| Summary: | <net-misc/mrouted-3.9.5: Multiple vulnerabilities | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Tim Sammut (RETIRED) <underling> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | alexanderyt, jer |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://git.vmlinux.org/mrouted.git/blob/HEAD:/ChangeLog | ||
| Whiteboard: | B3 [glsa] | ||
| Package list: | Runtime testing required: | --- | |
|
Description
Tim Sammut (RETIRED)
2011-03-14 04:28:04 UTC
(Sorry for the spam, ugh!) Looking at the ChangeLog at $URL, I see two things that appear security-related. Fixed in 3.9.3 - Fix =NULL= pointer dereference in conf file parser. Problem will arise for all interfaces that at one point might not have an address. Fixed in 3.9.5 - Ported from pimd after CVE-2011-0007: Insecure file creation in /var/tmp. "On USR1, pimd will write to /var/tmp/pimd.dump a dump of the multicast route table. Since /var/tmp is writable by any user, a user can create a symlink to any file he wants to destroy with the content of the multicast routing table." Stumbled upon this. Arch teams, please test and mark stable: =net-misc/mrouted-3.9.5 Target KEYWORDS="amd64 ppc x86" amd64 ok x86 stable ppc done amd64 done Thanks, everyone. GLSA Vote: Yes. Vote: YES. New GLSA request filed. Can one of our new scouts check if there is a CVE for this and request one if there is none? This issue was resolved and addressed in GLSA 201412-09 at http://security.gentoo.org/glsa/glsa-201412-09.xml by GLSA coordinator Sean Amoss (ackle). |
