Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 200623 (CVE-2007-6183)

Summary: dev-ruby/ruby-gtk2 <0.16.0-r2 "Gtk::MessageDialog.new()" Format String Vulnerability (CVE-2007-6183)
Product: Gentoo Security Reporter: Lars Hartmann <lars>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: ruby
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://secunia.com/advisories/27825/
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---
Attachments:
Description Flags
patch none

Description Lars Hartmann 2007-11-28 11:12:52 UTC
Chris Rohlf has reported a vulnerability in Ruby-GNOME2, which can potentially be exploited by malicious people to compromise an application using the library.

The vulnerability is caused due to a format string error within the "Gtk::MessageDialog.new()" method in gtk/src/rbgtkmessagedialog.c and can potentially be exploited to execute arbitrary code when a specially crafted string is passed to the affected function.

NOTE: Exploitation and impact of this vulnerability depend on how an application uses the affected function of the vulnerable library.

The vulnerability is reported in version 0.16.0. Other versions may also be affected.

Solution:
Fixed in the SVN repository.
http://ruby-gnome2.svn.sourceforge.ne...uby-gnome2?view=rev&revision=2720

Provided and/or discovered by:
Chris Rohlf

Original Advisory:
http://em386.blogspot.com/2007/11/your-favorite-better-than-c-scripting.html

Reproducible: Always
Comment 1 Lars Hartmann 2007-11-28 11:15:23 UTC
lets wait for upstream to provide a fixed release
Comment 2 Lars Hartmann 2007-11-28 12:05:01 UTC
Created attachment 137213 [details, diff]
patch
Comment 3 Lars Hartmann 2007-11-28 12:05:44 UTC
maintainers - please advice and include that patch if possible
Comment 4 Hans de Graaff gentoo-dev 2007-11-28 20:05:28 UTC
We have split up the Ruby-Gnome2 stuff into several packages. The specific code is part of dev-ruby/ruby-gtk2-0.16-r1 and older releases.

I have just added dev-ruby/ruby-gtk2-0.16-r2 to CVS which contains the patch that Lars appended. @Lars: thanks for digging it up and appending it.

Comment 5 Robert Buchholz (RETIRED) gentoo-dev 2007-11-29 00:03:42 UTC
Please ping if you think it's ready for stabling.
Comment 6 Lars Hartmann 2007-11-29 07:28:56 UTC
arches - please test this ebuild and mark it stable as necessary

target Package: dev-ruby/ruby-gtk-0.16-r2
target Arches: x86,ppc,sparc,amd64,alpha,ppc64,hppa
Comment 7 Christian Faulhammer (RETIRED) gentoo-dev 2007-11-29 08:35:19 UTC
x86 stable
Comment 8 Lars Hartmann 2007-11-29 09:34:50 UTC
I removed the arches that lacked a testing/stable version from the list:

target Package: dev-ruby/ruby-gtk-0.16-r2
target Arches: x86(done) ppc,sparc,amd64,alpha
Comment 9 Steve Dibb (RETIRED) gentoo-dev 2007-11-30 20:10:15 UTC
amd64 stable
Comment 10 Tobias Scherbaum (RETIRED) gentoo-dev 2007-12-02 15:38:59 UTC
ppc stable
Comment 11 Raúl Porcel (RETIRED) gentoo-dev 2007-12-04 17:34:03 UTC
alpha/ia64/sparc stable and is not keyworded on mips, ready for glsa
Comment 12 Robert Buchholz (RETIRED) gentoo-dev 2007-12-04 18:01:05 UTC
filed.
Comment 13 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-12-09 22:16:20 UTC
GLSa 200712-09
Comment 14 Peter Volkov (RETIRED) gentoo-dev 2008-03-06 09:52:19 UTC
Does not affect current (2008.0) release. Removing release.