First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 153896
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: regis couraud <bugs@datasecu.com>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
qmailadmin-1.2.10.ebuild New version qmailafin 1.2.10 application/octet-stream regis couraud 2006-11-02 20:25 0000 2.43 KB Details
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 153896 depends on: Show dependency tree
Show dependency graph
Bug 153896 blocks:

Additional Comments: (this is where you put emerge --info)







View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2006-11-02 20:20 0000 
CVE reference:  CVE-2006-1141 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-1141

Solution : Install qmailadmin 1.2.10

------- Comment #1 From regis couraud 2006-11-02 20:25:23 0000 ------- 
Created an attachment (id=101122) [edit]
New version qmailafin 1.2.10

------- Comment #2 From Raphael Marichez 2006-11-03 12:03:47 0000 ------- 
This bug is already public. Please don't restrict public vulnerabilities. The
herd can't see the bug.

robbat2, please bump out the fixed version (1.2.10) or patch, thanks. I
couldn't find a similar bug, we've probably missed it.

------- Comment #3 From Matthias Geerdsen 2006-11-10 05:57:48 0000 ------- 
robbat2/qmail herd, any news?

------- Comment #4 From Robin Johnson 2006-11-11 03:03:38 0000 ------- 
1.2.10 in CVS now. Took some work to find that it now needed RESTRICT=userpriv
to compile successfully.

------- Comment #5 From Sune Kloppenborg Jeppesen 2006-11-11 04:27:46 0000 ------- 
Arhces please test and mark stable. Target keywords are:

amd64 arm hppa ppc sparc x86

------- Comment #6 From Markus Meier 2006-11-11 16:06:37 0000 ------- 
net-mail/qmailadmin-1.2.10  USE="-maildrop"
1. emerges on x86, please note:
QA Notice: the following files are setXid, dyn linked, and using lazy bindings
LAZY var/www/localhost/cgi-bin/qmailadmin

2. passes collision test
3. seems to work as the cgi-bin/qmailadmin shows up. (don't have a qmail setup
to test further)

Portage 2.1.1-r1 (default-linux/x86/2006.1/desktop, gcc-4.1.1, glibc-2.4-r4,
2.6.18.1 i686)
=================================================================
System uname: 2.6.18.1 i686 Genuine Intel(R) CPU           T2300  @ 1.66GHz
Gentoo Base System version 1.12.6
Last Sync: Sat, 11 Nov 2006 22:30:01 +0000
ccache version 2.3 [disabled]
app-admin/eselect-compiler: [Not Present]
dev-java/java-config: 1.3.7, 2.0.30
dev-lang/python:     2.3.5-r3, 2.4.3-r4
dev-python/pycrypto: 2.0.1-r5
dev-util/ccache:     2.3
dev-util/confcache:  [Not Present]
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.60
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2
sys-devel/binutils:  2.16.1-r3
sys-devel/gcc-config: 1.3.13-r4
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.17-r1
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=prescott -pipe -fomit-frame-pointer"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config
/usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf
/etc/java-config/vms/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c"
CXXFLAGS="-O2 -march=prescott -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
EMERGE_DEFAULT_OPTS="--nospinner"
FEATURES="autoconfig collision-protect distlocks metadata-transfer
parallel-fetch sandbox sfperms strict test userfetch userpriv usersandbox"
GENTOO_MIRRORS="http://mirror.switch.ch/mirror/gentoo/ http://gentoo.inode.at/"
LINGUAS="en de en_GB de_CH"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress
--force --whole-file --delete --delete-after --stats --timeout=180
--exclude='/distfiles' --exclude='/local' --exclude='/packages'"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="x86 X a52 aac acpi alsa apache2 asf berkdb bitmap-fonts cairo cdr cdrom
cli cracklib crypt cups dbus divx dlloader dri dts dvd dvdr dvdread eds
elibc_glibc emboss encode fam ffmpeg firefox flac fortran gdbm gif gnome gpm
gstreamer gtk hal iconv input_devices_keyboard input_devices_mouse ipv6 isdnlog
java jpeg kde kdeenablefinal kernel_linux ldap libg++ linguas_de linguas_de_CH
linguas_en linguas_en_GB mad mikmod mmx mono mp3 mpeg ncurses nls nptl nptlonly
ogg opengl oss pam pcre perl png ppds pppd python qt3 qt4 quicktime readline
reflection rtsp samba sdl session smp spell spl sse sse2 sse3 ssl svg tcpd test
tetex theora threads truetype truetype-fonts type1-fonts udev unicode
userland_GNU vcd video_cards_fbdev video_cards_i810 video_cards_vesa vorbis
win32codecs wxwindows x264 xine xml xorg xprint xv xvid zlib"
Unset:  CTARGET, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, PORTAGE_RSYNC_EXTRA_OPTS,
PORTDIR_OVERLAY

------- Comment #7 From Tobias Scherbaum 2006-11-13 09:45:04 0000 ------- 
ppc stable

------- Comment #8 From René Nussbaumer 2006-11-13 12:10:44 0000 ------- 
stable on hppa

------- Comment #9 From Michael Weyershäuser 2006-11-13 20:07:26 0000 ------- 
Emerges fine on amd64 and seems to be working...

Portage 2.1.1-r1 (default-linux/amd64/2006.1/desktop, gcc-4.1.1, glibc-2.4-r4,
2.6.18-suspend2-Dudebox-Edition x86_64)
=================================================================
System uname: 2.6.18-suspend2-Dudebox-Edition x86_64 AMD Athlon(tm) 64
Processor 3200+
Gentoo Base System version 1.12.6
Last Sync: Mon, 13 Nov 2006 05:00:01 +0000
distcc 2.18.3 x86_64-pc-linux-gnu (protocols 1 and 2) (default port 3632)
[enabled]
ccache version 2.3 [enabled]
app-admin/eselect-compiler: [Not Present]
dev-java/java-config: 1.3.7, 2.0.30
dev-lang/python:     2.4.3-r4
dev-python/pycrypto: 2.0.1-r5
dev-util/ccache:     2.3
dev-util/confcache:  [Not Present]
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.60
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2
sys-devel/binutils:  2.16.1-r3
sys-devel/gcc-config: 1.3.13-r4
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.11-r2
ACCEPT_KEYWORDS="amd64"
AUTOCLEAN="yes"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=k8 -msse3 -Os -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config
/usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config /var/qmail/alias
/var/qmail/control /var/vpopmail/domains /var/vpopmail/etc"
CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf
/etc/java-config/vms/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c"
CXXFLAGS="-march=k8 -msse3 -Os -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig ccache collision-protect distcc distlocks
metadata-transfer multilib-strict parallel-fetch sandbox sfperms strict test"
GENTOO_MIRRORS="ftp://linux.rz.ruhr-uni-bochum.de/gentoo-mirror/
ftp:///ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/"
LDFLAGS="-Wl,-O1"
MAKEOPTS="-j4"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress
--force --whole-file --delete --delete-after --stats --timeout=180
--exclude='/distfiles' --exclude='/local' --exclude='/packages'"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage_overlay"
SYNC="rsync://server/gentoo-portage"
USE="amd64 X alsa apache2 berkdb bitmap-fonts cairo cdr cli cracklib crypt cups
dbus dlloader dri dvd dvdr eds elibc_glibc emboss encode esd fam firefox
fortran gcj gdbm gif gpm gstreamer gtk gtk2 hal iconv imap
input_devices_keyboard input_devices_mouse isdnlog jpeg kde kdeenablefinal
kdehiddenvisibility kernel_linux libg++ mad mikmod mp3 mpeg mysql ncurses nls
nptl nptlonly objc objc++ ogg oss pam pcre perl png ppds pppd python qt3
quicktime readline reflection sdl session spell spl sqlite ssl tcpd test
truetype truetype-fonts type1-fonts udev unicode userland_GNU
video_cards_radeon vorbis xml xorg xv zlib"
Unset:  CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LINGUAS,
PORTAGE_RSYNC_EXTRA_OPTS

------- Comment #10 From Christian Faulhammer 2006-11-13 22:10:38 0000 ------- 
x{72-8} is done

------- Comment #11 From Christian Faulhammer 2006-11-13 22:16:35 0000 ------- 
(In reply to comment #10)
> x{72-8} is done

 I always was bad at math. Ugh.

------- Comment #12 From Gustavo Zacarias (RETIRED) 2006-11-15 07:24:55 0000 ------- 
sparc stable.

------- Comment #13 From Chris Gianelloni (RETIRED) 2006-11-15 08:10:16 0000 ------- 
amd64 done

------- Comment #14 From Matthias Geerdsen 2006-11-15 13:38:48 0000 ------- 
ready for GLSA

------- Comment #15 From Sune Kloppenborg Jeppesen 2006-11-20 11:16:25 0000 ------- 
It's setuid root rerating.

------- Comment #16 From Robin Johnson 2006-11-20 15:48:20 0000 ------- 
jaervosz: qmailadmin is NOT setuid root. It's setuid vpopmail:vpopmail. This is
so it has access to files that are 0640/root:vpopmail and vpopmail:vpopmail.

------- Comment #17 From Sune Kloppenborg Jeppesen 2006-11-20 21:34:53 0000 ------- 
Thx Robbat for clearing this up and installing it this non-standard way.

------- Comment #18 From Robin Johnson 2006-11-20 22:19:14 0000 ------- 
it's not non-standard, the setuid vpopmail is done by upstream (after you tell
it what your vpopmail user is).

------- Comment #19 From Sune Kloppenborg Jeppesen 2006-11-21 07:23:09 0000 ------- 
GLSA 200611-15
First Last Prev Next    No search results available      Search page      Enter new bug