Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: c344c58b by Salvatore Bonaccorso at 2018-01-04T18:08:15+01:00 Add CVE-2017-18018/coreutils This item should probably be marked as unimportant. https://lists.gnu.org/archive/html/coreutils/2017-12/msg00071.html > On 12/28/2017 04:36 PM, Michael Orlitzky wrote: > > Does anyone mind if I reserve a CVE for this? > > > Of course not - but I doubt that we can do much about it: > the chown(1) binary is just a wrapper around chown(2)/lchown(2), > so whatever (other) utility uses these system calls in a recursive > way will be prone to that trap. > > I think the best way to handle this is to keep teaching sysadmins > to avoid the --dereference option together with -R; usually > "chown -R" with the default -P is probably good enough. > > It would probably be good to add a clarifying sentence to the Texinfo > documentation. Would you like to propose a sentence? Will just be fixed by clarifying documentation about security risk. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -267,7 +267,12 @@ CVE-2017-18020 (On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) softwa CVE-2017-18019 (In K7 Total Security before 15.1.0.305, user-controlled input to the ...) NOT-FOR-US: K7 Total Security CVE-2017-18018 (In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not ...) - TODO: check + - coreutils <unfixed> + NOTE: http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html + NOTE: http://www.openwall.com/lists/oss-security/2018/01/04/3 + NOTE: Documentation patches proposed: + NOTE: https://lists.gnu.org/archive/html/coreutils/2017-12/msg00072.html + NOTE: https://lists.gnu.org/archive/html/coreutils/2017-12/msg00073.html CVE-2018-5078 (Online Ticket Booking has XSS via the admin/eventlist.php cast ...) NOT-FOR-US: Online Ticket Booking CVE-2018-5077 (Online Ticket Booking has XSS via the admin/movieedit.php moviename ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c344c58b5b43178b0c3bb6d5fd4011cef2a5e329 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c344c58b5b43178b0c3bb6d5fd4011cef2a5e329 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
