menu-cache: CVE-2017-8933: socket may be blocked by another user

Related Vulnerabilities: CVE-2017-8933  

Debian Bug report logs - #862570
menu-cache: CVE-2017-8933: socket may be blocked by another user

version graph

Reported by: Andriy Grytsenko <andrej@rep.kiev.ua>

Date: Sun, 14 May 2017 19:21:01 UTC

Severity: serious

Tags: security, upstream

Found in versions menu-cache/1.0.2-2, menu-cache/1.0.0-1

Fixed in version menu-cache/1.0.2-3

Done: Andriy Grytsenko <andrej@rep.kiev.ua>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian LXDE Maintainers <pkg-lxde-maintainers@lists.alioth.debian.org>:
Bug#862570; Package libmenu-cache3. (Sun, 14 May 2017 19:21:04 GMT) (full text, mbox, link).


Acknowledgement sent to Andriy Grytsenko <andrej@rep.kiev.ua>:
New Bug report received and forwarded. Copy sent to Debian LXDE Maintainers <pkg-lxde-maintainers@lists.alioth.debian.org>. (Sun, 14 May 2017 19:21:04 GMT) (full text, mbox, link).


Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Andriy Grytsenko <andrej@rep.kiev.ua>
To: submit@bugs.debian.org
Subject: libmenu-cache: menu-cached socket may be blocked by another user.
Date: Sun, 14 May 2017 22:17:18 +0300
Package: libmenu-cache3
Version: 1.0.2-2
Severity: serious
Tags: upstream security

The socket placed in /tmp is predictable and public-writable. Therefore
if one user placed a symlink to another socket instead of socket for
another use then said another user will either be unable to get menu, or
will receive menu of some other user. Upstream released a fix for this
issue:

https://git.lxde.org/gitweb/?p=lxde/menu-cache.git;a=commitdiff;h=56f66684592abf257c4004e6e1fff041c64a12ce



Marked as found in versions menu-cache/1.0.0-1. Request was from Andriy Grytsenko <andrej@rep.kiev.ua> to control@bugs.debian.org. (Sun, 14 May 2017 20:39:07 GMT) (full text, mbox, link).


Reply sent to Andriy Grytsenko <andrej@rep.kiev.ua>:
You have taken responsibility. (Sun, 14 May 2017 21:09:12 GMT) (full text, mbox, link).


Notification sent to Andriy Grytsenko <andrej@rep.kiev.ua>:
Bug acknowledged by developer. (Sun, 14 May 2017 21:09:12 GMT) (full text, mbox, link).


Message #12 received at 862570-close@bugs.debian.org (full text, mbox, reply):

From: Andriy Grytsenko <andrej@rep.kiev.ua>
To: 862570-close@bugs.debian.org
Subject: Bug#862570: fixed in menu-cache 1.0.2-3
Date: Sun, 14 May 2017 21:06:35 +0000
Source: menu-cache
Source-Version: 1.0.2-3

We believe that the bug you reported is fixed in the latest version of
menu-cache, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 862570@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Andriy Grytsenko <andrej@rep.kiev.ua> (supplier of updated menu-cache package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 14 May 2017 22:41:22 +0300
Source: menu-cache
Binary: libmenu-cache3 libmenu-cache-dev libmenu-cache-doc libmenu-cache-dbg libmenu-cache-bin libmenu-cache-bin-dbg
Architecture: source amd64 all
Version: 1.0.2-3
Distribution: unstable
Urgency: medium
Maintainer: Debian LXDE Maintainers <pkg-lxde-maintainers@lists.alioth.debian.org>
Changed-By: Andriy Grytsenko <andrej@rep.kiev.ua>
Description:
 libmenu-cache-bin - LXDE implementation of the freedesktop Menu's cache (libexec)
 libmenu-cache-bin-dbg - LXDE implementation of the freedesktop Menu's cache (libexec debu
 libmenu-cache-dbg - LXDE implementation of the freedesktop Menu's cache (debug)
 libmenu-cache-dev - LXDE implementation of the freedesktop Menu's cache (devel)
 libmenu-cache-doc - LXDE implementation of the freedesktop Menu's cache (docs)
 libmenu-cache3 - LXDE implementation of the freedesktop Menu's cache
Closes: 862570
Changes:
 menu-cache (1.0.2-3) unstable; urgency=medium
 .
   * Adding 02-Fix-potential-access-violation.patch from upstream
     (Closes: #862570).
Checksums-Sha1:
 7eb4b0a0c27ddf8dba00964d802e6d1f9a86c99b 2391 menu-cache_1.0.2-3.dsc
 f9714d677c20417898c2c130ac27729e6d8fc988 6356 menu-cache_1.0.2-3.debian.tar.xz
 4acff195fe99018ce5b79d95f7fb4e7d6352b6b9 79818 libmenu-cache-bin-dbg_1.0.2-3_amd64.deb
 95aa36f1bcf120b6bcffa283c3500efdfc0b1107 33454 libmenu-cache-bin_1.0.2-3_amd64.deb
 39baaf24392b4637ad9708f490eb6d28ec57e9b9 35874 libmenu-cache-dbg_1.0.2-3_amd64.deb
 7976b646d2a86fdd0931a0affe6abed6c84d93af 44530 libmenu-cache-dev_1.0.2-3_amd64.deb
 dfa3c0b521fc508417b6ecbc1f0baf4fa0488565 20640 libmenu-cache-doc_1.0.2-3_all.deb
 f4f61c1ae8be7e20120a6b0a3db81a2355915528 19058 libmenu-cache3_1.0.2-3_amd64.deb
 18b4d8622c95f63f928ab918f7c10543eeab5006 7986 menu-cache_1.0.2-3_amd64.buildinfo
Checksums-Sha256:
 529ad369b0908364ff9c4c355c35823d44b8ac65271b9556c3ab92a55ee95464 2391 menu-cache_1.0.2-3.dsc
 6f8ca2e7a12dbe6d804b113cd3e209176b3a2e6c599a61a5907563b7817952c1 6356 menu-cache_1.0.2-3.debian.tar.xz
 9913374fdebd67b73488426f560db939c6f3e66130675d2ebb96fc59198bcebd 79818 libmenu-cache-bin-dbg_1.0.2-3_amd64.deb
 5c9002701a23f432ef2029de56a771db3f07170e75e62e5e37d09a890af65d7a 33454 libmenu-cache-bin_1.0.2-3_amd64.deb
 e5156430988b2b02787a1119f9cb2bc4fcfd0e16c3a7e6e2c326b4cddb5918af 35874 libmenu-cache-dbg_1.0.2-3_amd64.deb
 6137ca672fcbb158d967dcaba9aa818202230f866fb6b0c1eca67ace48ee3360 44530 libmenu-cache-dev_1.0.2-3_amd64.deb
 02763fead26a848118c2a2aeb67c46e6d86b6679163b555d86f596a0b64a00ec 20640 libmenu-cache-doc_1.0.2-3_all.deb
 5332de84aad0c9fcd3d5041dec4b9737a718e3144c8ad7e2ae09f614c14ffcaa 19058 libmenu-cache3_1.0.2-3_amd64.deb
 e9ed423421ffa78275d087a941b59a097e4741b94ba3897a6d9679450518ebb3 7986 menu-cache_1.0.2-3_amd64.buildinfo
Files:
 06c4734653b1643d657e57442060acf2 2391 libs optional menu-cache_1.0.2-3.dsc
 fa3ab995291c1a3eba6d14b59bbf0797 6356 libs optional menu-cache_1.0.2-3.debian.tar.xz
 0b29a3e364a5b50bc726af2f007afaf9 79818 debug extra libmenu-cache-bin-dbg_1.0.2-3_amd64.deb
 52e16be3975c674d078c13d93ce1a86e 33454 libs optional libmenu-cache-bin_1.0.2-3_amd64.deb
 5a9d2bb60f684317dc59cf6ed6e58bcc 35874 debug extra libmenu-cache-dbg_1.0.2-3_amd64.deb
 720b61b46f38b3ac445a4a004e24ab66 44530 libdevel optional libmenu-cache-dev_1.0.2-3_amd64.deb
 0ed01f298cbdc778e3e401ef3ea14bb3 20640 doc optional libmenu-cache-doc_1.0.2-3_all.deb
 f2f1ed7b1e2ddbbdc78e82d1589a04dd 19058 libs optional libmenu-cache3_1.0.2-3_amd64.deb
 fd70e316c20860202274d938bc4ba3b2 7986 libs optional menu-cache_1.0.2-3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBCgAGBQJZGLTgAAoJEAV2MC/hidTSK5cP/39mT47R+7VOx3pM6ItpCc10
7kqJ0ag6JcDBVlPf4dyzjadFDeX9Bo8jvOWZs2uk/fJmHAkLeYHaSV6A9+pWQdOM
u+XFph/k5hOj9E9aUFVdkL2qfOlbNKgo5H4icFtfOG+6lruFLiXpSb89VZDD7ldx
3nIcc+Edazeqwjkd/4Hc1uSMEUKhKZKNuk6WYWXMEaRbOKGnFwTgaz/19ZeZ8whZ
SddDiIw9maa1EuOJ1UzwQkbC372QTr/Wb4NzDrGghr0Brc5+4WvjWTVkA/AZf9RZ
fP3mWWDq+Gc/8/F0ONFBQKONDD/fTwpeuO2S/bsyUssAgTZsdau2mYCW1Arij/QC
tvrgkH2KAnlRi97kqXE6YlYeI07uULAh07LFoqxTxISXXuFlkqlsmc4RZunIxJhx
b/CnTUGxGhJgrWnpKO5c8LxosJLY/o0LQYc8gJBIC0Clf26xN2efTefd/ONkG3a4
6NbUCMxgMRVbVx70LHksAjTmriKMs7WglBS9gyXptWAuKgCh4MspHJmOZ1Lhnaup
F6+HIZHPZtFCUzHFAOZHiVIcrM3rFN44TiKyphY/AaoSTPgTZ0WkbFeJJaAk9XeJ
tQfNMwsQGvG4ldkQsbcgFXQt5aBXBQaDjPm+CX0HkKRmoulD3SLxR7YjP+C4HBZJ
UpqK98e7ybWcr0aliBd7
=8vy6
-----END PGP SIGNATURE-----




Information forwarded to debian-bugs-dist@lists.debian.org, Debian LXDE Maintainers <pkg-lxde-maintainers@lists.alioth.debian.org>:
Bug#862570; Package libmenu-cache3. (Mon, 15 May 2017 09:21:03 GMT) (full text, mbox, link).


Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian LXDE Maintainers <pkg-lxde-maintainers@lists.alioth.debian.org>. (Mon, 15 May 2017 09:21:03 GMT) (full text, mbox, link).


Message #17 received at 862570@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: Andriy Grytsenko <andrej@rep.kiev.ua>, 862570@bugs.debian.org
Subject: Re: Bug#862570: libmenu-cache: menu-cached socket may be blocked by another user.
Date: Mon, 15 May 2017 11:16:01 +0200
Hi

I requested a CVE via cveform.mitre.org for this issue.

Regards,
Salvatore



Information forwarded to debian-bugs-dist@lists.debian.org, Debian LXDE Maintainers <pkg-lxde-maintainers@lists.alioth.debian.org>:
Bug#862570; Package libmenu-cache3. (Mon, 15 May 2017 14:45:03 GMT) (full text, mbox, link).


Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian LXDE Maintainers <pkg-lxde-maintainers@lists.alioth.debian.org>. (Mon, 15 May 2017 14:45:03 GMT) (full text, mbox, link).


Message #22 received at 862570@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: Andriy Grytsenko <andrej@rep.kiev.ua>, 862570@bugs.debian.org
Subject: Re: Bug#862570: libmenu-cache: menu-cached socket may be blocked by another user.
Date: Mon, 15 May 2017 16:39:40 +0200
Control: retitle -1 menu-cache: CVE-2017-8933: socket may be blocked by another user

Hi

This issue has been assigned CVE-2017-8933.

Regards,
Salvatore



Changed Bug title to 'menu-cache: CVE-2017-8933: socket may be blocked by another user' from 'libmenu-cache: menu-cached socket may be blocked by another user.'. Request was from Salvatore Bonaccorso <carnil@debian.org> to 862570-submit@bugs.debian.org. (Mon, 15 May 2017 14:45:03 GMT) (full text, mbox, link).


Information forwarded to debian-bugs-dist@lists.debian.org, Debian LXDE Maintainers <pkg-lxde-maintainers@lists.alioth.debian.org>:
Bug#862570; Package libmenu-cache3. (Tue, 16 May 2017 11:57:06 GMT) (full text, mbox, link).


Acknowledgement sent to Andriy Grytsenko <andrej@rep.kiev.ua>:
Extra info received and forwarded to list. Copy sent to Debian LXDE Maintainers <pkg-lxde-maintainers@lists.alioth.debian.org>. (Tue, 16 May 2017 11:57:06 GMT) (full text, mbox, link).


Message #29 received at 862570@bugs.debian.org (full text, mbox, reply):

From: Andriy Grytsenko <andrej@rep.kiev.ua>
To: Salvatore Bonaccorso <carnil@debian.org>
Cc: 862570@bugs.debian.org
Subject: Re: Bug#862570: libmenu-cache: menu-cached socket may be blocked by another user.
Date: Tue, 16 May 2017 14:53:28 +0300
Thank you very much!



Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 16 Jul 2017 07:48:58 GMT) (full text, mbox, link).


Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Jun 19 17:27:39 2019; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.