Bug 605008 (CVE-2016-1247)

Summary:	<www-servers/nginx-{1.10.2-r3,1.11.6-r1}: root privilege escalation (CVE-2016-1247)
Product:	Gentoo Security	Reporter:	Thomas Deutschmann (RETIRED) <whissi>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	major	CC:	bugs, dev-zero, jer, whissi
Priority:	Normal	Flags:	stable-bot: sanity-check+
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	https://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html
Whiteboard:	B1 [glsa cve]
Package list:	=www-servers/nginx-1.10.2-r3	Runtime testing required:	---

Description Thomas Deutschmann (RETIRED) gentoo-dev

2017-01-07 23:24:29 UTC

It was discovered that the default installation of www-servers/nginx on
Gentoo sets similar problematic permissions like Debian on "/var/log/nginx"
and is therefore vulnerable to the same potentially root privilege
escalation described in CVE-2016-1247 [1].

[1] https://legalhackers.com/advisories/Nginx-Exploit-Deb-Root-PrivEsc-CVE-2016-1247.html

Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev

2017-01-07 23:34:51 UTC

Fixed ebuilds are now in repository, https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7e9a4ebc9ca7bb35814cacf85c9a28cdab6fdf9f


@ Arches,

please test and mark stable: =www-servers/nginx-1.10.2-r3

Comment 2 Agostino Sarubbo gentoo-dev

2017-01-10 14:57:06 UTC

amd64 stable

Comment 3 Agostino Sarubbo gentoo-dev

2017-01-10 15:27:09 UTC

x86 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.

Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev

2017-01-10 15:36:05 UTC

Cleaned up via 688c54e5f570cfe816f69f5452817a320427474a

New GLSA request filed.

Comment 5 GLSAMaker/CVETool Bot gentoo-dev

2017-01-11 12:22:21 UTC

This issue was resolved and addressed in
 GLSA 201701-22 at https://security.gentoo.org/glsa/201701-22
by GLSA coordinator Aaron Bauman (b-man).