195996 2007-10-15 23:14 0000 media-gfx/hugin < 0.6.1-r1 Insecure temporary file creation (CVE-2007-5200) 2007-12-05 22:29:11 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://secunia.com/advisories/27623/ B3 [glsa] P2 minor --- 1 rbu@gentoo.org security@gentoo.org graphics@gentoo.org rbu@gentoo.org 2007-10-15 23:14:37 0000 CVE-2007-5200 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5200): hugin in SUSE openSUSE 10.2 and 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file. rbu@gentoo.org 2007-10-15 23:18:48 0000 This does not only affect SuSe, but seems to be an upstream problem. Attching patch applied by suse. It removes debug logging functionality, though. Graphics, please advise and contact upstream about it. They do not have any fix in their repository yet. rbu@gentoo.org 2007-10-15 23:19:18 0000 Created an attachment (id=133580) hugin-0.6.1-optim_file.patch rbu@gentoo.org 2007-10-25 17:50:58 0000 nion from Debian security created a proper patch that was included in the upstream repository: http://people.debian.org/~nion/nmu-diff/hugin-0.6.1-1_0.6.1-1.1.patch rbu@gentoo.org 2007-10-25 23:12:09 0000 Upstream is not going to release an update to their stable 0.6 branch and the new release is not within days. Graphics, please provide an updated ebuild with the patch applied. lu_zero@gentoo.org 2007-10-25 23:41:45 0000 ebuild prepared rbu@gentoo.org 2007-10-25 23:55:29 0000 Faster than lightning! Thanks. Arches, please test and mark stable media-gfx/hugin-0.6.1-r1. Target keywords : "amd64 ppc x86" lu_zero@gentoo.org 2007-10-26 01:01:18 0000 ppc stable maekke@gentoo.org 2007-10-26 10:16:52 0000 x86 stable, luca did you forget to commit? readding ppc lu_zero@gentoo.org 2007-10-26 16:58:08 0000 done eventually welp@gentoo.org 2007-11-14 07:03:44 0000 amd64 done, closing py@gentoo.org 2007-11-14 09:04:04 0000 ?? please let security team close security bugs. glsa vote open. I tend to vote YES. rbu@gentoo.org 2007-11-14 17:51:29 0000 Voting YES. py@gentoo.org 2007-11-17 23:48:11 0000 glsa filed. rbu@gentoo.org 2007-11-18 16:22:41 0000 As it seems, our unstable 0.7_beta4 is still vulnerable to this. Can it be removed or updated with a more current SVN snapshot? py@gentoo.org 2007-11-29 22:02:53 0000 (In reply to comment #14) > As it seems, our unstable 0.7_beta4 is still vulnerable to this. Can it be > removed or updated with a more current SVN snapshot? > *ping* maekke@gentoo.org 2007-12-03 16:41:30 0000 (In reply to comment #14) > As it seems, our unstable 0.7_beta4 is still vulnerable to this. Can it be > removed or updated with a more current SVN snapshot? I ported the fix from 0.6 to 0.7 series (just a different line#). rbu@gentoo.org 2007-12-03 16:47:25 0000 Please do not close security bugs. py@gentoo.org 2007-12-05 22:29:11 0000 GLSa 200712-01, sorry for the delay. 133580 2007-10-15 23:19 0000 hugin-0.6.1-optim_file.patch hugin-0.6.1-optim_file.patch text/plain SW5kZXg6IGh1Z2luLTAuNi4xL3NyYy9QYW5vcmFtYS9QVE9wdGltaXNlLmNwcAo9PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 Ci0tLSBodWdpbi0wLjYuMS5vcmlnL3NyYy9QYW5vcmFtYS9QVE9wdGltaXNlLmNwcAorKysgaHVn aW4tMC42LjEvc3JjL1Bhbm9yYW1hL1BUT3B0aW1pc2UuY3BwCkBAIC0zNiw5ICszNiw2IEBACiAj aW5jbHVkZSA8Ym9vc3QvcHJvcGVydHlfbWFwLmhwcD4KICNpbmNsdWRlIDxib29zdC9ncmFwaC9n cmFwaF91dGlsaXR5LmhwcD4KIAotI2RlZmluZSBERUJVR19XUklURV9PUFRJTV9PVVRQVVQKLSNk ZWZpbmUgREVCVUdfV1JJVEVfT1BUSU1fT1VUUFVUX0ZJTEUgImh1Z2luX2RlYnVnX29wdGltX3Jl c3VsdHMudHh0IgotCiB1c2luZyBuYW1lc3BhY2Ugc3RkOwogdXNpbmcgbmFtZXNwYWNlIFBUOwog dXNpbmcgbmFtZXNwYWNlIFBUb29sczsKQEAgLTEzMiwxMyArMTI5LDYgQEAgdm9pZCBQVG9vbHM6 Om9wdGltaXplKFBhbm9yYW1hICYgcGFubywKIAkJCVJ1bkxNT3B0aW1pemVyKCAmb3B0ICk7CiAJ CQlhaW5mLmRhdGEJCT0gb3B0Lm1lc3NhZ2U7CiAgICAgICAgICAgICAvLyBnZXQgcmVzdWx0cyBm cm9tIGFsaWduIGluZm8uCi0jaWZkZWYgREVCVUdfV1JJVEVfT1BUSU1fT1VUUFVUCi0gICAgICAg ICAgICBmdWxsUGF0aCBwYXRoOwotICAgICAgICAgICAgU3RyaW5ndG9GdWxsUGF0aCgmcGF0aCwg REVCVUdfV1JJVEVfT1BUSU1fT1VUUFVUX0ZJTEUgKTsKLQotCQkgICAgYWluZi5kYXRhCQk9IG9w dC5tZXNzYWdlOwotICAgICAgICAgICAgV3JpdGVSZXN1bHRzKCBzY3JpcHQsICZwYXRoLCAmYWlu ZiwgZGlzdFNxdWFyZWQsIDApOwotI2VuZGlmCiAgICAgICAgICAgICBwYW5vLnVwZGF0ZVZhcmlh YmxlcyhHZXRBbGlnbkluZm9WYXJpYWJsZXMoYWluZikgKTsKICAgICAgICAgICAgIHBhbm8udXBk YXRlQ3RybFBvaW50RXJyb3JzKCBHZXRBbGlnbkluZm9DdHJsUG9pbnRzKGFpbmYpICk7CiAJCX0K