Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 313329 (CVE-2009-1299) - <media-sound/pulseaudio-0.9.22: pa_make_secure_dir() symlink attack (CVE-2009-1299)
Summary: <media-sound/pulseaudio-0.9.22: pa_make_secure_dir() symlink attack (CVE-2009...
Status: RESOLVED FIXED
Alias: CVE-2009-1299
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL: https://bugs.edge.launchpad.net/ubunt...
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-04-06 03:10 UTC by Stefan Behte (RETIRED)
Modified: 2014-02-07 21:03 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Stefan Behte (RETIRED) gentoo-dev Security 2010-04-06 03:10:38 UTC 
CVE-2009-1299 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1299):
  The pa_make_secure_dir function in core-util.c in PulseAudio 0.9.10
  and 0.9.19 allows local users to change the ownership and permissions
  of arbitrary files via a symlink attack on a /tmp/.esd-#####
  temporary file.
Comment 1 Arun Raghavan (RETIRED) gentoo-dev 2011-05-18 04:20:17 UTC 
0.9.19 is no longer in tree. Can we close this or ...?
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2011-05-23 02:49:58 UTC 
(In reply to comment #1)
> 0.9.19 is no longer in tree. Can we close this or ...?

Thanks for the ping, Arun. We are not done however.

I think this was fixed in 0.9.22 via the commit at http://git.0pointer.de/?p=pulseaudio.git;a=commit;h=d3efa43d85ac132c6a5a416a2b6f2115f5d577ee. =media-sound/pulseaudio-0.9.22 is already stable, so this is ready for a vote.

GLSA Vote: yes.
Comment 3 Stefan Behte (RETIRED) gentoo-dev Security 2011-10-08 22:12:30 UTC 
Vote: YES. New GLSA request filed.
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2014-02-07 21:03:13 UTC 
This issue was resolved and addressed in
 GLSA 201402-10 at http://security.gentoo.org/glsa/glsa-201402-10.xml
by GLSA coordinator Mikle Kolyada (Zlogene).