Bug 199841 - net-news/blam < 1.8.4 CWD in LD_LIBRARY_PATH (CVE-2005-4790)
Bug#: 199841 (CVE-2005-4790) Product:  Gentoo Security Version: unspecified Platform: All
OS/Version: Linux Status: RESOLVED Severity: normal Priority: P2
Resolution: FIXED Assigned To: security@gentoo.org Reported By: rbu@gentoo.org
Component: Vulnerabilities
URL: 
Summary: net-news/blam < 1.8.4 CWD in LD_LIBRARY_PATH (CVE-2005-4790)
Keywords:  
Status Whiteboard: B2 [glsa]
Opened: 2007-11-20 23:25 0000
Description:   Opened: 2007-11-20 23:25 0000 
CVE-2005-4790 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-4790):
  Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0
  cause the working directory to be added to LD_LIBRARY_PATH, which might allow
  local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3)
blam.

------- Comment #1 From Robert Buchholz 2007-11-20 23:28:50 0000 ------- 
This bug is for blam.

I'll attach a patch for this, please coordinate the inclusion upstream and
apply in the ebuild.

------- Comment #2 From Robert Buchholz 2007-11-20 23:32:29 0000 ------- 
Created an attachment (id=136557) [details]
blam-CVE-2005-4790-insecure-ldpath.patch

------- Comment #3 From Pierre-Yves Rofes 2007-12-09 00:04:53 0000 ------- 
any news here?

------- Comment #4 From Robert Buchholz 2007-12-19 04:02:16 0000 ------- 
Maintainers, please apply the attached patch. Otherwise we will have to bump
the package ourselves or apply a p.mask.

------- Comment #5 From Robert Buchholz 2008-01-08 01:50:27 0000 ------- 
Created an attachment (id=140433) [details]
blam-CVE-2005-4790-insecure-ldpath.patch

The patch above was a wrong file, sorry.

------- Comment #6 From Robert Buchholz 2008-01-08 02:41:25 0000 ------- 
*blam-1.8.4 (08 Jan 2008)

  08 Jan 2008; Robert Buchholz <rbu@gentoo.org>
  -files/blam-1.6.0-gecko-fix.diff,
  -files/blam-1.6.1-mono-1.1.7-compat.diff,
  -files/blam-1.6.1-mono-1.1.7-compat-v2.diff,
  -files/blam-1.8.2-64-bit-int.diff, -files/blam-1.8.2-mono-1.1.17-fix.diff,
  -files/blam-1.8.2-seamonkey.patch, +blam-1.8.4.ebuild:
  Version bump by security for untrusted search path vulnerability
  (CVE-2005-4790, bug #199841). Cleaning up old patches.

------- Comment #7 From Robert Buchholz 2008-01-08 02:41:57 0000 ------- 
Arches, please test and mark stable net-news/blam-1.8.4.
Target keywords : "amd64 ppc x86"

------- Comment #8 From Robert Buchholz 2008-01-08 02:42:34 0000 ------- 
*** Bug 187283 has been marked as a duplicate of this bug. ***

------- Comment #9 From Christian Faulhammer 2008-01-08 09:27:01 0000 ------- 
x86 stable

------- Comment #10 From Peter Weller 2008-01-11 17:54:13 0000 ------- 
amd64 done.

------- Comment #11 From Tobias Scherbaum 2008-01-11 19:42:13 0000 ------- 
ppc stable

------- Comment #12 From Sune Kloppenborg Jeppesen 2008-01-13 14:04:10 0000 ------- 
GLSA request filed.

------- Comment #13 From Robert Buchholz 2008-01-27 17:10:56 0000 ------- 
GLSA 200801-14.