Summary: | <app-forensics/aide-0.17.4: heap buffer overflow allows root privilege escalation | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | maintainer-needed, sam |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.openwall.com/lists/oss-security/2022/01/20/3 | ||
Whiteboard: | B1 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 771924, 835523 | ||
Bug Blocks: |
Description
John Helmert III
2022-01-21 01:58:02 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=06cefe1606470b4b93e12aef21b1e9733c7e55c9 commit 06cefe1606470b4b93e12aef21b1e9733c7e55c9 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-03-11 11:00:35 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-03-11 11:01:01 +0000 app-forensics/aide: add 0.17.4 Closes: https://bugs.gentoo.org/771924 Bug: https://bugs.gentoo.org/829268 Bug: https://bugs.gentoo.org/831658 Signed-off-by: Sam James <sam@gentoo.org> app-forensics/aide/Manifest | 1 + app-forensics/aide/aide-0.17.4.ebuild | 103 +++++++++++++++++++++ app-forensics/aide/files/aide-0.17.4-bashism.patch | 58 ++++++++++++ 3 files changed, 162 insertions(+) Please cleanup. commit 543ee0f51eaf868f071970d49db6611643de7292 Author: Sam James <sam@gentoo.org> Date: Sun Apr 17 19:39:47 2022 +0100 app-forensics/aide: drop 0.16.2_p20200614 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=f97b11254c2a162a6078c78cf6112e3d8844d792 commit f97b11254c2a162a6078c78cf6112e3d8844d792 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-11-25 08:24:47 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2023-11-25 08:25:21 +0000 [ GLSA 202311-07 ] AIDE: Root Privilege Escalation Bug: https://bugs.gentoo.org/831658 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202311-07.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) |