Your message dated Tue, 19 Feb 2008 00:02:11 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#466449: fixed in sword 1.5.9-8
has caused the Debian Bug report #466449,
regarding diatheke: Diatheke allows arbitrary command execution using the range
parameter
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
466449: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466449
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: diatheke
Severity: critical
Tags: security
Justification: root security hole
The Diatheke CGI allows arbitrary command execution in the context of
the webserver, e.g. www-data by simply abusing the range parameter.
For example, &range=`yes` will consume tons of resources on the affected
webserver. Escalation of privleges and command shells are left as an
exercise to the reader.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh
Versions of packages diatheke depends on:
ii libc6 2.7-8 GNU C Library: Shared libraries
ii libcomerr2 1.40.6-1 common error description library
ii libgcc1 1:4.3-20080202-1 GCC support library
ii libkrb53 1.6.dfsg.3~beta1-2 MIT Kerberos runtime libraries
ii libldap-2.4-2 2.4.7-5 OpenLDAP libraries
ii libstdc++6 4.3-20080202-1 The GNU Standard C++ Library v3
ii libsword6 1.5.9-7.1 API/library for bible software
ii zlib1g 1:1.2.3.3.dfsg-11 compression library - runtime
Versions of packages diatheke recommends:
ii apache2 2.2.8-1 Next generation, scalable, extenda
ii apache2-mpm-prefork [httpd] 2.2.8-1 Traditional model for Apache HTTPD
--- End Message ---
--- Begin Message ---
Source: sword
Source-Version: 1.5.9-8
We believe that the bug you reported is fixed in the latest version of
sword, which is due to be installed in the Debian FTP archive:
diatheke_1.5.9-8_i386.deb
to pool/main/s/sword/diatheke_1.5.9-8_i386.deb
libsword-dev_1.5.9-8_i386.deb
to pool/main/s/sword/libsword-dev_1.5.9-8_i386.deb
libsword6_1.5.9-8_i386.deb
to pool/main/s/sword/libsword6_1.5.9-8_i386.deb
sword_1.5.9-8.diff.gz
to pool/main/s/sword/sword_1.5.9-8.diff.gz
sword_1.5.9-8.dsc
to pool/main/s/sword/sword_1.5.9-8.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Daniel Glassey <[EMAIL PROTECTED]> (supplier of updated sword package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 18 Feb 2008 22:57:25 +0000
Source: sword
Binary: libsword6 libsword-dev diatheke
Architecture: source i386
Version: 1.5.9-8
Distribution: unstable
Urgency: high
Maintainer: Daniel Glassey <[EMAIL PROTECTED]>
Changed-By: Daniel Glassey <[EMAIL PROTECTED]>
Description:
diatheke - CGI script for making bible website
libsword-dev - Development files for libsword
libsword6 - API/library for bible software
Closes: 466449
Changes:
sword (1.5.9-8) unstable; urgency=high
.
* diatheke failed to use shell_escape for the range parameter
properly, Closes: #466449
Files:
d213fb9ac2386e698fea2b02b6978851 709 libs optional sword_1.5.9-8.dsc
d2a89c7f46b5b39d51034ea607be58b5 100567 libs optional sword_1.5.9-8.diff.gz
1f0c6259a54dfe5fb5edf522eb7eec9f 529646 libs optional
libsword6_1.5.9-8_i386.deb
307a45596ca46eaaa9d1ad864fa7ff80 678664 libdevel optional
libsword-dev_1.5.9-8_i386.deb
8bf1c18a75a0738c0a1226d1743d545c 60998 web optional diatheke_1.5.9-8_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHuhlP/offrSwPzRoRAuS9AKC9pAaiNSE530tcVDCFabSZVyOcpQCg7jx2
oER4VELqtW8FIrsrWWpIvVM=
=69iZ
-----END PGP SIGNATURE-----
--- End Message ---
