Your message dated Wed, 27 Oct 2010 21:47:13 +0000
with message-id <e1pbdpx-0001pm...@franck.debian.org>
and subject line Bug#598288: fixed in ember 0.5.7-1.1
has caused the Debian Bug report #598288,
regarding ember: CVE-2010-3355: insecure library loading
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
598288: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598288
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: ember
Version: 0.5.7-1+b1
Severity: grave
Tags: security
User: t...@security.debian.org
Usertags: ldpath
Hello,
During a review of the Debian archive, I've found your package to
contain a script that can be abused by an attacker to execute arbitrary
code.
The vulnerability is introduced by an insecure change to
LD_LIBRARY_PATH, and environment variable used by ld.so(8) to look for
libraries on a directory other than the standard paths.
Vulnerable code follows:
/usr/games/ember line 60:
LD_LIBRARY_PATH=$prefix/lib/ember:$LD_LIBRARY_PATH
When there's an empty item on the colon-separated list of
LD_LIBRARY_PATH, ld.so treats it as '.' (i.e. CWD/$PWD.)
If the given script is executed from a directory where a potential,
local, attacker can write files to, there's a chance to exploit this
bug.
This vulnerability has been assigned the CVE id CVE-2010-3355. Please make sure
you mention it when forwarding this report to upstream and when fixing
this bug (everywhere: upstream and here at Debian.)
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3355
[1] http://security-tracker.debian.org/tracker/CVE-2010-3355
Sincerely,
Raphael Geissert
--- End Message ---
--- Begin Message ---
Source: ember
Source-Version: 0.5.7-1.1
We believe that the bug you reported is fixed in the latest version of
ember, which is due to be installed in the Debian FTP archive:
ember_0.5.7-1.1.diff.gz
to main/e/ember/ember_0.5.7-1.1.diff.gz
ember_0.5.7-1.1.dsc
to main/e/ember/ember_0.5.7-1.1.dsc
ember_0.5.7-1.1_amd64.deb
to main/e/ember/ember_0.5.7-1.1_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 598...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Etienne Millon <etienne.mil...@gmail.com> (supplier of updated ember package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 24 Oct 2010 17:40:16 +0200
Source: ember
Binary: ember
Architecture: source amd64
Version: 0.5.7-1.1
Distribution: unstable
Urgency: high
Maintainer: Michael Koch <konque...@gmx.de>
Changed-By: Etienne Millon <etienne.mil...@gmail.com>
Description:
ember - 3D client of the WorldForge project
Closes: 598288
Changes:
ember (0.5.7-1.1) unstable; urgency=high
.
* Non-maintainer upload.
* ember, ember.in
- Proper escape of LD_LIBRARY_PATH, fixes CVE-2010-3355 "insecure library
loading" (grave, security; Closes: #598288)
Checksums-Sha1:
fbec9f4f4321f018d910d43049ed5756ee29acbe 1316 ember_0.5.7-1.1.dsc
a6df4c14f59833dced8f7245db69a63bddbb0e6e 62296 ember_0.5.7-1.1.diff.gz
51ed069fcd84d09545880bf58a8e43e3d7622c7e 2237576 ember_0.5.7-1.1_amd64.deb
Checksums-Sha256:
0b63d5d363b56667d4ccfd741e398bfeef11724dc65d0e666a0ebea8899c1da8 1316
ember_0.5.7-1.1.dsc
82387d1031970df84fd103b9fc0bdc4be7feca19da34e120e8ac2e33f666ca35 62296
ember_0.5.7-1.1.diff.gz
416c1dd1713f5832b101bf8804b000472c016a2ae6544c5d6904f9e642c12d65 2237576
ember_0.5.7-1.1_amd64.deb
Files:
96c99f434a46cf6ff63fb215b647d16c 1316 games optional ember_0.5.7-1.1.dsc
d043bdd2313ea9e439fda266990b9f72 62296 games optional ember_0.5.7-1.1.diff.gz
680c0e55a43841b2764535304f1f029f 2237576 games optional
ember_0.5.7-1.1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAkzIm2YACgkQLARVQsm1Xazr7QCeMSGAdJbYr2SwfqgpJpJBvXCo
GdMAmwUCrTopen1SOpBz7KubjRgJdojI
=D+y6
-----END PGP SIGNATURE-----
--- End Message ---
