First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 200623
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Lars Hartmann <lars@chaotika.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
fix_format_string_vulnerability.patch patch patch Lars Hartmann 2007-11-28 12:05 0000 565 bytes Details | Diff
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 200623 depends on: Show dependency tree
Bug 200623 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-11-28 11:12 0000 
Chris Rohlf has reported a vulnerability in Ruby-GNOME2, which can potentially
be exploited by malicious people to compromise an application using the
library.

The vulnerability is caused due to a format string error within the
"Gtk::MessageDialog.new()" method in gtk/src/rbgtkmessagedialog.c and can
potentially be exploited to execute arbitrary code when a specially crafted
string is passed to the affected function.

NOTE: Exploitation and impact of this vulnerability depend on how an
application uses the affected function of the vulnerable library.

The vulnerability is reported in version 0.16.0. Other versions may also be
affected.

Solution:
Fixed in the SVN repository.
http://ruby-gnome2.svn.sourceforge.ne...uby-gnome2?view=rev&revision=2720

Provided and/or discovered by:
Chris Rohlf

Original Advisory:
http://em386.blogspot.com/2007/11/your-favorite-better-than-c-scripting.html

Reproducible: Always

------- Comment #1 From Lars Hartmann 2007-11-28 11:15:23 0000 ------- 
lets wait for upstream to provide a fixed release

------- Comment #2 From Lars Hartmann 2007-11-28 12:05:01 0000 ------- 
Created an attachment (id=137213) [edit]
patch

------- Comment #3 From Lars Hartmann 2007-11-28 12:05:44 0000 ------- 
maintainers - please advice and include that patch if possible

------- Comment #4 From Hans de Graaff 2007-11-28 20:05:28 0000 ------- 
We have split up the Ruby-Gnome2 stuff into several packages. The specific code
is part of dev-ruby/ruby-gtk2-0.16-r1 and older releases.

I have just added dev-ruby/ruby-gtk2-0.16-r2 to CVS which contains the patch
that Lars appended. @Lars: thanks for digging it up and appending it.

------- Comment #5 From Robert Buchholz 2007-11-29 00:03:42 0000 ------- 
Please ping if you think it's ready for stabling.

------- Comment #6 From Lars Hartmann 2007-11-29 07:28:56 0000 ------- 
arches - please test this ebuild and mark it stable as necessary

target Package: dev-ruby/ruby-gtk-0.16-r2
target Arches: x86,ppc,sparc,amd64,alpha,ppc64,hppa

------- Comment #7 From Christian Faulhammer 2007-11-29 08:35:19 0000 ------- 
x86 stable

------- Comment #8 From Lars Hartmann 2007-11-29 09:34:50 0000 ------- 
I removed the arches that lacked a testing/stable version from the list:

target Package: dev-ruby/ruby-gtk-0.16-r2
target Arches: x86(done) ppc,sparc,amd64,alpha

------- Comment #9 From Steve Dibb 2007-11-30 20:10:15 0000 ------- 
amd64 stable

------- Comment #10 From Tobias Scherbaum 2007-12-02 15:38:59 0000 ------- 
ppc stable

------- Comment #11 From Raúl Porcel 2007-12-04 17:34:03 0000 ------- 
alpha/ia64/sparc stable and is not keyworded on mips, ready for glsa

------- Comment #12 From Robert Buchholz 2007-12-04 18:01:05 0000 ------- 
filed.

------- Comment #13 From Pierre-Yves Rofes 2007-12-09 22:16:20 0000 ------- 
GLSa 200712-09

------- Comment #14 From Peter Volkov 2008-03-06 09:52:19 0000 ------- 
Does not affect current (2008.0) release. Removing release.
First Last Prev Next    No search results available      Search page      Enter new bug