Your message dated Sat, 02 Apr 2011 22:02:28 +0000
with message-id <e1q68to-0000jx...@franck.debian.org>
and subject line Bug#612034: fixed in aptitude 0.6.3-4
has caused the Debian Bug report #612034,
regarding vulnerability: rewrite arbitrary user file
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
612034: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=612034
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: aptitude
Version: 0.6.3-3.2ubuntu1
Severity: grave
Tags: security
Justification: user security hole
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu natty
This bug report was also filed in Ubuntu and can be found at
http://launchpad.net/bugs/607264
The description, from segooon, follows:
Binary package hint: aptitude
Hi, I've just discovered that aptitude is vulnerable to rewriting any user
(maybe root) file:
bool hier_editor::handle_key(const cw::config::key &k)
....
if(homedir.empty())
{
....
cfgfile = "/tmp/function_pkgs";
}
....
save_hier(cfgfile);
Here attacker can create link to any file in the system that user may write to.
If process has no $HOME set, this file would be overwritten.
It is rare that $HOME is null, but it such rare case it is vulnerable.
Thanks.
-- System Information:
Debian Release: squeeze/sid
APT prefers natty
APT policy: (500, 'natty')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.37-12-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Source: aptitude
Source-Version: 0.6.3-4
We believe that the bug you reported is fixed in the latest version of
aptitude, which is due to be installed in the Debian FTP archive:
aptitude-dbg_0.6.3-4_amd64.deb
to main/a/aptitude/aptitude-dbg_0.6.3-4_amd64.deb
aptitude-doc-cs_0.6.3-4_all.deb
to main/a/aptitude/aptitude-doc-cs_0.6.3-4_all.deb
aptitude-doc-en_0.6.3-4_all.deb
to main/a/aptitude/aptitude-doc-en_0.6.3-4_all.deb
aptitude-doc-es_0.6.3-4_all.deb
to main/a/aptitude/aptitude-doc-es_0.6.3-4_all.deb
aptitude-doc-fi_0.6.3-4_all.deb
to main/a/aptitude/aptitude-doc-fi_0.6.3-4_all.deb
aptitude-doc-fr_0.6.3-4_all.deb
to main/a/aptitude/aptitude-doc-fr_0.6.3-4_all.deb
aptitude-doc-ja_0.6.3-4_all.deb
to main/a/aptitude/aptitude-doc-ja_0.6.3-4_all.deb
aptitude-gtk_0.6.3-4_amd64.deb
to main/a/aptitude/aptitude-gtk_0.6.3-4_amd64.deb
aptitude_0.6.3-4.debian.tar.gz
to main/a/aptitude/aptitude_0.6.3-4.debian.tar.gz
aptitude_0.6.3-4.dsc
to main/a/aptitude/aptitude_0.6.3-4.dsc
aptitude_0.6.3-4_amd64.deb
to main/a/aptitude/aptitude_0.6.3-4_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 612...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Daniel Burrows <dburr...@debian.org> (supplier of updated aptitude package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 02 Apr 2011 13:55:04 -0700
Source: aptitude
Binary: aptitude aptitude-gtk aptitude-dbg aptitude-doc-cs aptitude-doc-en
aptitude-doc-es aptitude-doc-fi aptitude-doc-fr aptitude-doc-ja
Architecture: source amd64 all
Version: 0.6.3-4
Distribution: unstable
Urgency: low
Maintainer: Daniel Burrows <dburr...@debian.org>
Changed-By: Daniel Burrows <dburr...@debian.org>
Description:
aptitude - terminal-based package manager (terminal interface only)
aptitude-dbg - Debug symbols for the aptitude package manager
aptitude-doc-cs - Czech manual for aptitude, a terminal-based package manager
aptitude-doc-en - English manual for aptitude, a terminal-based package manager
aptitude-doc-es - Spanish manual for aptitude, a terminal-based package manager
aptitude-doc-fi - Finnish manual for aptitude, a terminal-based package manager
aptitude-doc-fr - French manual for aptitude, a terminal-based package manager
aptitude-doc-ja - Japanese manual for aptitude, a terminal-based package
manager
aptitude-gtk - terminal-based package manager (GUI and terminal interfaces)
Closes: 612034
Changes:
aptitude (0.6.3-4) unstable; urgency=low
.
* Incorporate NMU patches.
.
* 0009-fix-symlink-attack: Fix a potential symlink attack that could
occur if a user with no home directory edited and saved the package
hierarchy definitions. (Closes: #612034)
Checksums-Sha1:
1855451019f8c137d2869003016b0a49f3922ff2 1669 aptitude_0.6.3-4.dsc
9f603dae69db2a855ed342e756429702a1673037 48155 aptitude_0.6.3-4.debian.tar.gz
8ab3beded87637f84d5941a301c1ac2e06c61afd 3941692 aptitude_0.6.3-4_amd64.deb
09b57d49ccbedba523b1c80c31777a82dd0247de 2115352 aptitude-gtk_0.6.3-4_amd64.deb
bfe8690fcdc1b757393d142e461077f32b0b6443 33697134
aptitude-dbg_0.6.3-4_amd64.deb
69c7940b42501a81e86e29ef94a567223f69dd8c 389728 aptitude-doc-cs_0.6.3-4_all.deb
aee4062eaeded802d081713e6c5af469d0b729c5 456986 aptitude-doc-en_0.6.3-4_all.deb
0e2e5984ca512697b80f8ddf09ddea94d5b90c70 480726 aptitude-doc-es_0.6.3-4_all.deb
83f844e64c44c180af137bd6424443996af2e355 279018 aptitude-doc-fi_0.6.3-4_all.deb
276793375bf50b19f51d2d0e428e4c7e3b97287e 338788 aptitude-doc-fr_0.6.3-4_all.deb
7766fee819015071362a083896d80c074497a661 402472 aptitude-doc-ja_0.6.3-4_all.deb
Checksums-Sha256:
bcfe3353046eaa518f2068409c7de2c96fee68e3f3632c6eeecb01fcf39ac6cd 1669
aptitude_0.6.3-4.dsc
63360df84f8e1891dffe76b7e96fd257912e96e1277b39631275bb1f24defa80 48155
aptitude_0.6.3-4.debian.tar.gz
bca5072064d9f54e09d7f0065b6a1974362a63b1d82eb2f833a5b24bf90df557 3941692
aptitude_0.6.3-4_amd64.deb
662911310c540c05b64e956c51ed6ef0e3bd3498223c08233c36f63cb056739f 2115352
aptitude-gtk_0.6.3-4_amd64.deb
d916009946259ebdf4e4df24670880a30d1a51e73561177ecffde1fa95669e14 33697134
aptitude-dbg_0.6.3-4_amd64.deb
0a1c9a5be9cc09659f645186a6beb1ff6043b713728677979b724c0aeef6955d 389728
aptitude-doc-cs_0.6.3-4_all.deb
447601c49532a8e8cdc1833e6ee17d0c0b365150f935275d0e2f1b6e62378808 456986
aptitude-doc-en_0.6.3-4_all.deb
a846e8d132a797dac3dac88f828f1853caacf8f808b5abc231a9cdf041017f21 480726
aptitude-doc-es_0.6.3-4_all.deb
e3f3449d17d3462570e372484432d599ae4430ec8618dbb6844a9744ea710a80 279018
aptitude-doc-fi_0.6.3-4_all.deb
5ec1d1f8f07133d42a8153b9776db97f046a65905e4a5ed9db96f84ce735f75f 338788
aptitude-doc-fr_0.6.3-4_all.deb
2bd8035540f1abb89c7e79946d4da3df32f3aba00f85a8b28a2d3881a31ef428 402472
aptitude-doc-ja_0.6.3-4_all.deb
Files:
5b3c148649c25e3c74c0a4dc3264ec20 1669 admin - aptitude_0.6.3-4.dsc
17ae8053cb4a1eb614c2ccb75d881ce1 48155 admin - aptitude_0.6.3-4.debian.tar.gz
e5b9b2d70cdd748e861dc9770449a4d6 3941692 admin important
aptitude_0.6.3-4_amd64.deb
68e169c47cb00da2f10ac4d49412fb17 2115352 admin optional
aptitude-gtk_0.6.3-4_amd64.deb
18712292269e1ab7bdc56f3319660e97 33697134 debug extra
aptitude-dbg_0.6.3-4_amd64.deb
bca8d41662fde2f3305500afdecb0b58 389728 doc optional
aptitude-doc-cs_0.6.3-4_all.deb
8a707f456d316c3fad25a089c3001829 456986 doc optional
aptitude-doc-en_0.6.3-4_all.deb
229ec54d15213defc78d1f95bcca5f67 480726 doc optional
aptitude-doc-es_0.6.3-4_all.deb
f1885c9b4a4635da1e090682eee91553 279018 doc optional
aptitude-doc-fi_0.6.3-4_all.deb
06c23eba4de8efe9982a8dd0bceec222 338788 doc optional
aptitude-doc-fr_0.6.3-4_all.deb
d28a27bb6c27519bc4086d551168ea86 402472 doc optional
aptitude-doc-ja_0.6.3-4_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk2XmKMACgkQch6xsM7kSXi1AgCeKq4l2/CuIFza6rPhNiuTNyjo
nzQAoNlGA7sCUIRfA0LckO5GhRmSmBv8
=1Yb3
-----END PGP SIGNATURE-----
--- End Message ---
