CVE-2008-4983 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4983): scilab-bin 4.1.2 allows local users to overwrite arbitrary files via a symlink attack on (a) /tmp/SciLink#####1, (b) /tmp/SciLink#####2, (c) /tmp/SciLink#####3, (d) /tmp/*.#####, (e) /tmp/*.#####.res, (f) /tmp/*.#####.err, and (g) /tmp/*.#####.diff temporary files, related to the (1) scilink, (2) scidoc, and (3) scidem scripts.
Our in-tree version is vulnerable, I checked it. DEBIAN: http://bugs.debian.org/496414 FILES: scilink, scidoc, scidem CODE: http://dev.gentoo.org/~rbu/security/debiantemp/scilab-bin
Thanks much for the note and I'll take care of this asap. Best, Markus
I've added Debian's patch verbatim to portage since it comes from upstream and pushed out 4.1.2-r1. We need to stable 4.1.2-r1 on x86 but I suggest that we try all arches (x86, amd64, ppc) while we're at it. At least amd64 and x86 work fine for me. Thanks, Markus
Arches, please test and mark stable: =sci-mathematics/scilab-4.1.2-r1 Target keywords: x86 Per maintainer request, please also mark stable (not required per security): amd64 ppc
amd64/x86 stable
ppc stable
Ready for voting!
I vote NO!
we've had a ton of temp file issues recently, and we always issued a glsa... so voting yes.
YES, filed
GLSA 200901-14