Summary: | <app-accessibility/flite-{-1.2-r2 ,1.3-r1}: temporary file issue (CVE-2014-0027) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | accessibility, sound |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2014/01/09/5 | ||
Whiteboard: | B4 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 510260, 510324 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2014-01-13 17:35:17 UTC
Applied. Bumped to 1.2-r2, 1.3-r1, and 1.4-r3. 1.2-r1 and 1.3 were stable. I wanted to dump the 1.2 series, but it seems there may be issues with 1.3 and 1.4 on ppc. Sorry for taking so long. Related stable requests: 510260, 510324. Two separate stable requests: app-accessibility/flite-1.2-r2 stable request = 510324 app-accessibility/flite-1.3-r1 = 510260 In the future it might be simpler if we just call for stabilization as part of the security request. CVE-2014-0027 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0027): The play_wave_from_socket function in audio/auserver.c in Flite 1.4 allows local users to modify arbitrary files via a symlink attack on /tmp/awb.wav. NOTE: some of these details are obtained from third party information. I removed all the old versions of flite from the tree. There's no longer a reason to keep them around, since the 1.4 series is stable. So this can be closed I think. Arches and Maintainer(s), Thank you for your work. Security Please Vote. First Vote: No GLSA Vote: No |