Package: aptlinex Version: 0.9-1 Severity: grave Tags: security <a href="apt://pdmenu-">
With this it will happily remove pdmenu, while presenting a UI that doesn't make that plain to the user. For more fun, could try libc6- , or some other library that will make apt unhappy. (I haven't tried that.) <a href="apt://pdmenu/experimental"> With this is will install pdmenu from experimental (assuming sources.list is set up). I think this syntax should be disallowed, along with the "=version" syntax. <a href="apt://p.*"> This installs all package names containing "p". Also, it demonstrates that aptlinex exposes the posix regexp library to attackers. Any security hole in that library can now be exploited over the web. The best solution to all of these is probably to check that the package name listed for installation is the name of an actual, existing package, before passing it to apt. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages aptlinex depends on: ii apt-show-versions 0.12 lists available package versions w ii gambas2-gb-gui 2.5-1 The graphical toolkit selector com ii gambas2-runtime 2.5-1 The Gambas runtime ii gksu 2.0.0-5 graphical frontend to su Versions of packages aptlinex recommends: ii epiphany-gecko [www-browser 2.20.3-1.1 Intuitive GNOME web browser - Geck ii iceweasel [www-browser] 2.0.0.13-1 lightweight web browser based on M ii lynx [www-browser] 2.8.6-2 Text-mode WWW Browser ii w3m [www-browser] 0.5.1-5.1+b1 WWW browsable pager with excellent -- no debconf information -- see shy jo
signature.asc
Description: Digital signature
