found 546164 5.2.11.dsfg.1-1
severity 546164 important
tag 546164 security
thanks
On Wednesday 23 September 2009 02:22:45 sean finney wrote:
Version: 5.2.11.dsfg.1-1
hi federico,
On Wed, Sep 23, 2009 at 08:58:29AM +0200, Federico Gimenez Nieto wrote:
This seems to be fixed after the upload of 5.2.11.dsfg.1-1.
great, thanks for letting us know. it's a bit odd since i don't think
we did anything explicitly for this, nor was there anything in the
upstream changelog mentioning the problem/fix... but hey, i'll take a
free fix :)
Nah, it was not fixed. It stopped being an RC issue because the tmpdir path is
now set to something under /tmp, which an unprivileged user can create. I
have a patch to workaround it by restoring the value originally set by
PEAR::Config, but this still doesn't solve the real issue (and it is also
open to symlink attacks[1]).
[1] I don't remember the exact test conditions I used to test the symlink
attack, though, as I did it in a rush.
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
