggest we drop the PHP5 support for now, and stabilise without it. Best regards, Stu
Aaron/Stuart we'll call for stable marking of 2.25b-r3 when you confirm.
2.25b-r4 is in cvs w/o php support. x86 stable.
ppc please test and mark stable.
Marked ppc stable.
Ready for GLSA vote. I don't know. This is a misc script for sure, but it's still in path... half yes from here.
I tend to vote NO.
I'd vote no as well.
Reverting vote and closing.