Bug#640028: marked as done (Unescaped shell command vulnerabilities)

Thu, 08 Sep 2011 18:57:25 -0700 

Your message dated Fri, 09 Sep 2011 01:55:06 +0000
with message-id <e1r1qj8-0006oy...@franck.debian.org>
and subject line Bug#640028: fixed in bcfg2 0.9.5.7-1.1+lenny1
has caused the Debian Bug report #640028,
regarding Unescaped shell command vulnerabilities
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
640028: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=640028
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: bcfg2-server
Version: 1.1.2-1
Severity: critical
Tags: security pending patch

All released stable versions of the bcfg2-server contain several cases
where data from the client is used in a shell command without properly
escaping it first. The 1.2 prerelease series has been fixed.

At least the SSHbase plugin has been confirmed as being exploitable.
This is a remote root hole, which requires that the SSHbase plugin is
enabled and that the attacker has control of a bcfg2 client machine.

See
https://github.com/solj/bcfg2/commit/f4a35efec1b6a1e54d61cf1b8bfc83dd1d89eef7
for the original security fix, and
https://github.com/solj/bcfg2/commit/46795ae451ca6ede55a0edeb726978aef4684b53
for the backport to the 1.1 series.

-- 
Arto Jantunen

--- End Message ---
--- Begin Message --- 
Source: bcfg2
Source-Version: 0.9.5.7-1.1+lenny1

We believe that the bug you reported is fixed in the latest version of
bcfg2, which is due to be installed in the Debian FTP archive:

bcfg2-server_0.9.5.7-1.1+lenny1_all.deb
  to main/b/bcfg2/bcfg2-server_0.9.5.7-1.1+lenny1_all.deb
bcfg2_0.9.5.7-1.1+lenny1.diff.gz
  to main/b/bcfg2/bcfg2_0.9.5.7-1.1+lenny1.diff.gz
bcfg2_0.9.5.7-1.1+lenny1.dsc
  to main/b/bcfg2/bcfg2_0.9.5.7-1.1+lenny1.dsc
bcfg2_0.9.5.7-1.1+lenny1_all.deb
  to main/b/bcfg2/bcfg2_0.9.5.7-1.1+lenny1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 640...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Nico Golde <n...@debian.org> (supplier of updated bcfg2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 05 Sep 2011 21:23:52 +0000
Source: bcfg2
Binary: bcfg2 bcfg2-server
Architecture: source all
Version: 0.9.5.7-1.1+lenny1
Distribution: oldstable-security
Urgency: high
Maintainer: Sami Haahtinen <re...@debian.org>
Changed-By: Nico Golde <n...@debian.org>
Description: 
 bcfg2      - Configuration management client
 bcfg2-server - Configuration management server
Closes: 640028
Changes: 
 bcfg2 (0.9.5.7-1.1+lenny1) oldstable-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Backport upstream patches to fix several problems of unescaped
     shell commands leading to remote root compromise (Closes: #640028).
Checksums-Sha1: 
 2d0f713d50c94b932d20310fbf6e888d4b8ce4ea 1136 bcfg2_0.9.5.7-1.1+lenny1.dsc
 54ff837b843fdebb2aefbf88c48fbe16247c3efa 786983 bcfg2_0.9.5.7.orig.tar.gz
 cd7c4fbe4dc2699bc313e91fd6c7296ff413cae1 4452 bcfg2_0.9.5.7-1.1+lenny1.diff.gz
 1bcaf0ccf5786af2695368792f199828850243f8 275628 
bcfg2_0.9.5.7-1.1+lenny1_all.deb
 6182c8b241303583f4c41036433db952a225962c 430940 
bcfg2-server_0.9.5.7-1.1+lenny1_all.deb
Checksums-Sha256: 
 3a14472abcb9a62351ab7676858ea5188eebab58601a2c5395faf3df98ad569e 1136 
bcfg2_0.9.5.7-1.1+lenny1.dsc
 0b25f325eed2a666ba3ad3f7b7d767a26955cab76ef95f37b1372597a7c3fcae 786983 
bcfg2_0.9.5.7.orig.tar.gz
 396a4d57fc855248eb7c51f8b7505f63400a18a398cc088e18de8ac3b606bb5b 4452 
bcfg2_0.9.5.7-1.1+lenny1.diff.gz
 fbe43d3fdbdcdce85da6c4124bc35905e065c062ec2a37cbc7ff746fd714794f 275628 
bcfg2_0.9.5.7-1.1+lenny1_all.deb
 a052865f38e519112c7ab05ee9c6608b0cd3f91c663c3c634b2a8727302432e3 430940 
bcfg2-server_0.9.5.7-1.1+lenny1_all.deb
Files: 
 a3a95990000a8f83acc45a89ffed78f6 1136 admin optional 
bcfg2_0.9.5.7-1.1+lenny1.dsc
 8145906ee3a365faa86eec3000263a84 786983 admin optional 
bcfg2_0.9.5.7.orig.tar.gz
 2e6f008903c451db706955152904b8ff 4452 admin optional 
bcfg2_0.9.5.7-1.1+lenny1.diff.gz
 391801877c277ac417f3927903175d13 275628 admin optional 
bcfg2_0.9.5.7-1.1+lenny1_all.deb
 41deb5119125c0465319129f73c3d164 430940 admin optional 
bcfg2-server_0.9.5.7-1.1+lenny1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iEYEARECAAYFAk5nZGAACgkQHYflSXNkfP+rVwCfQcJIhv0N48Iq8ELHfqICKTiN
PRYAn2dldvXXzCQzBdQw3tggFWSaG8Rd
=K5vj
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to