First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 69147
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Jason Stubbs (RETIRED) <jstubbs@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 69147 depends on: 70282 Show dependency tree
Bug 69147 blocks: 68846

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2004-10-27 08:05 0000 
The first vulnerability is due to a hard-coded of /tmp/dispatch-conf.changes.
On startup this file is safely moved to dispatch-conf.changes.old if it exists,
but a user can create a symlink between that time and when the log is first
written to. Fixed it by making it a config option and disabling it by default.

The second vulnerability is created by dispatch-conf's use of
"dispatch-conf.$(pidof dispath-conf)" for it's temporary files. Fixed this by
safely creating a directory in and doing all work in there instead.

Changes are in CVS and will go out in portage-2.0.51-r3.

------- Comment #1 From Sune Kloppenborg Jeppesen 2004-11-01 14:07:37 0000 ------- 
portage team please provide a patched ebuild.

------- Comment #2 From Sune Kloppenborg Jeppesen 2004-11-05 02:53:22 0000 ------- 
Using this bug for stable marking.

Arches please do not mark stable directly but test as per Nicholas request below.

Snip form Nicholas aka carpaski on bug #69137 :

portage-2.0.51-r3 (dispatch-conf, sandbox, and dohtml-for-python2.2)

Arches please report back bugs/problems/success rather than
directly bumping for your arch.

------- Comment #3 From Jochen Maes (RETIRED) 2004-11-05 04:40:50 0000 ------- 
i'm running and testing for ppc

------- Comment #4 From Gustavo Zacarias (RETIRED) 2004-11-05 07:42:16 0000 ------- 
testing on sparc, so far so good.

------- Comment #5 From Markus Rothe 2004-11-05 12:45:21 0000 ------- 
no problems on ppc64 so far...

Markus

------- Comment #6 From Simon Stelling (RETIRED) 2004-11-05 13:48:45 0000 ------- 
looks good so far on amd64

------- Comment #7 From Bryan Østergaard (RETIRED) 2004-11-05 15:42:40 0000 ------- 
Looks good on alpha.

------- Comment #8 From Sune Kloppenborg Jeppesen 2004-11-07 03:20:52 0000 ------- 
thx carpaski:

[01:43:02] <carpaski> I kicked -r3 into stable.

Removing arches from CC.

------- Comment #9 From Sune Kloppenborg Jeppesen 2004-11-07 04:28:49 0000 ------- 
Hmmm now dispatch-conf starts failing for me (u option).

Jason will you look into this?


dispatch-conf
diff: extra operand `/etc/piwi/Filters/._cfg0000_High'
diff: Try `diff --help' for more information.

>> (1 of 1) -- /etc/piwi/Filters/High severity.flt
>> q quit, h help, n next, e edit-new, z zap-new, u use-new
   m merge, t toggle-merge, l look-merge:
Traceback (most recent call last):
  File "/usr/sbin/dispatch-conf", line 309, in ?
    d.grind (portage.settings ['CONFIG_PROTECT'])
  File "/usr/sbin/dispatch-conf", line 208, in grind
    self.replace(newconf, conf ['current'])
  File "/usr/sbin/dispatch-conf", line 222, in replace
    os.system((DIFF_CONTENTS % (curconf, newconf)) + '>>' + self.config["log-file"])
AttributeError: dispatch instance has no attribute 'config'

------- Comment #10 From Jason Stubbs (RETIRED) 2004-11-07 04:51:19 0000 ------- 
Yep. Found and fixed.

------- Comment #11 From Sune Kloppenborg Jeppesen 2004-11-07 08:10:46 0000 ------- 
Thx for the quick fix, you might wanna bump to r4.

This one is ready for GLSA

------- Comment #12 From Sune Kloppenborg Jeppesen 2004-11-07 10:51:26 0000 ------- 
GLSA 200411-13
First Last Prev Next    No search results available      Search page      Enter new bug