Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 474018 (CVE-2013-2208)

Summary: <app-office/tpp-1.3.1-r2 : Possibility of arbitrary code execution when processing untrusted TPP template (CVE-2013-2208)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: ruby
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugzilla.redhat.com/show_bug.cgi?id=976684
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description Agostino Sarubbo gentoo-dev 2013-06-21 09:16:51 UTC
From ${URL} :

A security flaw was found in the way tpp, a ncurses-based presentation tool, processed TPP templates containing --exec clause (input provided as an 
argument of the --exec clause would be immediately executed without requesting a second confirmation from the user). A remote attacker could provide 
a specially-crafted text presentation program (TPP) template that, when processed with the tpp binary would lead to arbitrary code execution with the 
privileges of the user running the tpp executable.

References:
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706644

Relevant patch from Debian distribution (adds requirement
the user to explicitly confirm code execution is desired):
[2] http://patch-tracker.debian.org/patch/series/view/tpp/1.3.1-3/15-optional-exec.patch


@maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
Comment 1 Matthew Thode ( prometheanfire ) archtester Gentoo Infrastructure gentoo-dev Security 2013-06-21 14:28:06 UTC
app-office/tpp-1.3.1-r2 has the fix.
app-office/tpp-1.3.1-r1 still in the tree (as it is stable).

Arches, please mark app-office/tpp-1.3.1-r2 as stable for PPC/X86 so we may remove app-office/tpp-1.3.1-r1 from the tree.
Comment 2 Agostino Sarubbo gentoo-dev 2013-06-24 16:52:09 UTC
ppc stable
Comment 3 Andreas Schürch gentoo-dev 2013-06-26 08:35:22 UTC
x86 stable, thanks.
Comment 4 Matthew Thode ( prometheanfire ) archtester Gentoo Infrastructure gentoo-dev Security 2013-06-26 14:57:34 UTC
Badness removed from tree, waiting for glsamaker access to create glsa and close.
Comment 5 Matthew Thode ( prometheanfire ) archtester Gentoo Infrastructure gentoo-dev Security 2013-06-30 23:01:13 UTC
still not glsamaker access to finish this out :(
Comment 6 Chris Reffett gentoo-dev Security 2013-08-23 15:06:54 UTC
GLSA request filed.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2013-09-25 17:25:37 UTC
This issue was resolved and addressed in
 GLSA 201309-19 at http://security.gentoo.org/glsa/glsa-201309-19.xml
by GLSA coordinator Chris Reffett (creffett).
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2013-11-05 02:40:03 UTC
CVE-2013-2208 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2208):
  tpp 1.3.1 allows remote attackers to execute arbitrary commands via a --exec
  command in a TPP template file.