Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 602658 (CVE-2016-9956) - <games-simulation/flightgear-2016.4.4: route manager is able to overwrite arbitrary files (CVE-2016-9956)
Summary: <games-simulation/flightgear-2016.4.4: route manager is able to overwrite arb...
Status: RESOLVED FIXED
Alias: CVE-2016-9956
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL: http://seclists.org/oss-sec/2016/q4/674
Whiteboard: B3 [noglsa cve]
Keywords:
Depends on: 605386
Blocks:
  Show dependency tree
 
Reported: 2016-12-14 16:40 UTC by ingrix
Modified: 2017-01-14 14:10 UTC (History)
2 users (show)

See Also:
Package list:
=games-simulation/flightgear-2016.4.4 =games-simulation/flightgear-data-2016.4.4 =dev-games/simgear-2016.4.4
Runtime testing required: ---
stable-bot: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description ingrix 2016-12-14 16:40:30 UTC
The route manager in flightgear is able to overwrite arbitrary files that a user has write access to, which can lead to possible code execution.  A CVE has been requested for this issue but is not yet assigned.  This issue supposedly affects any version of flightgear released after 2009 and includes versions 3.4.0 and 2016.3.1 which are available in the gentoo repo.

An upstream patch is available at https://sourceforge.net/p/flightgear/flightgear/ci/280cd523686fbdb175d50417266d2487a8ce67d2/log/

More information is available via the debian bug report:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848114

Reproducible: Didn't try
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2017-01-09 00:43:18 UTC
@ Arches,

please test and mark stable:

=games-simulation/flightgear-2016.4.4
=games-simulation/flightgear-data-2016.4.4
Comment 2 Stabilization helper bot gentoo-dev 2017-01-10 05:48:06 UTC
An automated check of this bug failed - repoman reported dependency errors (49 lines truncated): 

> dependency.bad games-simulation/flightgear/flightgear-2016.4.4.ebuild: DEPEND: amd64(default/linux/amd64/13.0) ['~dev-games/simgear-2016.4.4']
> dependency.bad games-simulation/flightgear/flightgear-2016.4.4.ebuild: RDEPEND: amd64(default/linux/amd64/13.0) ['~dev-games/simgear-2016.4.4']
> dependency.bad games-simulation/flightgear/flightgear-2016.4.4.ebuild: DEPEND: amd64(default/linux/amd64/13.0/desktop) ['~dev-games/simgear-2016.4.4']
Comment 3 Thomas Deutschmann (RETIRED) gentoo-dev 2017-01-10 13:37:11 UTC
@ Arches,

please also stabilize required =dev-games/simgear-2016.4.4
Comment 4 Aaron Bauman (RETIRED) gentoo-dev 2017-01-11 13:34:17 UTC
Please re-CC arches when the dependent build failure is fixed.
Comment 5 Thomas Deutschmann (RETIRED) gentoo-dev 2017-01-11 18:04:55 UTC
(In reply to Aaron Bauman from comment #4)
> Please re-CC arches when the dependent build failure is fixed.

@ Arches,

please try again.
Comment 6 Agostino Sarubbo gentoo-dev 2017-01-13 14:35:59 UTC
amd64 stable
Comment 7 Agostino Sarubbo gentoo-dev 2017-01-13 15:43:34 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please vote.
Comment 8 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2017-01-14 01:34:12 UTC
commit d57e2633cf40bec897c0baa75b9cb58225caa2f2
Author: Lars Wendler <polynomial-c@gentoo.org>
Date:   Sat Jan 14 02:32:57 2017

    dev-games/simgear: Security cleanup (bug #602658).

    Package-Manager: Portage-2.3.3, Repoman-2.3.1

commit ef2f2cb70285466776f4dd10718fb0851956c31c
Author: Lars Wendler <polynomial-c@gentoo.org>
Date:   Sat Jan 14 02:30:52 2017

    games-simulation/flightgear-data: Security cleanup (bug #602658).

    Package-Manager: Portage-2.3.3, Repoman-2.3.1

commit 8170f20931e723b17be2916cefbcccf71691706d
Author: Lars Wendler <polynomial-c@gentoo.org>
Date:   Sat Jan 14 02:29:44 2017

    games-simulation/flightgear: Security cleanup (bug #602658).

    Package-Manager: Portage-2.3.3, Repoman-2.3.1
Comment 9 Thomas Deutschmann (RETIRED) gentoo-dev 2017-01-14 14:10:49 UTC
GLSA Vote: No

Repository is clean, all done.