"CVE-2020-14367: Insecure writing of pidfile ------------------------------------------- When chronyd is configured to save the pidfile in a directory where the chrony user has write permissions (e.g. /var/run/chrony - the default since chrony-3.4), an attacker that compromised the chrony user account could create a symbolic link at the location of the pidfile to make chronyd starting with root privileges follow the symlink and write its process ID to a file for which the chrony user doesn't have write permissions, causing a denial of service, or data loss. This issue was reported by Matthias Gerstner of SUSE." Fixed in 3.5.1.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=151b33bc43ba47d284b0aa711abd7e3b62f31ea4 commit 151b33bc43ba47d284b0aa711abd7e3b62f31ea4 Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2020-08-20 07:31:33 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2020-08-20 07:31:53 +0000 net-misc/chrony: Version 3.5.1 Package-Manager: Portage-3.0.4, Repoman-3.0.1 Bug: https://bugs.gentoo.org/738154 Signed-off-by: Jeroen Roovers <jer@gentoo.org> net-misc/chrony/Manifest | 1 + net-misc/chrony/chrony-3.5.1.ebuild | 172 ++++++++++++++++++++++++++++++++++++ 2 files changed, 173 insertions(+)
Thanks. Tell us when ready to stable.
Any objections to stabling, or we will go ahead?
Unable to check for sanity: > no match for package: net-misc/chrony-3.5.1
x86 stable
amd64 done
This issue was resolved and addressed in GLSA 202008-23 at https://security.gentoo.org/glsa/202008-23 by GLSA coordinator Sam James (sam_c).
Reopening for stable.
ppc64 done
arm done
sparc done
ppc done
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0e1caaf3bc2225e4703cd9c66adf90ba3882836e commit 0e1caaf3bc2225e4703cd9c66adf90ba3882836e Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2020-09-02 15:30:10 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2020-09-02 15:51:37 +0000 net-misc/chrony: Old Package-Manager: Portage-3.0.5, Repoman-3.0.1 Bug: https://bugs.gentoo.org/738154 Signed-off-by: Jeroen Roovers <jer@gentoo.org> net-misc/chrony/Manifest | 1 - net-misc/chrony/chrony-3.5-r2.ebuild | 127 --------------- net-misc/chrony/chrony-3.5-r4.ebuild | 172 --------------------- .../chrony/files/chrony-3.5-systemd-gentoo.patch | 12 -- net-misc/chrony/metadata.xml | 1 - 5 files changed, 313 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=356b6432ed5d3ea159b68b5b6060cd9f9b843b12 commit 356b6432ed5d3ea159b68b5b6060cd9f9b843b12 Author: Jeroen Roovers <jer@gentoo.org> AuthorDate: 2020-09-02 15:26:17 +0000 Commit: Jeroen Roovers <jer@gentoo.org> CommitDate: 2020-09-02 15:51:36 +0000 net-misc/chrony: Stable for HPPA Package-Manager: Portage-3.0.5, Repoman-3.0.1 Bug: https://bugs.gentoo.org/738154 Signed-off-by: Jeroen Roovers <jer@gentoo.org> net-misc/chrony/chrony-3.5.1-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
HPPA was last arch. Please cleanup.
(In reply to John Helmert III (ajak) from comment #14) > HPPA was last arch. Please cleanup. Whoops, cleanup already done, sorry about that. All done.