Summary: | <app-arch/cpio-2.11-r2: directory traversal through symlinks (CVE-2015-1197) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | base-system |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1179773 | ||
Whiteboard: | B4 [glsa glsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 530512 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2015-01-08 10:37:56 UTC
+*cpio-2.11-r2 (09 Jan 2015) + + 09 Jan 2015; Tony Vroon <chainsaw@gentoo.org> +cpio-2.11-r2.ebuild, + +files/cpio-2.11-security.patch: + Scavenge upstream bug fixes for heap-based buffer overflow and directory + traversal through symlinks. For security bugs #530512 and #536010. Suggest stabilisation is handled in bug #530512. This issue was resolved and addressed in GLSA 201502-11 at http://security.gentoo.org/glsa/glsa-201502-11.xml by GLSA coordinator Kristian Fiskerstrand (K_F). CVE-2015-1197 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1197): cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive. cpio-2.11-security.patch was dropped with 2.12 bump [1]. And upstream fixed this security issue in 2.13 [2] (currently pmasked). Should this bug be reopened? [1] https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=65dd197d2dbddb0c95bbdde6097f5cce748c1fb9 [2] https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=45b0ee2b407913c533f7ded8d6f8cbeec16ff6ca |