66400 2004-10-05 03:17 0000 sys-apps/ed-0.2-r3: mktemp vulnerability 2007-01-23 13:53:22 0000 1 1 1 Unclassified Gentoo Linux Security unspecified All Linux RESOLVED FIXED A3 [glsa] koon P2 normal --- 73858 1 ulm@gentoo.org security@gentoo.org falco@gentoo.org marc.vila@gmail.com ulm@gentoo.org 2004-10-05 03:17:57 0000 ed-0.2 use "mktemp" to create temporary files. This problem is known since almost four years, see for example: http://www.linuxsecurity.com/advisories/redhat_advisory-967.html | The ed executable creates files in /tmp with predictable | names. By using various symlink attacks, it is possible to | have ed write to files it should not, change the permissions | of various files, etc. ulm@gentoo.org 2004-10-05 03:19:16 0000 Created an attachment (id=41133) ed-0.2-mkstemp.patch Patch from LFS. marc.vila@gmail.com 2004-10-05 03:34:09 0000 seems like we install ed by default in gentoo, so this should be fixed. also we don marc.vila@gmail.com 2004-10-05 03:34:09 0000 seems like we install ed by default in gentoo, so this should be fixed. also we donĀ“t apply any kind of patch to fix this in our ed-0.2-r3 ulm@gentoo.org 2004-10-05 04:26:17 0000 Sorry, should of course have been ed-0.2-r3 in the subject. koon@gentoo.org 2004-10-05 04:43:28 0000 Base-system, please comment and/or apply patch. vapier@gentoo.org 2004-10-05 06:00:04 0000 0.2-r4 is in portage, lets make it stable koon@gentoo.org 2004-10-05 06:14:57 0000 Arches, please test and mark sys-apps/ed-0.2-r4 stable : Current KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" Target KEYWORDS="x86 ppc sparc mips alpha arm hppa amd64 ia64 ppc64 s390" kloeri@gentoo.org 2004-10-05 07:45:48 0000 Stable on alpha. tester@gentoo.org 2004-10-05 10:43:22 0000 Stable on x86 gustavoz@gentoo.org 2004-10-05 15:02:20 0000 sparc tasty. vapier@gentoo.org 2004-10-05 15:46:05 0000 arm/hppa/ia64/s390 have been loved sejo@gentoo.org 2004-10-06 01:16:02 0000 stable on ppc eradicator@gentoo.org 2004-10-07 14:45:25 0000 stable amd64 vapier@gentoo.org 2004-10-07 18:45:07 0000 mips stable koon@gentoo.org 2004-10-09 11:20:18 0000 GLSA 200410-07 ppc64 : don't forget to mark stable to benefit from GLSA tgall@gentoo.org 2004-10-09 20:07:02 0000 stable on ppc64, thanks! robbat2@gentoo.org 2004-12-21 17:20:03 0000 security: please see bug #73858. This security fix of yours has broken ed. koon@gentoo.org 2004-12-22 04:23:00 0000 Well, it's not "our fix". vapier applied a patch (originally from LFS) on behalf of the base-system herd. But we can try to help in determining a more appropriate patch. falco@gentoo.org 2007-01-23 13:53:22 0000 *** Bug 163220 has been marked as a duplicate of this bug. *** 41133 2004-10-05 03:19 0000 ed-0.2-mkstemp.patch ed-0.2-mkstemp.patch text/plain U3VibWl0dGVkIEJ5OiBMRlMgQm9vayA8bGZzLWJvb2tAbGludXhmcm9tc2NyYXRjaC5vcmc+CkRh dGU6IDIwMDMtMTAtMDUKSW5pdGlhbCBQYWNrYWdlIFZlcnNpb246IDAuMgpPcmlnaW46IFNsYWNr d2FyZSBTb3VyY2UKRGVzY3JpcHRpb246IFVzZSBta3N0ZW1wIGluc3RlYWQgb2YgbWt0ZW1wLgpk aWZmIC1OYXVyIGVkLTAuMi9idWYuYyBlZC0wLjItMi9idWYuYwotLS0gZWQtMC4yL2J1Zi5jCVNh dCBOb3YgMTkgMDQ6Mzc6NTkgMTk5NAorKysgZWQtMC4yLTIvYnVmLmMJVHVlIE1heSAyOCAxODoz ODoyMyAyMDAyCkBAIC0yMDAsMTMgKzIwMCwxMyBAQAogaW50CiBvcGVuX3NidWYgKCkKIHsKLSAg Y2hhciAqbWt0ZW1wICgpOwotICBpbnQgdTsKKyAgaW50IHUsIHNmZDsKIAogICBpc2JpbmFyeSA9 IG5ld2xpbmVfYWRkZWQgPSAwOwogICB1ID0gdW1hc2soMDc3KTsKICAgc3RyY3B5IChzZm4sICIv dG1wL2VkLlhYWFhYWCIpOwotICBpZiAobWt0ZW1wIChzZm4pID09IE5VTEwgfHwgKHNmcCA9IGZv cGVuIChzZm4sICJ3KyIpKSA9PSBOVUxMKQorICBzZmQgPSBta3N0ZW1wKHNmbik7CisgICAgaWYg KChzZmQgPT0gLTEpIHx8IChzZnAgPSBmb3BlbiAoc2ZuLCAidysiKSkgPT0gTlVMTCkKICAgICB7 CiAgICAgICBmcHJpbnRmIChzdGRlcnIsICIlczogJXNcbiIsIHNmbiwgc3RyZXJyb3IgKGVycm5v KSk7CiAgICAgICBzcHJpbnRmIChlcnJtc2csICJDYW5ub3Qgb3BlbiB0ZW1wIGZpbGUiKTsK