Your message dated Sun, 13 Apr 2008 13:47:02 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#475733: fixed in acon 1.0.5-6
has caused the Debian Bug report #475733,
regarding acon: local root exploit
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
475733: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475733
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: acon
Version: 1.0.5-5
Severity: critical
Tags: security
Justification: root security hole
The package has a setuid binary acon. The binary never drops setuid. The
source code contains the following lines: (acon.c)
char tmp[300];
...
if((env=getenv("HOME")))
sprintf(tmp,"%s/.acon.conf",env);
This can be easily exploited by a long $HOME.
Helmut
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.23.14 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=de_DE (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Source: acon
Source-Version: 1.0.5-6
We believe that the bug you reported is fixed in the latest version of
acon, which is due to be installed in the Debian FTP archive:
acon_1.0.5-6.diff.gz
to pool/main/a/acon/acon_1.0.5-6.diff.gz
acon_1.0.5-6.dsc
to pool/main/a/acon/acon_1.0.5-6.dsc
acon_1.0.5-6_amd64.deb
to pool/main/a/acon/acon_1.0.5-6_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
أحمد المحمودي (Ahmed El-Mahmoudy) <[EMAIL PROTECTED]> (supplier of updated acon
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 12 Apr 2008 11:40:43 +0200
Source: acon
Binary: acon
Architecture: source amd64
Version: 1.0.5-6
Distribution: unstable
Urgency: low
Maintainer: أحمد المحمودي (Ahmed El-Mahmoudy) <[EMAIL PROTECTED]>
Changed-By: أحمد المحمودي (Ahmed El-Mahmoudy) <[EMAIL PROTECTED]>
Description:
acon - Text console arabization
Closes: 475733
Changes:
acon (1.0.5-6) unstable; urgency=low
.
* Added doc/readme* to docs.
* Added doc/sample.glyph to examples.
* Dropped 05_setuid.diff as it can cause a root exploit. (Closes: #475733)
Checksums-Sha1:
477c3713a83da5ed9cd6c9bb337c53eda17369e2 971 acon_1.0.5-6.dsc
fc586f78d04385131964b002bbc959794227883c 4712 acon_1.0.5-6.diff.gz
f23075a79608c32dfe02d79128453d07e2379c2c 36850 acon_1.0.5-6_amd64.deb
Checksums-Sha256:
de32c998a3c8120487aea8cf00ee48ba5e8eb8b80cdc0061916d5e9f8d4e6480 971
acon_1.0.5-6.dsc
18bbf011530752859a1870f4faeed9cb831f954fe4a50be399ed4ab02acf1dac 4712
acon_1.0.5-6.diff.gz
f390eb830071a6d128da5a015e62f5d81457501d3763853deb47ff8c78793808 36850
acon_1.0.5-6_amd64.deb
Files:
b299e3bf44bec8d389cb5126f37c530e 971 misc optional acon_1.0.5-6.dsc
79c983475c96d29898cbbc9203014ee3 4712 misc optional acon_1.0.5-6.diff.gz
8967b680c1d47eeccbd1f0182859ff1b 36850 misc optional acon_1.0.5-6_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIAgrsy2aOKaP9DfcRAp4lAJ9EVvYRfXvBPhAILtYBYQAI4tZdbwCcDij/
3X7KPOEtYLqQS2gy+5Gf0e4=
=P5Ac
-----END PGP SIGNATURE-----
--- End Message ---
