[Desktop-packages] [Bug 1164263] Re: user-specific and possible private files are written to a global location

Wed, 14 Aug 2013 11:51:53 -0700 

This bug was fixed in the package libimobiledevice - 1.1.4-1ubuntu6.2

---------------
libimobiledevice (1.1.4-1ubuntu6.2) raring-security; urgency=low

  * SECURITY UPDATE: insecure /tmp usage (LP: #1164263)
    - debian/patches/CVE-2013-2142.patch: fall back to getpwuid_r instead
      of using /tmp in src/userpref.c. Added string_concat() function in
      src/Makefile.am, src/utils.c, src/utils.h.
    - added new symbol to debian/libimobiledevice3.symbols.
    - CVE-2013-2142
 -- Marc Deslauriers <marc.deslauri...@ubuntu.com>   Wed, 14 Aug 2013 11:56:31 
-0400

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libimobiledevice in Ubuntu.
https://bugs.launchpad.net/bugs/1164263

Title:
  user-specific and possible private files are written to a global
  location

Status in “libimobiledevice” package in Ubuntu:
  Fix Released

Bug description:
  $ dpkg -l libimobiledevic* | grep ^ii
  ii  libimobiledevice3                 1.1.4-1ubuntu6        amd64             
    Library for communicating with the iPhone and iPod Touch
  $ lsb_release -d
  Description:    Ubuntu Raring Ringtail (development branch)

  I just noticed the oddly-named "/tmp/root" on my machine.

  $ tree -a /tmp/root
  /tmp/root
  └── .config
      └── libimobiledevice
          ├── HostCertificate.pem
          ├── HostPrivateKey.pem
          ├── libimobiledevicerc
          ├── RootCertificate.pem
          └── RootPrivateKey.pem

  Given the names of some of the files and the fact they probably relate to my 
phone, I suspect they should not live here, and certainly not be 
world-readable, as they currently are:
  $ sudo -u nobody sha256sum /tmp/root/.config/libimobiledevice/*               
                                                                       
  35df7500851f8b77e97da0d19b656233fa70e23933426bcce9c1860ad30d854c  
/tmp/root/.config/libimobiledevice/HostCertificate.pem
  4a50a2982d2479d7f4cee23c41c93ba0d31bc97732d4d0accaa7e24d643003f1  
/tmp/root/.config/libimobiledevice/HostPrivateKey.pem
  49bb734ce3a6ac0bf517738e8c13dfdd6281f66bd63e82355a1aa319fd94aa2c  
/tmp/root/.config/libimobiledevice/libimobiledevicerc
  0753ad5f801544c927af58fa3521784246fe510ee3d7870863db736481e5b278  
/tmp/root/.config/libimobiledevice/RootCertificate.pem
  aa1d53e80d7033e8ca27ea37b140a8bdb1ae6185371975360751377013131e03  
/tmp/root/.config/libimobiledevice/RootPrivateKey.pem

  There are some files in $HOME/.config/libimobiledevice with similar
  names that date from October 10th 2012.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libimobiledevice/+bug/1164263/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : desktop-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to