Debian Bug report logs -
#605419
CVE-2010-4337 gnash: configure creates temp files insecurely
Reported by: Jakub Wilk <jwilk@debian.org>
Date: Mon, 29 Nov 2010 20:09:01 UTC
Severity: normal
Tags: security, squeeze
Found in version gnash/0.8.8-5
Fixed in versions gnash/0.8.8-5+squeeze1, 0.8.9-1
Done: Petter Reinholdtsen <pere@hungry.com>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, jwilk@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Flash Team <pkg-flash-devel@lists.alioth.debian.org>:
Bug#605419; Package src:gnash.
(Mon, 29 Nov 2010 20:09:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Jakub Wilk <jwilk@debian.org>:
New Bug report received and forwarded. Copy sent to jwilk@debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Flash Team <pkg-flash-devel@lists.alioth.debian.org>.
(Mon, 29 Nov 2010 20:09:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Source: gnash
Version: 0.8.8-5
Tags: security
The configure script creates temporary files in an insecure way:
$ grep -A 7 '$$' gnash-0.8.8/configure
cerr=/tmp/gnash-configure-errors.$$
cwarn=/tmp/gnash-configure-warnings.$$
crec=/tmp/gnash-configure-recommended.$$
echo ""
#trap 'rm cerr' 0 # trap isn't a good idea, might override other traps
exec 3> $cerr
exec 4> $cwarn
exec 5> $crec
--
Jakub Wilk
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian Flash Team <pkg-flash-devel@lists.alioth.debian.org>:
Bug#605419; Package src:gnash.
(Wed, 19 Jan 2011 00:39:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Gabriele Giacone <1o5g4r8o@gmail.com>:
Extra info received and forwarded to list. Copy sent to Debian Flash Team <pkg-flash-devel@lists.alioth.debian.org>.
(Wed, 19 Jan 2011 00:39:03 GMT) (full text, mbox, link).
Message #10 received at 605419@bugs.debian.org (full text, mbox, reply):
retitle 605419 CVE-2010-4337 gnash: configure creates temp files insecurely
thanks
On Mon, Nov 29, 2010 at 09:06:06PM +0100, Jakub Wilk wrote:
> Source: gnash
> Version: 0.8.8-5
> Tags: security
>
> The configure script creates temporary files in an insecure way:
Thanks for your bug.
Fixed upstream [1].
0.8.9~git20101219-1 version in experimental not affected.
I'll try to propose it for squeeze as well.
[1] http://deb.li/3ttG
--
Gabriele
Changed Bug title to 'CVE-2010-4337 gnash: configure creates temp files insecurely' from 'gnash: configure creates temp files insecurely'
Request was from Gabriele Giacone <1o5g4r8o@gmail.com>
to control@bugs.debian.org.
(Wed, 19 Jan 2011 00:39:04 GMT) (full text, mbox, link).
Added tag(s) squeeze.
Request was from Gabriele Giacone <1o5g4r8o@gmail.com>
to control@bugs.debian.org.
(Sun, 27 Feb 2011 02:45:02 GMT) (full text, mbox, link).
Reply sent
to Gabriele Giacone <1o5g4r8o@gmail.com>:
You have taken responsibility.
(Tue, 20 Mar 2012 21:36:33 GMT) (full text, mbox, link).
Notification sent
to Jakub Wilk <jwilk@debian.org>:
Bug acknowledged by developer.
(Tue, 20 Mar 2012 21:36:35 GMT) (full text, mbox, link).
Message #19 received at 605419-close@bugs.debian.org (full text, mbox, reply):
Source: gnash
Source-Version: 0.8.8-5+squeeze1
We believe that the bug you reported is fixed in the latest version of
gnash, which is due to be installed in the Debian FTP archive:
browser-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/browser-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
gnash-common-opengl_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/gnash-common-opengl_0.8.8-5+squeeze1_amd64.deb
gnash-common_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/gnash-common_0.8.8-5+squeeze1_amd64.deb
gnash-cygnal_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/gnash-cygnal_0.8.8-5+squeeze1_amd64.deb
gnash-dbg_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/gnash-dbg_0.8.8-5+squeeze1_amd64.deb
gnash-doc_0.8.8-5+squeeze1_all.deb
to main/g/gnash/gnash-doc_0.8.8-5+squeeze1_all.deb
gnash-opengl_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/gnash-opengl_0.8.8-5+squeeze1_amd64.deb
gnash-tools_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/gnash-tools_0.8.8-5+squeeze1_amd64.deb
gnash_0.8.8-5+squeeze1.debian.tar.gz
to main/g/gnash/gnash_0.8.8-5+squeeze1.debian.tar.gz
gnash_0.8.8-5+squeeze1.dsc
to main/g/gnash/gnash_0.8.8-5+squeeze1.dsc
gnash_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/gnash_0.8.8-5+squeeze1_amd64.deb
klash-opengl_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/klash-opengl_0.8.8-5+squeeze1_amd64.deb
klash_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/klash_0.8.8-5+squeeze1_amd64.deb
konqueror-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/konqueror-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
mozilla-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/mozilla-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
swfdec-gnome_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/swfdec-gnome_0.8.8-5+squeeze1_amd64.deb
swfdec-mozilla_0.8.8-5+squeeze1_amd64.deb
to main/g/gnash/swfdec-mozilla_0.8.8-5+squeeze1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 605419@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Gabriele Giacone <1o5g4r8o@gmail.com> (supplier of updated gnash package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 15 Mar 2012 08:51:14 +0000
Source: gnash
Binary: gnash-common gnash klash gnash-tools gnash-cygnal browser-plugin-gnash konqueror-plugin-gnash gnash-dbg gnash-doc gnash-common-opengl gnash-opengl klash-opengl swfdec-mozilla swfdec-gnome mozilla-plugin-gnash
Architecture: source all amd64
Version: 0.8.8-5+squeeze1
Distribution: stable-security
Urgency: high
Maintainer: Debian Flash Team <pkg-flash-devel@lists.alioth.debian.org>
Changed-By: Gabriele Giacone <1o5g4r8o@gmail.com>
Description:
browser-plugin-gnash - GNU Shockwave Flash (SWF) player - Plugin for Mozilla and derivat
gnash - GNU Shockwave Flash (SWF) player
gnash-common - GNU Shockwave Flash (SWF) player - Common files/libraries
gnash-common-opengl - dummy package for gnash-common-opengl removal
gnash-cygnal - GNU Shockwave Flash (SWF) player - Media server
gnash-dbg - GNU Shockwave Flash (SWF) player - Debug symbols
gnash-doc - GNU Shockwave Flash (SWF) player - API documentation
gnash-opengl - dummy package for gnash-opengl removal
gnash-tools - GNU Shockwave Flash (SWF) player - Command-line Tools
klash - GNU Shockwave Flash (SWF) player - Standalone player for KDE
klash-opengl - dummy package for klash-opengl removal
konqueror-plugin-gnash - GNU Shockwave Flash (SWF) player - Plugin for Konqueror
mozilla-plugin-gnash - dummy package for renaming to browser-plugin-gnash
swfdec-gnome - dummy package for transition to gnash
swfdec-mozilla - dummy package for transition to browser-plugin-gnash
Closes: 605419 649384 664023
Changes:
gnash (0.8.8-5+squeeze1) stable-security; urgency=high
.
* Fix CVE-2012-1175 (Closes: #664023).
* Fix CVE-2010-4337 (Closes: #605419).
* Fix CVE-2011-4328 (Closes: #649384).
+ Add libboost-iostreams-dev as B-D.
Checksums-Sha1:
7632e517de3029053742978aaf32fcbd89a2d3ff 2362 gnash_0.8.8-5+squeeze1.dsc
0643f95693022b9fe6c574799f3e90e0d0eb6655 5074764 gnash_0.8.8.orig.tar.gz
845a615c75fd8d4f9763f91a68bf99ddbb4cd3cc 42342 gnash_0.8.8-5+squeeze1.debian.tar.gz
3cd6a9d4343c7e1cb8c977c4e2339bd0c86b5d2c 5703642 gnash-doc_0.8.8-5+squeeze1_all.deb
3dd9e93d7af693ddf352bdf4f6a59578b8a6ca9a 2786880 gnash-common_0.8.8-5+squeeze1_amd64.deb
7060922685a1486857f55771fafb2a53b294f88d 181534 gnash_0.8.8-5+squeeze1_amd64.deb
f81360534b88c47fd9a8b039df2c0047db5b6adb 181526 klash_0.8.8-5+squeeze1_amd64.deb
5cbc962f8800b7ff8d54f4951e4ae835e9e9511d 160236 gnash-tools_0.8.8-5+squeeze1_amd64.deb
d6cabd5f875a2b117129b36e8defa73dbd45adfb 160074 gnash-cygnal_0.8.8-5+squeeze1_amd64.deb
9df288276f81db44be5882e18a037f3eddb51b2e 142164 browser-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
752068ba6f7db7d3807c697376d0f766ce8cf0ce 55170 konqueror-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
af757e874ff14a69bcc1cb059696c86fdf562c7b 31481204 gnash-dbg_0.8.8-5+squeeze1_amd64.deb
0022280e26df929a74791d076c3abce0d9269911 24834 gnash-common-opengl_0.8.8-5+squeeze1_amd64.deb
764e5981fbd4e32fdde743c80253faa2abc0409b 24832 gnash-opengl_0.8.8-5+squeeze1_amd64.deb
69c4d5342fc91c279e5273cc5bc4cd427e5a4be3 24830 klash-opengl_0.8.8-5+squeeze1_amd64.deb
3e01507acac0803415d86cfa57102dd0519ee0b9 24856 swfdec-mozilla_0.8.8-5+squeeze1_amd64.deb
e4a10616fc961b2ce8f4bcf26fd924e219f2f812 24832 mozilla-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
530d5d8e248904144374891a1232b6dafdce1aed 24838 swfdec-gnome_0.8.8-5+squeeze1_amd64.deb
Checksums-Sha256:
d7a1088e9c613f186620f8b9f88621f7f5ace70d01e841a7d9e90486acf1afb7 2362 gnash_0.8.8-5+squeeze1.dsc
3f19ddf1d18ba28ad949fb4eb3468786cd28abb59154a68a002551ee4e67f5e4 5074764 gnash_0.8.8.orig.tar.gz
bb1cfa4e3ddfe1a4a92becc2f890d2c827d82746e86045b556ea9bbfab8d0786 42342 gnash_0.8.8-5+squeeze1.debian.tar.gz
6c62bb20211d01179bab18864632c88d6e370ca2f39707ad3c08cf7f3df162f3 5703642 gnash-doc_0.8.8-5+squeeze1_all.deb
560170aa8b2a18bf99fe8fa6b864d82b47665c9b36536e6c75f441742155273f 2786880 gnash-common_0.8.8-5+squeeze1_amd64.deb
4fc56fc9c4e0e2088df6e50d041326be8d9b265dc684a007ee4a404fff55019a 181534 gnash_0.8.8-5+squeeze1_amd64.deb
e3bccb5ca0b6ff5ea32ab6c8f52f0658407130d856e0db3a443b633671bbf3af 181526 klash_0.8.8-5+squeeze1_amd64.deb
88bdc5b566c53a5ba0426bf3fa6c0773403f3401914384e12e53a555556dcb1b 160236 gnash-tools_0.8.8-5+squeeze1_amd64.deb
f6983c60058f8913a9e9a4df38ef94dadc147ef8dd19822ced8991c305b87cea 160074 gnash-cygnal_0.8.8-5+squeeze1_amd64.deb
39f11742108c91788a1abcbdcb6fa8927b62bda5a3c2b098a842a4ed2f4738f6 142164 browser-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
0a659b3160c690f65c9e146a8734d323145f5999b30c501b39c63e33c2de0ca3 55170 konqueror-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
d797615e36ff9195f3b0b16d3428dbda731f242d7f7e13e1e7a3937bbb28ea6a 31481204 gnash-dbg_0.8.8-5+squeeze1_amd64.deb
6edb169d809dbbe25d6f43a43fdc88ee06528a642112202d38b0f380af9b5407 24834 gnash-common-opengl_0.8.8-5+squeeze1_amd64.deb
e824821631f26ef94e826bcb7e747d77699ca943fdaa1cbabbe65e2ced0f372e 24832 gnash-opengl_0.8.8-5+squeeze1_amd64.deb
8873fb764f36544e5f5508c9233d3bc4d811b225d483f2892a579c6609d1737b 24830 klash-opengl_0.8.8-5+squeeze1_amd64.deb
b654fe44e6d900a7fe1e9ec65fecfcfc019c234d8f9903d1742f039191aae206 24856 swfdec-mozilla_0.8.8-5+squeeze1_amd64.deb
44c20d18c335400e3066e10c9a188a474bea5594ae768c9faeef309946b5d336 24832 mozilla-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
6c8b9cb38a3616168cbd0af67e6ac81eed57f02a9b7a1a13e1ccf1d1289d8b5b 24838 swfdec-gnome_0.8.8-5+squeeze1_amd64.deb
Files:
845b72a3bea29e2934d476dc5a593aae 2362 video optional gnash_0.8.8-5+squeeze1.dsc
aec414ee3bebb8901054818fae735214 5074764 video optional gnash_0.8.8.orig.tar.gz
e83e0b5314a9413c52bd08074e9683f9 42342 video optional gnash_0.8.8-5+squeeze1.debian.tar.gz
559e08de360962df5eb8a327084a07e4 5703642 doc optional gnash-doc_0.8.8-5+squeeze1_all.deb
7e1cf9562d9c41b9b7a89f3186a5aeb5 2786880 video optional gnash-common_0.8.8-5+squeeze1_amd64.deb
1e2a82a1e0aa3a0adaf543e4cfeb2747 181534 video optional gnash_0.8.8-5+squeeze1_amd64.deb
234296bc660f4f80627c84c517b6d6a9 181526 video optional klash_0.8.8-5+squeeze1_amd64.deb
a8fb1ecf800e51cd67ea0336b60be2a8 160236 video optional gnash-tools_0.8.8-5+squeeze1_amd64.deb
9f0a57441a7164753585982e4641c90a 160074 video optional gnash-cygnal_0.8.8-5+squeeze1_amd64.deb
632169dc99fb41df4970d5809bed6762 142164 video optional browser-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
df7f15d9988bee8009713e5c9fa709e0 55170 video optional konqueror-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
e511523aaa90cc04cfac51224cec109e 31481204 debug extra gnash-dbg_0.8.8-5+squeeze1_amd64.deb
2ab519de203ded364fddc41ce60c58c2 24834 video extra gnash-common-opengl_0.8.8-5+squeeze1_amd64.deb
ae632b63ac4f44bc8214a3a22c2ca804 24832 video extra gnash-opengl_0.8.8-5+squeeze1_amd64.deb
811101dd859f0af75e76f79d735a8ec9 24830 video extra klash-opengl_0.8.8-5+squeeze1_amd64.deb
1839d66d664fb84f54dc8e79f2922cec 24856 video extra swfdec-mozilla_0.8.8-5+squeeze1_amd64.deb
d78e0ffd2a90a060b72905e0f2b3e7bd 24832 video extra mozilla-plugin-gnash_0.8.8-5+squeeze1_amd64.deb
6e931c9e6c256cb30f2bf1e3356acee2 24838 video extra swfdec-gnome_0.8.8-5+squeeze1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEARECAAYFAk9j968ACgkQQWTRs4lLtHk8qQCdHRyv5Jga7RMa7ZbDddIBqwBl
2vUAnjv0pxfLwHLGs1baNUuJ1uBT9gde
=rLpn
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 11 Jun 2012 07:38:07 GMT) (full text, mbox, link).
Bug unarchived.
Request was from Petter Reinholdtsen <pere@hungry.com>
to control@bugs.debian.org.
(Fri, 05 Feb 2016 23:36:03 GMT) (full text, mbox, link).
Reply sent
to Petter Reinholdtsen <pere@hungry.com>:
You have taken responsibility.
(Sat, 06 Feb 2016 07:39:06 GMT) (full text, mbox, link).
Notification sent
to Jakub Wilk <jwilk@debian.org>:
Bug acknowledged by developer.
(Sat, 06 Feb 2016 07:39:06 GMT) (full text, mbox, link).
Message #28 received at 605419-done@bugs.debian.org (full text, mbox, reply):
Version: 0.8.9-1
[Gabriele Giacone]
> Fixed upstream [1].
> 0.8.9~git20101219-1 version in experimental not affected.
> I'll try to propose it for squeeze as well.
Somehow this bug was never closed in 0.8.9, and the CVE tracker missed that it
is fixed. Trying to fix it.
--
Happy hacking
Petter Reinholdtsen
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 06 Mar 2016 07:27:59 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 17:51:10 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon