Bug#1105191: marked as done (screen: TTY Hijacking while Attaching to a Multi-User Session (CVE-2025-46802))

Debian Bug Tracking System Sun, 18 May 2025 16:32:10 -0700

Your message dated Sun, 18 May 2025 23:20:16 +0000
with message-id <e1ugnim-0016s8...@fasolo.debian.org>
and subject line Bug#1105191: fixed in screen 4.9.1-3
has caused the Debian Bug report #1105191,
regarding screen: TTY Hijacking while Attaching to a Multi-User Session 
(CVE-2025-46802)
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1105191: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105191
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: screen
Version: 4.9.1-1
Severity: grave
Justification: user security hole
X-Debbugs-Cc: dani.be...@ubuntu.com

Dear Maintainer,

Screen 5.0.1 is now published with the assortment of security fixes as well as 
some other issues spotted and resolved:

    - CVE-2025-46805: do NOT send signals with root privileges
    - CVE-2025-46804: avoid file existence test information leaks
    - CVE-2025-46803: apply safe PTY default mode of 0620
    - CVE-2025-46802: prevent temporary 0666 mode on PTYs in attacher
    - CVE-2025-23395: reintroduce lf_secreopen() for logfile
    - buffer overflow due bad strncpy()
    - uninitialized variables warnings
    - typos
    - combining char handling that could lead to a segfault


-- Package-specific info:
File Existence and Permissions
------------------------------

drwxr-xr-x 42 root root   1180 May 13 08:36 /run
lrwxrwxrwx  1 root root      4 Jul 13  2022 /var/run -> /run
-rwxr-xr-x  1 root root 486488 Sep  7  2023 /usr/bin/screen
-rw-r--r--  1 root root    119 May 13 08:36 /etc/tmpfiles.d/screen-cleanup.conf
lrwxrwxrwx  1 root root      9 May 13 08:36 
/lib/systemd/system/screen-cleanup.service -> /dev/null
-rwxr-xr-x  1 root root   1222 Feb 18  2021 /etc/init.d/screen-cleanup
lrwxrwxrwx  1 root root     24 May 13 08:36 /etc/rcS.d/S01screen-cleanup -> 
../init.d/screen-cleanup

File contents
-------------

### /etc/tmpfiles.d/screen-cleanup.conf
______________________________________________________________________
# This file is generated by /var/lib/dpkg/info/screen.postinst upon package 
configuration
d /run/screen 1777 root utmp
______________________________________________________________________

-- System Information:
Debian Release: trixie/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 6.12.25-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=fa_IR.UTF-8, LC_CTYPE=fa_IR.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages screen depends on:
ii  debianutils   5.22
ii  libc6         2.41-7
ii  libcrypt1     1:4.4.38-1
ii  libpam0g      1.7.0-3
ii  libtinfo6     6.5+20250216-2
ii  libutempter0  1.2.1-4

screen recommends no packages.

Versions of packages screen suggests:
pn  byobu | screenie | iselect  <none>
ii  ncurses-term                6.5+20250216-2

-- no debconf information

--- End Message ---

--- Begin Message ---

Source: screen
Source-Version: 4.9.1-3
Done: Axel Beckert <a...@debian.org>

We believe that the bug you reported is fixed in the latest version of
screen, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1105...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Axel Beckert <a...@debian.org> (supplier of updated screen package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 19 May 2025 00:42:42 +0200
Source: screen
Architecture: source
Version: 4.9.1-3
Distribution: unstable
Urgency: medium
Maintainer: Axel Beckert <a...@debian.org>
Changed-By: Axel Beckert <a...@debian.org>
Closes: 1105191
Changes:
 screen (4.9.1-3) unstable; urgency=medium
 .
   [ Salvatore Bonaccorso ]
   * attacher.c - prevent temporary 0666 mode on PTYs (CVE-2025-46802)
     (Closes: #1105191)
   * avoid file existence test information leaks (CVE-2025-46804)
   * socket.c - don't send signals with root privileges (CVE-2025-46805)
Checksums-Sha1:
 43653e5bb45308cd3a027329742d4736b519d5af 2280 screen_4.9.1-3.dsc
 e625c98e2197ee0a29b4702d33e3849a8786bf7c 51696 screen_4.9.1-3.debian.tar.xz
 3382032f8fca804c6c9407beade88e4396473f03 6745 screen_4.9.1-3_source.buildinfo
Checksums-Sha256:
 0dd2f3cedc3e701625b23df5d2a68caa6f1dc0a17444a2c1f94ebe065fab09a3 2280 
screen_4.9.1-3.dsc
 da41d15566edb0079cd8834ea90562ac1957c7309614b6fedf32e64d946cfb85 51696 
screen_4.9.1-3.debian.tar.xz
 f9ff20ae5750447918a047d485e2823cb962a70d077f4577c34d9d3201eac44c 6745 
screen_4.9.1-3_source.buildinfo
Files:
 74baaedc3836d080d57697aeceb603b1 2280 misc standard screen_4.9.1-3.dsc
 6b2ce5c3b14554dd68814dd42ae36fa2 51696 misc standard 
screen_4.9.1-3.debian.tar.xz
 ed5a4c8f24258b955ef620558fe6269d 6745 misc standard 
screen_4.9.1-3_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERoyJeTtCmBnp12Ema+Zjx1o1yXUFAmgqY3gACgkQa+Zjx1o1
yXVoZQ/+JBuNaZed4+rq1MzJHUoZyUIEmbDlLYCpvse8BWMoBZJAE0xdge2hoOcY
ptFIAOvD0vQKpU9ChBpQUBFDAe9qKvvzmGsLdx0xrUSfYumC5SGoPIly/trHSwNz
3B5PD4y587rYBkecstWX9WI6/iAdTyjsJ+++mKtOwfH+VzB+jP0+yVd92zHF+w4a
Hl90YVVtgcR6tBsmcqAhY4t6aqREUXUu2bsaUkAref5EQF6SC74Su2bognd6bh+m
2Xgr5AYuFy46UFRakinenxx+0fbjQzWq4XlR1ra9hlPncbz+5c6GA6VZzu87SMDK
bMl4ou44EE3qLThE0VOE07rmqCIDnex2l+gw+X0NQ7NXUSSve0igww516QpJ0dg1
b5kULYBHNwfqfC/zmzY2R3dp0K4C+rOPZsGMDWBf18xBNcfDTL25Hrd7oltsfv7e
+CqJd0aUngGm9+WZeiax1JkoS0Whti9BmXh5PZBeII6iYncVXXGICUthQpmDjkY2
u/XcTY8swF/awc4nbt0yecxanMrP2NQBdGXu6qz/d1R/vVRuLt4prmEiIEcASfC5
/iYdp7olwkeEEwh7DzJpoc2srFbs0JlCpt/awFjTQ9KasSf68xguDMgkNA/tbuwc
pQYxxK63uSk9ZJiTItswp00alp3MuuSq4V9dXTuETU5ykVNGHa4=
=f/Gg
-----END PGP SIGNATURE-----

pgpzMITKNRaMA.pgp
Description: PGP signature

--- End Message ---

Bug#1105191: marked as done (screen: TTY Hijacking while Attaching to a Multi-User Session (CVE-2025-46802))

Reply via email to