Your message dated Sat, 22 Jan 2005 11:32:20 -0500
with message-id <[EMAIL PROTECTED]>
and subject line Bug#291680: fixed in firehol 1.214-2
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 22 Jan 2005 10:52:10 +0000
>From [EMAIL PROTECTED] Sat Jan 22 02:52:10 2005
Return-path: <[EMAIL PROTECTED]>
Received: from canyonero.dot.net.au [202.147.68.14]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CsIsD-0001Mc-00; Sat, 22 Jan 2005 02:52:10 -0800
Received: from [202.147.82.65] (helo=democritus.tekno.house)
by canyonero.dot.net.au with esmtp (Exim 3.35 #1 (Debian))
id 1CsIri-0004yV-00
for <[EMAIL PROTECTED]>; Sat, 22 Jan 2005 21:51:38 +1100
Received: from yosamite (yosamite.tekno.house [10.1.75.21])
by democritus.tekno.house (Postfix) with SMTP id 9FB9B19387
for <[EMAIL PROTECTED]>; Sat, 22 Jan 2005 21:51:32 +1100 (EST)
Received: by yosamite (sSMTP sendmail emulation); Sat, 22 Jan 2005 21:51:32
+1100
Date: Sat, 22 Jan 2005 21:51:32 +1100
From: Sam Couter <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: firehol: insecure temporary directory handling
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="0IvGJv3f9h+YhkrH"
Content-Disposition: inline
X-Operating-System: Linux 2.6.10-1-k7 on a i686
X-Debbugs-Cc: [EMAIL PROTECTED]
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
--0IvGJv3f9h+YhkrH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: firehol
Version: 1.214-1
Severity: critical
Tags: security sarge
Both firehol and firehol-wizard use known temporary file names in a
predictably named temporary directory (PID-based).
Neither program ensures that those directories are safe before blasting
the contents of files within. An attacker can place carefully named
symlinks in the directory and overwrite or corrupt many files on the
system.
I have exploited this (it's trivial if even I can do it).
Security team says:
"You may add that if the author/maintainer doesn't know how to fix
the problem either, they should not hesitate to contact us."
--=20
Sam "Eddie" Couter | mailto:[EMAIL PROTECTED]
Debian Developer | mailto:[EMAIL PROTECTED]
| jabber:[EMAIL PROTECTED]
OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C
--0IvGJv3f9h+YhkrH
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFB8jA0hTADrt6Jx1wRAkMdAJ9b2d+hdggD4bmG71MlclHBsZXH/QCfanin
ZaO9KITbJsmUdLHBawkyPic=
=QUY4
-----END PGP SIGNATURE-----
--0IvGJv3f9h+YhkrH--
---------------------------------------
Received: (at 291680-close) by bugs.debian.org; 22 Jan 2005 16:35:52 +0000
>From [EMAIL PROTECTED] Sat Jan 22 08:35:52 2005
Return-path: <[EMAIL PROTECTED]>
Received: from newraff.debian.org [208.185.25.31] (mail)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CsOEp-0004BI-00; Sat, 22 Jan 2005 08:35:51 -0800
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1CsOBQ-000536-00; Sat, 22 Jan 2005 11:32:20 -0500
From: Alexander Wirt <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#291680: fixed in firehol 1.214-2
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sat, 22 Jan 2005 11:32:20 -0500
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 5
Source: firehol
Source-Version: 1.214-2
We believe that the bug you reported is fixed in the latest version of
firehol, which is due to be installed in the Debian FTP archive:
firehol_1.214-2.diff.gz
to pool/main/f/firehol/firehol_1.214-2.diff.gz
firehol_1.214-2.dsc
to pool/main/f/firehol/firehol_1.214-2.dsc
firehol_1.214-2_all.deb
to pool/main/f/firehol/firehol_1.214-2_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Alexander Wirt <[EMAIL PROTECTED]> (supplier of updated firehol package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 22 Jan 2005 15:11:18 +0100
Source: firehol
Binary: firehol
Architecture: source all
Version: 1.214-2
Distribution: unstable
Urgency: high
Maintainer: Alexander Wirt <[EMAIL PROTECTED]>
Changed-By: Alexander Wirt <[EMAIL PROTECTED]>
Description:
firehol - An easy to use but powerful iptables stateful firewall
Closes: 289211 290728 291041 291667 291680
Changes:
firehol (1.214-2) unstable; urgency=high
.
* Makes wget and curl check fail silently because the normal user
will never need it. Added wget | curl to recommends.
(Closes: #291041)
* Allow additional argumentens for init script (Closes: #290728)
Thanks to Peter Marschall for the patch
* Fixed security bug in the tempdir creation (Closes: #291680)
Thanks to Sam Couter for pointing to it
* Fixed wrong named variable in the lan-gateway.conf example
(Closes: #289211)
* Added the possibility to wait for an interface if set in
/etc/default/firehol. See README.Debian for more infos
(Closes: #291667) Thanks again to Sam Couter for the patch.
Files:
bd9a49f0049da0b38d5d42d452f028fc 578 net optional firehol_1.214-2.dsc
298e4732309a5cf46d37d9f038877a58 3946 net optional firehol_1.214-2.diff.gz
1317c4894c74e82165b760536d2a9e23 155946 net optional firehol_1.214-2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFB8nB601u8mbx9AgoRAl7fAJ4gXeUPz7XOCVdIcbn0ZL5TqaaQWQCZAYUT
RwuqH9xm/DXbgv65os1lzUc=
=8gVf
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
