177512 2007-05-07 16:13 0000 www-client/elinks Untrusted search path (CVE-2007-2027) 2007-06-28 06:22:11 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2027 B2 [glsa] jaervosz P2 normal --- 1 jaervosz@gentoo.org security@gentoo.org andrei.ivanov@gmail.com spock@gentoo.org jaervosz@gentoo.org 2007-05-07 16:13:22 0000 Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 adds "../po" to the search path for .po files, which might allow local users to cause Elinks to use an untrusted gettext message catalog, which can be leveraged to conduct format string attacks. jakub@gentoo.org 2007-05-09 11:48:02 0000 *** Bug 177777 has been marked as a duplicate of this bug. *** jaervosz@gentoo.org 2007-05-19 22:41:17 0000 spock please advise. spock@gentoo.org 2007-05-21 17:24:02 0000 This is now fixed in CVS thanks to a patch pulled from the elinks GIT tree. jaervosz@gentoo.org 2007-05-21 18:30:57 0000 Thx Micheal. Could you make a revbump of the latest stable so users can use glsa-check to upgrade and arches have a chance to test? jaervosz@gentoo.org 2007-05-21 18:46:15 0000 Woops didn't mean to CC arches already. Sorry for the noise. spock@gentoo.org 2007-05-21 21:00:09 0000 Done, 0.11.2-r1 is in CVS now. py@gentoo.org 2007-05-31 09:44:03 0000 Jaervosz, seems it's ok for calling arches this time :) jaervosz@gentoo.org 2007-06-01 05:54:27 0000 Thx for the reminder:-) Arches please test and mark stable. Target keywords are: elinks-0.11.2-r1.ebuild:KEYWORDS="alpha amd64 hppa mips ppc ppc64 sparc x86 ~x86-fbsd" armin76@gentoo.org 2007-06-01 12:36:08 0000 alpha/x86 stable welp@gentoo.org 2007-06-01 12:45:43 0000 amd64 done gustavoz@gentoo.org 2007-06-01 13:27:11 0000 sparc stable. ranger@gentoo.org 2007-06-01 14:49:42 0000 ppc64 stable jer@gentoo.org 2007-06-01 16:12:19 0000 Stable for HPPA. killerfox@gentoo.org 2007-06-02 20:09:19 0000 stable on ppc falco@gentoo.org 2007-06-07 21:30:56 0000 GLS 200706-03, thanks everybody! mips don't forget to mark stable to befenit from the glsa kumba@gentoo.org 2007-06-28 06:22:11 0000 mips stable.