Debian Bug report logs -
#509279
CVE-2008-5374: insecure temp file handling
Reported by: Steffen Joeris <steffen.joeris@skolelinux.de>
Date: Sat, 20 Dec 2008 19:03:01 UTC
Severity: important
Tags: patch, security
Fixed in version bash/4.0-2
Done: Matthias Klose <doko@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Matthias Klose <doko@debian.org>
:
Bug#509279
; Package bash-doc
.
(Sat, 20 Dec 2008 19:03:03 GMT) (full text, mbox, link).
Acknowledgement sent
to Steffen Joeris <steffen.joeris@skolelinux.de>
:
New Bug report received and forwarded. Copy sent to Matthias Klose <doko@debian.org>
.
(Sat, 20 Dec 2008 19:03:04 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: bash-doc
Severity: normal
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for cmus.
CVE-2008-5374[0]:
| bash-doc 3.2 allows local users to overwrite arbitrary files via a
| symlink attack on a /tmp/cb#####.? temporary file, related to the (1)
| aliasconv.sh, (2) aliasconv.bash, and (3) cshtobash scripts.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
Cheers
Steffen
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5374
http://security-tracker.debian.net/tracker/CVE-2008-5374
Information forwarded
to debian-bugs-dist@lists.debian.org, Matthias Klose <doko@debian.org>
:
Bug#509279
; Package bash-doc
.
(Tue, 23 Dec 2008 15:06:03 GMT) (full text, mbox, link).
Acknowledgement sent
to José Luis González <jlgonzal@ya.com>
:
Extra info received and forwarded to list. Copy sent to Matthias Klose <doko@debian.org>
.
(Tue, 23 Dec 2008 15:06:03 GMT) (full text, mbox, link).
Message #10 received at 509279@bugs.debian.org (full text, mbox, reply):
severity 509279 critical
thanks
This makes unrelated software on the system (or the whole system)
break, or causes serious data loss, or introduces a security
hole on systems where you install the package. I am raising severity to
critical accordingly.
Severity set to `critical' from `normal'
Request was from José Luis González <jlgonzal@ya.com>
to control@bugs.debian.org
.
(Tue, 23 Dec 2008 15:06:04 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Matthias Klose <doko@debian.org>
:
Bug#509279
; Package bash-doc
.
(Tue, 23 Dec 2008 17:45:06 GMT) (full text, mbox, link).
Acknowledgement sent
to dann frazier <dannf@debian.org>
:
Extra info received and forwarded to list. Copy sent to Matthias Klose <doko@debian.org>
.
(Tue, 23 Dec 2008 17:45:06 GMT) (full text, mbox, link).
Message #17 received at 509279@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
tag 509279 + patch
thanks
[CVE-2008-5374.patch (text/plain, attachment)]
Tags added: patch
Request was from dann frazier <dannf@debian.org>
to control@bugs.debian.org
.
(Tue, 23 Dec 2008 17:45:07 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Matthias Klose <doko@debian.org>
:
Bug#509279
; Package bash-doc
.
(Tue, 23 Dec 2008 21:03:05 GMT) (full text, mbox, link).
Acknowledgement sent
to Thijs Kinkhorst <thijs@debian.org>
:
Extra info received and forwarded to list. Copy sent to Matthias Klose <doko@debian.org>
.
(Tue, 23 Dec 2008 21:03:05 GMT) (full text, mbox, link).
Message #24 received at 509279@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
severity 509279 important
thanks
The security team believes that bugs like these in example scripts are not
critical bugs. Nevertheless, fixing them is of course very much encouraged,
so I hope Mathias will apply Dann's patch as soon as possible.
cheers,
Thijs
[Message part 2 (application/pgp-signature, inline)]
Severity set to `important' from `critical'
Request was from Thijs Kinkhorst <thijs@debian.org>
to control@bugs.debian.org
.
(Tue, 23 Dec 2008 21:03:07 GMT) (full text, mbox, link).
Reply sent
to Matthias Klose <doko@debian.org>
:
You have taken responsibility.
(Sat, 21 Mar 2009 15:45:12 GMT) (full text, mbox, link).
Notification sent
to Steffen Joeris <steffen.joeris@skolelinux.de>
:
Bug acknowledged by developer.
(Sat, 21 Mar 2009 15:45:12 GMT) (full text, mbox, link).
Message #31 received at 509279-close@bugs.debian.org (full text, mbox, reply):
Source: bash
Source-Version: 4.0-2
We believe that the bug you reported is fixed in the latest version of
bash, which is due to be installed in the Debian FTP archive:
bash-builtins_4.0-2_i386.deb
to pool/main/b/bash/bash-builtins_4.0-2_i386.deb
bash-doc_4.0-2_all.deb
to pool/main/b/bash/bash-doc_4.0-2_all.deb
bash-minimal_4.0-2_i386.deb
to pool/main/b/bash/bash-minimal_4.0-2_i386.deb
bash-static_4.0-2_i386.deb
to pool/main/b/bash/bash-static_4.0-2_i386.deb
bash_4.0-2.diff.gz
to pool/main/b/bash/bash_4.0-2.diff.gz
bash_4.0-2.dsc
to pool/main/b/bash/bash_4.0-2.dsc
bash_4.0-2_i386.deb
to pool/main/b/bash/bash_4.0-2_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 509279@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Matthias Klose <doko@debian.org> (supplier of updated bash package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 21 Mar 2009 15:06:46 +0100
Source: bash
Binary: bash bash-minimal bash-static bash-builtins bash-doc bashdb
Architecture: source all i386
Version: 4.0-2
Distribution: experimental
Urgency: low
Maintainer: Matthias Klose <doko@debian.org>
Changed-By: Matthias Klose <doko@debian.org>
Description:
bash - The GNU Bourne Again SHell
bash-builtins - Bash loadable builtins - headers & examples
bash-doc - Documentation and examples for the The GNU Bourne Again SHell
bash-minimal - The GNU Bourne Again SHell (minimal version)
bash-static - The GNU Bourne Again SHell (static version)
bashdb - The GNU Bourne Again SHell Debugger
Closes: 498474 509279 518289
Changes:
bash (4.0-2) experimental; urgency=low
.
* Apply upstream patches 001 - 010. Closes: #518289.
* Fix insecure temp file handling in examples scripts. Closes: #509279.
* /etc/skel.bashrc: Only source bash_completion, if posix mode is turned
off. Closes: #498474.
Checksums-Sha1:
12120d592076c4c5a2a008c31bd5cb2bbdf02254 1119 bash_4.0-2.dsc
a8d90adb3608b529c529019564eb1dee5e2c1c2a 86440 bash_4.0-2.diff.gz
e2e9ead7beab826a8fcfcb2bd11d65364f9d8239 311860 bash-doc_4.0-2_all.deb
01c3b0d7cd1cf9e7038b8c0698bbf0cb9830b18d 1098472 bash_4.0-2_i386.deb
d622e7528aa2ef5c3b377f4d9408d6edbc6c0c9c 107020 bash-builtins_4.0-2_i386.deb
78f5198475b7672dc2f32c6216126c03cf92d5d2 755032 bash-static_4.0-2_i386.deb
5d8465ce64dfac3cb29204df1663931fe5eae98e 224112 bash-minimal_4.0-2_i386.deb
Checksums-Sha256:
e7be84c771686a3aeee36aa3424d99d86a72b68e25a9a8844503b5ea406e57c8 1119 bash_4.0-2.dsc
629d8812b12b08f004e1513a16ac014344bb77e80a6fb3e23624dadd490fe4b3 86440 bash_4.0-2.diff.gz
7935c790bee2871d58154502ead022f256adadc76676c5ed479b26d488b24de4 311860 bash-doc_4.0-2_all.deb
c49ab504da2c5ccf292778c129996f1b1ae07f74be4c0891093b35ea77a390e7 1098472 bash_4.0-2_i386.deb
c8f4e3dae9990c75bc3ce7f8b2c697d2a935a1594d020afd60d5efcb63c32f33 107020 bash-builtins_4.0-2_i386.deb
6c2547cee538cdb47ed4020c5582d30409982298d2c38a1474c956663bb5af14 755032 bash-static_4.0-2_i386.deb
695d6c34a94e69765e7d848fcba2c3d24c08339563fd07575a90b21daacb03e2 224112 bash-minimal_4.0-2_i386.deb
Files:
3fbc13d082a7d400f84475cd87545e8b 1119 base required bash_4.0-2.dsc
783f75db92758ed62f8dfb02dbc52ef2 86440 base required bash_4.0-2.diff.gz
ed222fdcc0fb12196bd479e8d2f1a18a 311860 doc optional bash-doc_4.0-2_all.deb
207f4182695b1077738588e9832bf9e1 1098472 shells required bash_4.0-2_i386.deb
f5cff8405ff542d4154b98347b829388 107020 utils optional bash-builtins_4.0-2_i386.deb
cc5cf0b1316dcfce31a769d91f484e82 755032 shells optional bash-static_4.0-2_i386.deb
e82a85fea6c722415ce615fdf4cee900 224112 shells optional bash-minimal_4.0-2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAknFAoIACgkQStlRaw+TLJyemgCgogVXZCKx77xE24CkoeUrU+C7
+RYAni0VAGIXLT9nseuy8j2YMEb2kvbG
=w+jk
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org
.
(Thu, 03 Sep 2009 07:40:44 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:38:31 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.