Nikolaus Schulz has reported a security issue in id3lib, which can be
exploited by malicious, local users to gain escalated privileges.
The security issue is caused due to the "RenderV2ToFile()" function
in src/tag_file.cpp handling temporary files in an insecure manner.
This can be exploited to execute arbitrary commands with escalated
privileges (usually root user).
The security issue is reported in version 3.8.3. Other versions may
also be affected.
CC'ing maintainer and setting whiteboard status.
upstream is not available anymore, so I'm accepting patches.
(In reply to comment #2)
> upstream is not available anymore, so I'm accepting patches.
Fixed in id3lib-3.8.3-r6.
Arches please test and mark stable. Target keywords are:
id3lib-3.8.3-r6.ebuild:KEYWORDS="alpha amd64 arm hppa ia64 mips ppc ppc64 sh sparc x86 ~x86-fbsd"
@drac, I'm not familiar with id3lib but could you elaborate on the reported privilege escalation to root privileges?
(In reply to comment #4)
> @drac, I'm not familiar with id3lib but could you elaborate on the reported
> privilege escalation to root privileges?
See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=438540 for reference.
[21:26] <jaervosz> drac: thx for the reference but I still fail to see why you should gain root privs by that?
[21:27] <drac> jaervosz: users perhaps, but not roots for sure..
[21:28] <drac> jaervosz: perhaps as in dunno how one could manage even that.
[21:28] <jaervosz> drac: thx, wasn't sure wether secunia just messed up something or I was overlooking something very trivial
Stable for HPPA.
ready for glsa decision. I tend to vote YES.
I vote YES too.
ok, let's have a glsa on this one.