Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 103776

Summary: net-analyzer/net-snmp: insecure runpath
Product: Gentoo Security Reporter: James Cloos <cloos>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: acs+gentoo, netmon
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 81745    
Attachments:
Description Flags
log of emerge of net-snmp-5.2.1.2 none

Description James Cloos 2005-08-25 17:57:19 UTC 
I got this when upgrading net-snmp:

QA Notice: the following files contain insecure RUNPATH's
 Please file a bug about this at http://bugs.gentoo.org/
 For more information on this issue, kindly review:
 http://bugs.gentoo.org/81745
/media/bay/portage/portage/net-snmp-5.2.1.2/work/net-snmp-5.2.1.2/perl/ASN/../../snmplib/.libs:/usr/lib
usr/lib/perl5/site_perl/5.8.7/i686-linux-thread-multi/auto/NetSNMP/ASN/ASN.so
/media/bay/portage/portage/net-snmp-5.2.1.2/work/net-snmp-5.2.1.2/perl/agent/default_store/../../../snmplib/.libs:/usr/lib
usr/lib/perl5/site_perl/5.8.7/i686-linux-thread-multi/auto/NetSNMP/agent/default_store/default_store.so
/media/bay/portage/portage/net-snmp-5.2.1.2/work/net-snmp-5.2.1.2/perl/agent/../../agent/.libs:/media/bay/portage/portage/net-snmp-5.2.1.2/work/net-snmp-5.2.1.2/perl/agent/../../agent/helpers/.libs:/media/bay/portage/portage/net-snmp-5.2.1.2/work/net-snmp-5.2.1.2/perl/agent/../../snmplib/.libs:/usr/lib
usr/lib/perl5/site_perl/5.8.7/i686-linux-thread-multi/auto/NetSNMP/agent/agent.so
/media/bay/portage/portage/net-snmp-5.2.1.2/work/net-snmp-5.2.1.2/perl/OID/../../snmplib/.libs:/usr/lib
usr/lib/perl5/site_perl/5.8.7/i686-linux-thread-multi/auto/NetSNMP/OID/OID.so
/media/bay/portage/portage/net-snmp-5.2.1.2/work/net-snmp-5.2.1.2/perl/default_store/../../snmplib/.libs:/usr/lib
usr/lib/perl5/site_perl/5.8.7/i686-linux-thread-multi/auto/NetSNMP/default_store/default_store.so
/media/bay/portage/portage/net-snmp-5.2.1.2/work/net-snmp-5.2.1.2/perl/SNMP/../../snmplib/.libs:/usr/lib
usr/lib/perl5/site_perl/5.8.7/i686-linux-thread-multi/auto/SNMP/SNMP.so

full log to be attached.
Comment 1 James Cloos 2005-08-25 17:59:32 UTC 
Created attachment 66893 [details]
log of emerge of net-snmp-5.2.1.2
Comment 2 James Cloos 2005-08-25 18:00:43 UTC 
incidently, the relevant use flags are:

[ebuild    U ] net-analyzer/net-snmp-5.2.1.2 [5.2.1-r1] +X -doc +elf* +ipv6
-lm_sensors -minimal +perl +rpm* (-selinux) +smux* +ssl +tcpd
Comment 3 Thierry Carrez (RETIRED) gentoo-dev 2005-08-28 10:01:56 UTC 
netmon herd, something needs to be fixed here...
Comment 4 Tavis Ormandy (RETIRED) gentoo-dev 2005-09-02 03:21:56 UTC 
something like this should solve it

$ cvs diff
cvs diff: Diffing .
Index: net-snmp-5.2.1.2.ebuild
===================================================================
RCS file: /var/cvsroot/gentoo-x86/net-analyzer/net-snmp/net-snmp-5.2.1.2.ebuild,
v
retrieving revision 1.10
diff -u -w -r1.10 net-snmp-5.2.1.2.ebuild
--- net-snmp-5.2.1.2.ebuild     7 Aug 2005 09:12:46 -0000       1.10
+++ net-snmp-5.2.1.2.ebuild     2 Sep 2005 10:20:45 -0000
@@ -59,6 +59,9 @@
        # bugs 68467 and 68254
        sed -i -e 's;embed_perl="yes",;embed_perl=$enableval,;' configure.in \
                || die "sed configure.in failed"
+       # bug 103776
+       sed -i -e 's/\(@(cd perl ; $(MAKE)\)\() ; \\\)/\1 LD_RUN_PATH=\2/g' \
+               Makefile.in || die "sed Makefile.in failed"
        # fix access violation in make check
        sed -i 's/\(snmpd.*\)-Lf/\1-l/' testing/eval_tools.sh || \
                die "sed eval_tools.sh failed"
cvs diff: Diffing files
Comment 5 Aaron Walker (RETIRED) gentoo-dev 2005-09-02 05:34:20 UTC 
sedfu is now present for each ebuild in cvs.  Thanks Tavis.
Comment 6 Thierry Carrez (RETIRED) gentoo-dev 2005-09-03 02:49:16 UTC 
This allows portage -> user-of-net-snmp privilege escalation.

ka0ttic: We'll need an ebuild revbump so that people with affected net-snmp
things get rebuilt.
Comment 7 Aaron Walker (RETIRED) gentoo-dev 2005-09-03 18:55:51 UTC 
(In reply to comment #6)
> This allows portage -> user-of-net-snmp privilege escalation.
> 
> ka0ttic: We'll need an ebuild revbump so that people with affected net-snmp
> things get rebuilt.

err forgot.  a -r1 is in cvs.
Comment 8 Stefan Cornelius (RETIRED) gentoo-dev 2005-09-04 07:58:12 UTC 
-r1 seems to be stable on all arches, ready for GLSA.
Comment 9 Thierry Carrez (RETIRED) gentoo-dev 2005-09-06 07:06:03 UTC 
GLSA 200509-05
Comment 10 SpanKY gentoo-dev 2006-01-07 19:41:15 UTC 
*** Bug 118245 has been marked as a duplicate of this bug. ***