Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 177512

Summary: www-client/elinks Untrusted search path (CVE-2007-2027)
Product: Gentoo Security Reporter: Sune Kloppenborg Jeppesen (RETIRED) <jaervosz>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: andrei.ivanov, spock
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2027
Whiteboard: B2 [glsa] jaervosz
Package list:
Runtime testing required: ---

Description Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-05-07 16:13:22 UTC
Untrusted search path vulnerability in the add_filename_to_string function in intl/gettext/loadmsgcat.c for Elinks 0.11.1 adds "../po" to the search path for .po files, which might allow local users to cause Elinks to use an untrusted gettext message catalog, which can be leveraged to conduct format string attacks.
Comment 1 Jakub Moc (RETIRED) gentoo-dev 2007-05-09 11:48:02 UTC
*** Bug 177777 has been marked as a duplicate of this bug. ***
Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-05-19 22:41:17 UTC
spock please advise.
Comment 3 Michal Januszewski (RETIRED) gentoo-dev 2007-05-21 17:24:02 UTC
This is now fixed in CVS thanks to a patch pulled from the elinks GIT tree.
Comment 4 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-05-21 18:30:57 UTC
Thx Micheal. 

Could you make a revbump of the latest stable so users can use glsa-check to upgrade and arches have a chance to test?
Comment 5 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-05-21 18:46:15 UTC
Woops didn't mean to CC arches already. Sorry for the noise.
Comment 6 Michal Januszewski (RETIRED) gentoo-dev 2007-05-21 21:00:09 UTC
Done, 0.11.2-r1 is in CVS now.
Comment 7 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-05-31 09:44:03 UTC
Jaervosz, seems it's ok for calling arches this time :)
Comment 8 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2007-06-01 05:54:27 UTC
Thx for the reminder:-)

Arches please test and mark stable. Target keywords are:

elinks-0.11.2-r1.ebuild:KEYWORDS="alpha amd64 hppa mips ppc ppc64 sparc x86 ~x86-fbsd"
Comment 9 Raúl Porcel (RETIRED) gentoo-dev 2007-06-01 12:36:08 UTC
alpha/x86 stable
Comment 10 Peter Weller (RETIRED) gentoo-dev 2007-06-01 12:45:43 UTC
amd64 done
Comment 11 Gustavo Zacarias (RETIRED) gentoo-dev 2007-06-01 13:27:11 UTC
sparc stable.
Comment 12 Brent Baude (RETIRED) gentoo-dev 2007-06-01 14:49:42 UTC
ppc64 stable
Comment 13 Jeroen Roovers (RETIRED) gentoo-dev 2007-06-01 16:12:19 UTC
Stable for HPPA.
Comment 14 René Nussbaumer (RETIRED) gentoo-dev 2007-06-02 20:09:19 UTC
stable on ppc
Comment 15 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-06-07 21:30:56 UTC
GLS 200706-03, thanks everybody!

mips don't forget to mark stable to befenit from the glsa
Comment 16 Joshua Kinard gentoo-dev 2007-06-28 06:22:11 UTC
mips stable.