| Summary: | <www-apache/passenger-5.1.2: File overwrite vulnerability in passenger-install-nginx-module | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | graaff, ruby |
| Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://bugzilla.redhat.com/show_bug.cgi?id=1445306 | ||
| Whiteboard: | B4 [noglsa cve] | ||
| Package list: |
www-apache/passenger-5.1.2
|
Runtime testing required: | --- |
We can stable the latest version, passenger 5.1.2, now. amd64 stable x86 stable. Maintainer(s), please cleanup. Security, please vote. Maintainer(s), Thank you for your work. GLSA Vote: No Maintainer(s), please drop the vulnerable version(s). (In reply to Yury German from comment #4) > Maintainer(s), please drop the vulnerable version(s). Done. Thank you all for you work. Closing as [noglsa]. |
From ${URL} : A file overwrite vulnerability was found in passenger caused by a predictable temporary file being written by passenger-install-nginx-module. With access to the system, a user could plant a symlink in /tmp that resulted in a chosen-file overwrite attempt whenever passenger-install-nginx-module was run, using the access rights of the executing user, potentially even with chosen content. Upstream patch: https://github.com/phusion/passenger/commit/e5b4b0824d6b648525b4bf63d9fa37e5beeae441 External References: https://blog.phusion.nl/2017/01/10/passenger-5-1-1/ @maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.