Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 687900 (CVE-2019-12749) - <sys-apps/dbus-1.12.16: authentication bypass through manipulated symlinks (CVE-2019-12749)
Summary: <sys-apps/dbus-1.12.16: authentication bypass through manipulated symlinks (C...
Status: RESOLVED FIXED
Alias: CVE-2019-12749
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: A1 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2019-06-12 07:28 UTC by Lars Wendler (Polynomial-C)
Modified: 2019-09-08 17:47 UTC (History)
1 user (show)

See Also:
Package list:
sys-apps/dbus-1.12.16
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Lars Wendler (Polynomial-C) gentoo-dev 2019-06-12 07:28:33 UTC
dbus 1.12.16 (2019-06-11)
=========================

The “tree cat” release.

Security fixes:

• CVE-2019-12749: Do not attempt to carry out DBUS_COOKIE_SHA1
  authentication for identities that differ from the user running the
  DBusServer. Previously, a local attacker could manipulate symbolic
  links in their own home directory to bypass authentication and connect
  to a DBusServer with elevated privileges. The standard system and
  session dbus-daemons in their default configuration were immune to this
  attack because they did not allow DBUS_COOKIE_SHA1, but third-party
  users of DBusServer such as Upstart could be vulnerable.
  Thanks to Joe Vennix of Apple Information Security.
  (dbus#269, Simon McVittie)
Comment 1 Larry the Git Cow gentoo-dev 2019-06-12 07:30:20 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3f9ebc0d9df37658801b5f733f6865d7d49cebab

commit 3f9ebc0d9df37658801b5f733f6865d7d49cebab
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2019-06-12 07:29:39 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2019-06-12 07:30:13 +0000

    sys-apps/dbus: Security bump to version 1.12.16
    
    Bug: https://bugs.gentoo.org/687900
    Package-Manager: Portage-2.3.67, Repoman-2.3.14
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 sys-apps/dbus/Manifest            |   1 +
 sys-apps/dbus/dbus-1.12.16.ebuild | 286 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 287 insertions(+)
Comment 2 Lars Wendler (Polynomial-C) gentoo-dev 2019-06-21 08:58:08 UTC
Arches, please stabilize...
Comment 3 Rolf Eike Beer 2019-06-23 10:31:20 UTC
sparc stable
Comment 4 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2019-06-23 12:11:45 UTC
amd64 stable
Comment 5 Rolf Eike Beer 2019-06-23 20:01:37 UTC
hppa stable
Comment 6 Agostino Sarubbo gentoo-dev 2019-06-26 06:50:54 UTC
x86 stable
Comment 7 Agostino Sarubbo gentoo-dev 2019-06-26 10:28:40 UTC
s390 stable
Comment 8 Sergei Trofimovich gentoo-dev 2019-06-27 07:37:29 UTC
ia64 stable
Comment 9 Sergei Trofimovich gentoo-dev 2019-06-27 07:39:10 UTC
ppc stable
Comment 10 Sergei Trofimovich gentoo-dev 2019-06-27 07:40:44 UTC
ppc64 stable
Comment 11 Agostino Sarubbo gentoo-dev 2019-06-27 09:20:42 UTC
alpha stable
Comment 12 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2019-07-22 02:19:07 UTC
arm64 stable
Comment 13 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2019-07-28 10:48:02 UTC
sh stable
Comment 14 Mikle Kolyada archtester Gentoo Infrastructure gentoo-dev Security 2019-07-28 10:51:59 UTC
arm stable
Comment 15 Larry the Git Cow gentoo-dev 2019-07-28 11:24:18 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=833afb297c0c28a7c8110ceb1c8d380e46700661

commit 833afb297c0c28a7c8110ceb1c8d380e46700661
Author:     Andreas Sturmlechner <asturm@gentoo.org>
AuthorDate: 2019-07-28 11:22:37 +0000
Commit:     Andreas Sturmlechner <asturm@gentoo.org>
CommitDate: 2019-07-28 11:23:32 +0000

    sys-apps/dbus: Security cleanup
    
    Bug: https://bugs.gentoo.org/687900
    Package-Manager: Portage-2.3.69, Repoman-2.3.16
    Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org>

 sys-apps/dbus/Manifest               |   2 -
 sys-apps/dbus/dbus-1.12.12-r1.ebuild | 281 ----------------------------------
 sys-apps/dbus/dbus-1.12.12-r2.ebuild | 287 -----------------------------------
 sys-apps/dbus/dbus-1.12.14.ebuild    | 286 ----------------------------------
 4 files changed, 856 deletions(-)
Comment 16 GLSAMaker/CVETool Bot gentoo-dev 2019-09-08 17:47:31 UTC
This issue was resolved and addressed in
 GLSA 201909-08 at https://security.gentoo.org/glsa/201909-08
by GLSA coordinator Thomas Deutschmann (whissi).