From ${URL} : Common Vulnerabilities and Exposures assigned an identifier CVE-2012-6607 to the following vulnerability: Name: CVE-2012-6607 URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6607 Assigned: 20131123 Reference: http://augeas.net/news.html Reference: https://bugzilla.redhat.com/show_bug.cgi?id=772257 Reference: https://github.com/hercules-team/augeas/commit/16387744 Reference: REDHAT:RHSA-2013:1537 Reference: http://rhn.redhat.com/errata/RHSA-2013-1537.html Reference: SECUNIA:55811 Reference: http://secunia.com/advisories/55811 The transform_save function in transform_save in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786. @maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.
CVE-2012-6607 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6607): The transform_save function in transform_save in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augsave file in a backup save action, a different vector than CVE-2012-0786.
CVE-2012-0787 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0787): The clone_file function in transfer.c in Augeas before 1.0.0, when copy_if_rename_fails is set and EXDEV or EBUSY is returned by the rename function, allows local users to overwrite arbitrary files and obtain sensitive information via a bind mount on the (1) .augsave or (2) destination file when using the backup save option, or (3) .augnew file when using the newfile save option. CVE-2012-0786 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0786): The transform_save function in transform_save in Augeas before 1.0.0 allows local users to overwrite arbitrary files and obtain sensitive information via a symlink attack on a .augnew file.
From https://bugzilla.redhat.com/show_bug.cgi?id=1034261 : Augeas upstream commit 051c73a9: https://github.com/hercules-team/augeas/commit/051c73a9 introduced a flaw in the way Augeas sets permissions on newly created files. The above commit aims to address a regression introduced in the fix for CVE-2012-0786 (see bug 772257 comment 39), which introduced a use of mkstemp() to create new files. mkstemp() always sets 0600 file permissions regardless of the current umask setting. Commit 051c73a9 attempts to fix file permissions based on umask setting, but it does not correctly handle certain umask values, causing Augeas to make newly created files world writable. A local user could possibly use this flaw to modify configuration files created by an application using Augeas.
app-admin/augeas-0.10.0-r2 has the fix arches, please stablize for alpha amd64 hppa ppc sparc x86 I don't want to change the title, can you (sec team) do so?
amd64 stable
x86 stable
Stable for HPPA.
alpha stable
ppc stable
sparc stable. Maintainer(s), please cleanup. Security, please vote.
GLSA vote: no.
GLSA vote: no Voting is done, waiting for cleanup
Maintainers please clean up vulnerable versions so we can close this bug. Thank you.
Cleanup done.