Bug#453283: marked as done (CVE-2007-6061: possible symlink attack)
Your message dated Mon, 21 Jan 2008 20:47:05 +0000
with message-id <E1JH3Xt-0003Zm-Nm@ries.debian.org>
and subject line Bug#453283: fixed in audacity 1.3.4-1.1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: CVE-2007-6061: possible symlink attack
- From: Steffen Joeris <steffen.joeris@skolelinux.de>
- Date: Wed, 28 Nov 2007 21:28:21 +1100
- Message-id: <20071128102821.12289.61196.reportbug@hannah.debian.org>
Package: audacity
Severity: grave
Tags: security
Justification: user security hole
Hi
The following CVE[0] has been issued against audacity.
CVE-2007-6061:
Audacity 1.3.2 creates a temporary directory with a predictable name
without checking for previous existence of that directory, which allows
local users to cause a denial of service (recording deadlock) by
creating the directory before Audacity is run. NOTE: this issue can be
leveraged to delete arbitrary files or directories via a symlink attack.
Please mention the CVE id in your changelog, when you fix this bug.
Thanks for your efforts.
Cheers
Steffen
[0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6061
--- End Message ---
--- Begin Message ---
Source: audacity
Source-Version: 1.3.4-1.1
We believe that the bug you reported is fixed in the latest version of
audacity, which is due to be installed in the Debian FTP archive:
audacity_1.3.4-1.1.diff.gz
to pool/main/a/audacity/audacity_1.3.4-1.1.diff.gz
audacity_1.3.4-1.1.dsc
to pool/main/a/audacity/audacity_1.3.4-1.1.dsc
audacity_1.3.4-1.1_i386.deb
to pool/main/a/audacity/audacity_1.3.4-1.1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 453283@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Nico Golde <nion@debian.org> (supplier of updated audacity package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 21 Jan 2008 19:08:54 +0100
Source: audacity
Binary: audacity
Architecture: source i386
Version: 1.3.4-1.1
Distribution: unstable
Urgency: high
Maintainer: Debian Multimedia Team <debian-multimedia@lists.debian.org>
Changed-By: Nico Golde <nion@debian.org>
Description:
audacity - A fast, cross-platform audio editor
Closes: 453283
Changes:
audacity (1.3.4-1.1) unstable; urgency=high
.
* Non-maintainer upload by security team.
* Fix insecure directory creation in /tmp by moving the directory
to the users home directory (CVE-2007-6061; Closes: #453283).
* Adding NEWS file to advise the user to change the tmp path
in his config file so there is a notification for users who
are already vulnerable.
Files:
254c2f5c46969235b4dd7c7805c4b1f4 983 sound optional audacity_1.3.4-1.1.dsc
68707f838a7a262301746c2c21458ecc 22152 sound optional audacity_1.3.4-1.1.diff.gz
63c15dba4d8dd26ca579371dc457256b 2948366 sound optional audacity_1.3.4-1.1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHlPcCHYflSXNkfP8RAuWgAKCTgkSQdIWJ29WV2Jg5eAF4Ae3BoACfZvNk
OyvukoH+QAmKP/DaT29qzJc=
=96fj
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: