Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 636388 (CVE-2016-1243, CVE-2016-1244) - <app-arch/unadf-0.7.12-r1: Remote code execution vulnerability
Summary: <app-arch/unadf-0.7.12-r1: Remote code execution vulnerability
Status: RESOLVED FIXED
Alias: CVE-2016-1243, CVE-2016-1244
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2017-11-03 15:03 UTC by GLSAMaker/CVETool Bot
Modified: 2018-05-15 14:25 UTC (History)
1 user (show)

See Also:
Package list:
app-arch/unadf-0.7.12-r1
Runtime testing required: No
stable-bot: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2017-11-03 15:03:13 UTC 
CVE-2016-1244 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1244):
  The extractTree function in unADF allows remote attackers to execute
  arbitrary code via shell metacharacters in a directory name in an adf file.

CVE-2016-1243 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1243):
  Stack-based buffer overflow in the extractTree function in unADF allows
  remote attackers to execute arbitrary code via a long pathname.
Comment 1 Christopher Díaz Riveros (RETIRED) gentoo-dev Security 2017-11-03 15:04:03 UTC 
@Maintainers please call for stabilization when ready.

Thank you
Comment 2 Larry the Git Cow gentoo-dev 2017-12-29 13:17:00 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=634759896cca38f227b01c715f190ee3dc6741ca

commit 634759896cca38f227b01c715f190ee3dc6741ca
Author:     David Seifert <soap@gentoo.org>
AuthorDate: 2017-12-29 12:54:56 +0000
Commit:     David Seifert <soap@gentoo.org>
CommitDate: 2017-12-29 13:16:45 +0000

    app-arch/unadf: Add patches for CVE-2016-1243 and CVE-2016-1244
    
    Bug: https://bugs.gentoo.org/636388
    Package-Manager: Portage-2.3.19, Repoman-2.3.6

 .../unadf-0.7.12-CVE-2016-1243_CVE-2016-1244.patch | 146 +++++++++++++++++++++
 ...{unadf-0.7.12.ebuild => unadf-0.7.12-r1.ebuild} |   1 +
 2 files changed, 147 insertions(+)}
Comment 3 Agostino Sarubbo gentoo-dev 2017-12-29 14:45:44 UTC 
amd64 stable
Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev 2017-12-29 17:49:30 UTC 
x86 stable
Comment 5 Aaron Bauman (RETIRED) gentoo-dev 2018-01-25 21:01:23 UTC 
@hppa, ping.
Comment 6 Sergei Trofimovich (RETIRED) gentoo-dev 2018-03-06 20:08:20 UTC 
ppc stable
Comment 7 Matt Turner gentoo-dev 2018-04-22 19:17:46 UTC 
hppa stable
Comment 8 Aaron Bauman (RETIRED) gentoo-dev 2018-04-22 20:59:09 UTC 
GLSA request filed.

@maintainer, please clean the vulnerable versions.
Comment 9 GLSAMaker/CVETool Bot gentoo-dev 2018-04-22 23:51:49 UTC 
This issue was resolved and addressed in
 GLSA 201804-20 at https://security.gentoo.org/glsa/201804-20
by GLSA coordinator Aaron Bauman (b-man).
Comment 10 Aaron Bauman (RETIRED) gentoo-dev 2018-04-22 23:53:51 UTC 
re-opened for cleanup
Comment 11 Larry the Git Cow gentoo-dev 2018-05-15 14:24:35 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3a8db2993955f4d89490f42094566cd0847151f4

commit 3a8db2993955f4d89490f42094566cd0847151f4
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: 2018-05-14 22:35:14 +0000
Commit:     Aaron Bauman <bman@gentoo.org>
CommitDate: 2018-05-15 14:24:16 +0000

    app-arch/unadf: drop vulnerable
    
    Bug: https://bugs.gentoo.org/636388
    Package-Manager: Portage-2.3.36, Repoman-2.3.9
    Closes: https://github.com/gentoo/gentoo/pull/8406

 app-arch/unadf/Manifest            |  1 -
 app-arch/unadf/unadf-0.7.9b.ebuild | 41 --------------------------------------
 2 files changed, 42 deletions(-)