First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 192373
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Wulf Krueger (RETIRED) <philantrop@gentoo.org>
Add CC:
CC:
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 192373 depends on: Show dependency tree
Bug 192373 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2007-09-12 23:52 0000 
From the advisory which will be released soon:

"KDM might allow a normal user to login as another user or even root without
properly supplying login credentials."

Upstream explicitly requested not to release this to the general public yet
which is why I restrict this bug to devs-only for now. Upstream provided a
patch which is already in the following package revisions which should be
stabilised ASAP:

kde-base/kdebase-3.5.7-r4
kde-base/kdm-3.5.7-r2

------- Comment #1 From Robert Buchholz 2007-09-13 09:42:48 0000 ------- 
Category "Gentoo Linux->Security" is deprecated.

------- Comment #2 From Sune Kloppenborg Jeppesen 2007-09-13 09:49:33 0000 ------- 
Cleaning up

------- Comment #3 From Sune Kloppenborg Jeppesen 2007-09-13 09:55:45 0000 ------- 
Wulf unfortunately this bug was public for a few moments (when moving it to the
correct Bugzilla Product caused access restrictions to be removed). Will you
please contact upstream and dicuss how to proceed?

I'll call arch security liaisons in a moment as arch aliases don't work on
security bugs.

------- Comment #4 From Sune Kloppenborg Jeppesen 2007-09-13 09:59:34 0000 ------- 
Arch security liaisons please test and mark stable.

------- Comment #5 From Sune Kloppenborg Jeppesen 2007-09-13 10:01:34 0000 ------- 
rbu please don't unrestrict again :)

------- Comment #6 From Raúl Porcel 2007-09-13 15:16:16 0000 ------- 
alpha/ia64/x86 stable

------- Comment #7 From Markus Rothe 2007-09-13 20:16:32 0000 ------- 
ppc64 stable

------- Comment #8 From Wulf Krueger (RETIRED) 2007-09-13 20:34:10 0000 ------- 
(In reply to comment #3)
> Wulf unfortunately this bug was public for a few moments (when moving it to the
> correct Bugzilla Product caused access restrictions to be removed). Will you
> please contact upstream and dicuss how to proceed?

The problem itself is fixed in Gentoo, this bug is restricted again - that's
what's important. The KDE advisory about this problem will be published on
September, 19th so just keeping this restricted (and stabilising the new revs)
until then is sufficient.

------- Comment #9 From Wulf Krueger (RETIRED) 2007-09-14 21:37:54 0000 ------- 
Marked stable on amd64.

------- Comment #10 From solar 2007-09-20 15:36:22 0000 ------- 
This is public now.

------- Comment #11 From Tobias Scherbaum 2007-09-20 16:40:29 0000 ------- 
ppc done

------- Comment #12 From Robert Buchholz 2007-09-20 17:02:20 0000 ------- 
adding the sparc alias (last remaining arc)

------- Comment #13 From Sune Kloppenborg Jeppesen 2007-09-25 20:49:27 0000 ------- 
Rerating since I don't think we're vulnerable in the default configuration.

KDM can be tricked into performing a password-less login even for accounts with
a password set under certain circumstances. It requires autologin to be
configured and "shutdown with password" enabled.

------- Comment #14 From Tiago Cunha 2007-09-26 03:57:40 0000 ------- 
kde-base/kdebase-3.5.7-r4  USE="branding hal opengl pam -arts -cups -debug
-ieee1394 (-java) -kdeenablefinal (-kdehiddenvisibility) -ldap (-lm_sensors)
-logitech-mouse -openexr -samba -xcomposite -xinerama -xscreensaver"

1. Emerges on SPARC.
2. No collisions.
3. Test phase ok.

kde-base/kdm-3.5.7-r2  USE="pam -arts -debug -kdeenablefinal
(-kdehiddenvisibility) -xinerama"

1. Emerges on SPARC.
2. No collisions.
3. Test phase ok.
4. Works.

Portage 2.1.3.9 (default-linux/sparc/sparc64/2007.0, gcc-4.1.2, glibc-2.5-r4,
2.6.22-gentoo-r5 sparc64)
=================================================================
System uname: 2.6.22-gentoo-r5 sparc64 sun4u
Timestamp of tree: Sat, 22 Sep 2007 08:20:01 +0000
app-shells/bash:     3.2_p17
dev-lang/python:     2.4.4-r4
dev-python/pycrypto: 2.0.1-r6
sys-apps/baselayout: 1.12.9-r2
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.61-r1
sys-devel/automake:  1.7.9-r1, 1.9.6-r2, 1.10
sys-devel/binutils:  2.17
sys-devel/gcc-config: 1.3.16
sys-devel/libtool:   1.5.24
virtual/os-headers:  2.6.21
ACCEPT_KEYWORDS="sparc"
CBUILD="sparc-unknown-linux-gnu"
CFLAGS="-O2 -mcpu=ultrasparc -pipe"
CHOST="sparc-unknown-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config
/usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config"
CONFIG_PROTECT_MASK="/etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/init.d
/etc/pam.d /etc/revdep-rebuild /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-O2 -mcpu=ultrasparc -pipe"
DISTDIR="/usr/portage/distfiles"
EMERGE_DEFAULT_OPTS="-k"
FEATURES="ccache collision-protect distlocks metadata-transfer parallel-fetch
sandbox sfperms strict test unmerge-orphans userfetch userpriv usersandbox"
GENTOO_MIRRORS="ftp://mirrors1.netvisao.pt/gentoo
http://darkstar.ist.utl.pt/pub/gentoo http://distfiles.gentoo.org
http://www.ibiblio.org/pub/Linux/distributions/gentoo"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress
--force --whole-file --delete --delete-after --stats --timeout=180
--exclude=/distfiles --exclude=/local --exclude=/packages
--filter=H_**/files/digest-*"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage"
USE="X acl bash-completion bitmap-fonts branding bzip2 cli cracklib crypt dbus
dri fortran gdbm gif gnome gtk hal iconv ipv6 isdnlog jpeg midi mudflap ncurses
nptl nptlonly offensive opengl openmp pam pcre perl png postgres ppds pppd
python readline reflection session sparc spl ssl svg tcpd test tiff truetype
truetype-fonts type1-fonts xml xorg xv zlib" ALSA_PCM_PLUGINS="adpcm alaw asym
copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat
linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc"
INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz
cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" USERLAND="GNU"
VIDEO_CARDS="sunffb"
Unset:  CTARGET, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS,
PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS,
PORTDIR_OVERLAY

------- Comment #15 From Raúl Porcel 2007-09-26 10:40:08 0000 ------- 
sparc stable, thanks Tiago

Removing all liaisons as well, since this is public

------- Comment #16 From Pierre-Yves Rofes 2007-10-15 05:10:47 0000 ------- 
GLSA 200710-15
First Last Prev Next    No search results available      Search page      Enter new bug