103661 2005-08-24 22:02 0000 dev-util/cvs temp file issues 2005-09-04 04:01:11 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166366 B3? [noglsa] jaervosz P2 minor --- 1 jaervosz@gentoo.org security@gentoo.org cvs-utils@gentoo.org jaervosz@gentoo.org 2005-08-24 22:02:05 0000 I think this was discovered by Marcus Meissner from SUSE and wrongly attributed by Secunia. Insecure temporary file handling in cvsbug program. Full details in URL. jaervosz@gentoo.org 2005-08-24 22:03:46 0000 *** Bug 103303 has been marked as a duplicate of this bug. *** jaervosz@gentoo.org 2005-08-24 22:04:01 0000 cvs-utils please verify and bump as needed. robbat2@gentoo.org 2005-08-24 23:21:26 0000 in cvs now. corsair@gentoo.org 2005-08-25 04:04:36 0000 stable on ppc64 port001@gentoo.org 2005-08-25 05:28:23 0000 Stable on x86. gustavoz@gentoo.org 2005-08-25 07:07:41 0000 sparc stable. killerfox@gentoo.org 2005-08-25 11:01:17 0000 Stable on hppa hansmi@gentoo.org 2005-08-25 11:24:07 0000 Stable on ppc. ferdy@gentoo.org 2005-08-25 12:44:55 0000 Stable on the shiny alpha architecture :) Cheers, Ferdy cryos@gentoo.org 2005-08-27 17:08:54 0000 Stable on amd64 - sorry about the delay. koon@gentoo.org 2005-08-28 00:56:58 0000 CAN-2005-2693 "It is possible that a malicious user could leverage this issue to execute arbitrary instructions as the user running cvsbug." Time to vote, I tend to vote yes (more impact than just overwriting a file with garbage, though cvsbug use is a little unlikely). taviso@gentoo.org 2005-08-30 09:21:41 0000 vote NO, difficult to exploit. impossible to predict when someone is going to run cvsbug, and even if you could social engineer a situation when you knew the precise time that someone was going to execute it and convince them that they had found a bug that needed to be reported, you still need to win a race condition. jaervosz@gentoo.org 2005-08-30 12:24:48 0000 I tend to vote NO. koon@gentoo.org 2005-08-31 00:30:04 0000 Reversing YES to NO, and closing. hardave@gentoo.org 2005-09-04 04:01:11 0000 Stable on mips.