Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 245922 (CVE-2008-4983)

Summary: sci-mathematics/scilab <4.1.2-r1: insecure temp file usage (CVE-2008-4983)
Product: Gentoo Security Reporter: Stefan Behte (RETIRED) <craig>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: sci-mathematics
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4983
Whiteboard: B3 [glsa]
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 235770    

Description Stefan Behte (RETIRED) gentoo-dev Security 2008-11-07 02:34:47 UTC
CVE-2008-4983 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4983):
  scilab-bin 4.1.2 allows local users to overwrite arbitrary files via
  a symlink attack on (a) /tmp/SciLink#####1, (b) /tmp/SciLink#####2,
  (c) /tmp/SciLink#####3, (d) /tmp/*.#####, (e) /tmp/*.#####.res, (f)
  /tmp/*.#####.err, and (g) /tmp/*.#####.diff temporary files, related
  to the (1) scilink, (2) scidoc, and (3) scidem scripts.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2008-11-07 02:36:37 UTC
Our in-tree version is vulnerable, I checked it.

DEBIAN: http://bugs.debian.org/496414
FILES: scilink, scidoc, scidem
CODE: http://dev.gentoo.org/~rbu/security/debiantemp/scilab-bin
Comment 2 Markus Dittrich (RETIRED) gentoo-dev 2008-11-07 14:26:08 UTC
Thanks much for the note and I'll take care of this asap.

Best,
Markus
Comment 3 Markus Dittrich (RETIRED) gentoo-dev 2008-11-07 16:00:11 UTC
I've added Debian's patch verbatim to portage since it comes from upstream
and pushed out 4.1.2-r1. We need to stable 4.1.2-r1 on x86 but I suggest 
that we try all arches (x86, amd64, ppc) while we're at it. 
At least amd64 and x86 work fine for me.

Thanks,
Markus
Comment 4 Christian Hoffmann (RETIRED) gentoo-dev 2008-11-07 16:10:54 UTC
Arches, please test and mark stable:
  =sci-mathematics/scilab-4.1.2-r1

Target keywords: x86

Per maintainer request, please also mark stable (not required per security):
  amd64 ppc
Comment 5 Markus Meier gentoo-dev 2008-11-08 13:29:25 UTC
amd64/x86 stable
Comment 6 Tobias Scherbaum (RETIRED) gentoo-dev 2008-11-15 18:40:46 UTC
ppc stable
Comment 7 Stefan Behte (RETIRED) gentoo-dev Security 2008-11-15 18:56:16 UTC
Ready for voting!
Comment 8 Stefan Behte (RETIRED) gentoo-dev Security 2009-01-05 22:56:37 UTC
I vote NO!
Comment 9 Pierre-Yves Rofes (RETIRED) gentoo-dev 2009-01-11 19:02:39 UTC
we've had a ton of temp file issues recently, and we always issued a glsa... so voting yes.
Comment 10 Robert Buchholz (RETIRED) gentoo-dev 2009-01-13 17:29:23 UTC
YES, filed
Comment 11 Pierre-Yves Rofes (RETIRED) gentoo-dev 2009-01-21 22:24:05 UTC
GLSA 200901-14