Debian Bug report logs -
#776164
archmage: CVE-2015-1589: directory traversal
Reported by: Jakub Wilk <jwilk@debian.org>
Date: Sat, 24 Jan 2015 20:21:01 UTC
Severity: normal
Tags: security
Found in version archmage/1:0.2.4-3
Fixed in version archmage/1:0.2.4-4
Done: Mikhail Gusarov <dottedmag@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, jwilk@debian.org, Mikhail Gusarov <dottedmag@debian.org>:
Bug#776164; Package archmage.
(Sat, 24 Jan 2015 20:21:05 GMT) (full text, mbox, link).
Message #3 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: archmage
Version: 1:0.2.4-3
Tags: security
archmage is vulnerable to directory traversal via "../" sequences. As a
proof of concept, unpacking the attached CHM file creates a file in
/tmp:
$ ls /tmp/mooo
/bin/ls: cannot access /tmp/mooo: No such file or directory
$ archmage -x traversal.chm
$ ls /tmp/mooo
/tmp/mooo
-- System Information:
Debian Release: 8.0
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages archmage depends on:
ii python 2.7.8-2
ii python-beautifulsoup 3.2.1-1
ii python-chm 0.8.4.1-1
ii python2.7 2.7.9-1
--
Jakub Wilk
[traversal.chm (application/vnd.ms-htmlhelp, attachment)]
Added tag(s) pending.
Request was from dottedmag@users.alioth.debian.org
to control@bugs.debian.org.
(Mon, 02 Feb 2015 08:57:09 GMT) (full text, mbox, link).
Reply sent
to Mikhail Gusarov <dottedmag@debian.org>:
You have taken responsibility.
(Mon, 02 Feb 2015 09:51:17 GMT) (full text, mbox, link).
Notification sent
to Jakub Wilk <jwilk@debian.org>:
Bug acknowledged by developer.
(Mon, 02 Feb 2015 09:51:17 GMT) (full text, mbox, link).
Message #10 received at 776164-close@bugs.debian.org (full text, mbox, reply):
Source: archmage
Source-Version: 1:0.2.4-4
We believe that the bug you reported is fixed in the latest version of
archmage, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 776164@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mikhail Gusarov <dottedmag@debian.org> (supplier of updated archmage package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 02 Feb 2015 09:54:13 +0100
Source: archmage
Binary: archmage
Architecture: source all
Version: 1:0.2.4-4
Distribution: unstable
Urgency: high
Maintainer: Mikhail Gusarov <dottedmag@debian.org>
Changed-By: Mikhail Gusarov <dottedmag@debian.org>
Description:
archmage - CHM(Compiled HTML) Decompressor
Closes: 776164
Changes:
archmage (1:0.2.4-4) unstable; urgency=high
.
[ Jakub Wilk ]
* Use canonical URIs for Vcs-* fields.
.
[ Mikhail Gusarov ]
* Fix directory traversal bug (Closes: #776164).
Checksums-Sha1:
7e77567979d9e3e8e0d7e4f84b74c70787047782 1955 archmage_0.2.4-4.dsc
c4764fdc638e5c0cda73f2e8f73415946720f3f6 4116 archmage_0.2.4-4.debian.tar.xz
a965d64036b682c4bf18d30771c1bf8f1eba2a33 25860 archmage_0.2.4-4_all.deb
Checksums-Sha256:
7a9feeaecbee0667e321c3511f50a2e97b978d8da7ed6768328d72b397e52105 1955 archmage_0.2.4-4.dsc
bcef5906cd1176e95c22370db4c9b93da029f23adafc9846a1b6708e22264f9c 4116 archmage_0.2.4-4.debian.tar.xz
55b6c740aaa4296452f4a653fd3a2e682ea9a2c58cad60dad8f40aa8b6ca99c7 25860 archmage_0.2.4-4_all.deb
Files:
e5e4287d82ea848474f561746240b953 1955 utils optional archmage_0.2.4-4.dsc
0e64874d9830ead7b566627f35048883 4116 utils optional archmage_0.2.4-4.debian.tar.xz
6851e4b6aeb91cf35d98561d23cdf0d2 25860 utils optional archmage_0.2.4-4_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCgAGBQJUzzwYAAoJEJ0g9lA+M4iI3ooQAKXZP5DmBPKhnfD5PMuhk7ai
P3neBt2ToTWax+mN7QyRI45sZXiDhPTgUROOtKUr7SCb+rx3Wg6qUMDyhRW/Q9NV
vN7pp2gCr/BVHMl2RQ3N5fim8HI4Hv1MmQZ3KbDWB283jJvjFNZht3JRKferIH/n
xN1JMCPV83ta23SnwoRzmbhKGec6V3nvGLKuNB67wNumAdDWx5clJhsKriWbWIdJ
ghTOVQlUajpCOcYbUNTRGAEL77Joxagz3JHltWWIhPK5Yg8oB4kO+aJxrqNdmmt7
PqIsy1Gk6IJOlPSGqrkOXqStxdXhm1EYYbj+gJyH0+Jh9YdhuGjioZ/2sIZS5Y0w
ZyidkAMk0GrvIOn6njxURNobpR3d8zuyLW3NngEzjS+Jf+DP4Ck+Qh4Yx2ErQ2lG
TTZRTzWEi0OgMUIPUoTgJq9gOra9dRBsLNJuN5aOomUn+ft8Xe8UEJYg24+dJCwX
UIpOFbNvPe/HSQb7kR24AMtXUon0EhZ+HqOolt8cNj2pLsvsDY1+eoUGonBBN6GD
7dZFE2/8PzBg84GuIMFh+u4zU3Sp7h4nLDXAN/Y68xrY6+C78jq0Uvnb6XHHMazI
3rZHfJsQf6tEicHCLStkTJ1A/6ePCxb3G1czadamaGGU+vkmr5lvI02E9257BuOy
HQ8Ylf1MY8xBHo1+TIow
=ULR9
-----END PGP SIGNATURE-----
Changed Bug title to 'archmage: CVE-2015-1589: directory traversal' from 'archmage: directory traversal'
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Thu, 12 Feb 2015 21:03:04 GMT) (full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Fri, 13 Mar 2015 07:27:12 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 15:00:47 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon