Debian Bug report logs -
#572560
CVE-2010-0412: Inproper restriction of "-B" option
Reported by: Moritz Muehlenhoff <jmm@debian.org>
Date: Thu, 4 Mar 2010 21:24:01 UTC
Severity: important
Tags: security
Fixed in versions systemtap/1.3-1, systemtap/1.2-4
Done: Ritesh Raj Sarraf <rrs@researchut.com>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Євгеній Мещеряков <eugen@debian.org>
:
Bug#572560
; Package systemtap
.
(Thu, 04 Mar 2010 21:24:04 GMT) (full text, mbox, link).
Acknowledgement sent
to Moritz Muehlenhoff <jmm@debian.org>
:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Євгеній Мещеряков <eugen@debian.org>
.
(Thu, 04 Mar 2010 21:24:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: systemtap
Severity: important
Tags: security
There's another systemtap vulnerability. Please investigate:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0412
http://lists.fedoraproject.org/pipermail/scm-commits/2010-February/394714.html
Cheers,
Moritz
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.32-2-686 (SMP w/1 CPU core)
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash
Versions of packages systemtap depends on:
ii libc6 2.10.2-5 Embedded GNU C Library: Shared lib
ii libelf1 0.145-1 library to read and write ELF file
ii libgcc1 1:4.4.3-2 GCC support library
ii libsqlite3-0 3.6.22-1 SQLite 3 shared library
ii libstdc++6 4.4.3-2 The GNU Standard C++ Library v3
pn systemtap-runtime <none> (no description available)
systemtap recommends no packages.
Versions of packages systemtap suggests:
pn systemtap-doc <none> (no description available)
pn vim-addon-manager <none> (no description available)
Bug Marked as fixed in versions systemtap/1.2-4.
Request was from Ritesh Raj Sarraf <rrs@debian.org>
to control@bugs.debian.org
.
(Mon, 22 Nov 2010 09:54:09 GMT) (full text, mbox, link).
Bug Marked as fixed in versions systemtap/1.3-1.
Request was from Ritesh Raj Sarraf <rrs@debian.org>
to control@bugs.debian.org
.
(Mon, 22 Nov 2010 09:54:10 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Ritesh Raj Sarraf <rrs@debian.org>
:
Bug#572560
; Package systemtap
.
(Wed, 10 Aug 2011 11:46:17 GMT) (full text, mbox, link).
Acknowledgement sent
to Timo Juhani Lindfors <timo.lindfors@iki.fi>
:
Extra info received and forwarded to list. Copy sent to Ritesh Raj Sarraf <rrs@debian.org>
.
(Wed, 10 Aug 2011 11:46:22 GMT) (full text, mbox, link).
Message #14 received at 572560@bugs.debian.org (full text, mbox, reply):
Ritesh Raj Sarraf <rrs@researchut.com> writes:
> I don't think this affects the version in squeeze. This one can be
> closed.
Ok and same probably goes for 572560?
-Timo
Message sent on
to Moritz Muehlenhoff <jmm@debian.org>
:
Bug#572560.
(Wed, 10 Aug 2011 11:46:48 GMT) (full text, mbox, link).
Reply sent
to rrs@researchut.com
:
You have taken responsibility.
(Wed, 10 Aug 2011 12:01:47 GMT) (full text, mbox, link).
Notification sent
to Moritz Muehlenhoff <jmm@debian.org>
:
Bug acknowledged by developer.
(Wed, 10 Aug 2011 12:02:06 GMT) (full text, mbox, link).
Message #22 received at 572560-done@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Yes. Marking it as done now.
On 08/10/2011 05:12 PM, Timo Juhani Lindfors wrote:
> Ritesh Raj Sarraf <rrs@researchut.com> writes:
>> I don't think this affects the version in squeeze. This one can be
>> closed.
> Ok and same probably goes for 572560?
>
> -Timo
--
Ritesh Raj Sarraf
RESEARCHUT - http://www.researchut.com
"Necessity is the mother of invention."
[signature.asc (application/pgp-signature, attachment)]
Message sent on
to Moritz Muehlenhoff <jmm@debian.org>
:
Bug#572560.
(Wed, 10 Aug 2011 12:03:10 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Thu, 08 Sep 2011 07:37:12 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 15:01:05 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.