please unblock qtparted/0.4.5-8 it fixes RC bug 598301 (CVE-2010-3375: insecure library loading) the debdiff is minimal: debdiff qtparted_0.4.5-7.dsc qtparted_0.4.5-8.dsc diff -Nru qtparted-0.4.5/debian/changelog qtparted-0.4.5/debian/changelog --- qtparted-0.4.5/debian/changelog 2010-08-26 10:00:07.000000000 +1000 +++ qtparted-0.4.5/debian/changelog 2010-09-28 16:19:55.000000000 +1000 @@ -1,3 +1,11 @@ +qtparted (0.4.5-8) unstable; urgency=high + + * QA upload. + * Fix CVE-2010-3375 insecure library loading + * Closes: 598301 + + -- Anibal Monsalve Salazar <anibal@debian.org> Tue, 28 Sep 2010 16:10:55 +1000 + qtparted (0.4.5-7) unstable; urgency=low * QA upload. diff -Nru qtparted-0.4.5/debian/patches/CVE-2010-3375_insecure_library_loading qtparted-0.4.5/debian/patches/CVE-2010-3375_insecure_library_loading --- qtparted-0.4.5/debian/patches/CVE-2010-3375_insecure_library_loading 1970-01-01 10:00:00.000000000 +1000 +++ qtparted-0.4.5/debian/patches/CVE-2010-3375_insecure_library_loading 2010-09-28 16:35:19.000000000 +1000 @@ -0,0 +1,29 @@ +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3375 +http://security-tracker.debian.org/tracker/CVE-2010-3375 +http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598301 + +When there's an empty item on the colon-separated list of +LD_LIBRARY_PATH, ld.so treats it as '.' (i.e. CWD/$PWD.) +If the given script is executed from a directory where a potential, +local, attacker can write files to, there's a chance to exploit this +bug. + +Patch by Anibal Monsalve Salazar <anibal@debian.org> + +--- a/data/run_qtparted.in 2005-07-07 06:54:36.000000000 +1000 ++++ b/data/run_qtparted.in 2010-09-28 15:53:58.000000000 +1000 +@@ -43,7 +43,13 @@ + + # defines environment variables + export QTDIR=@PATH_QTDIR@ +-export LD_LIBRARY_PATH="$QTDIR/lib:$LD_LIBRARY_PATH" ++LD_LIBRARY_PATH=$( sed "s/\s//g" <<< "$LD_LIBRARY_PATH" ) ++if [ -n "$LD_LIBRARY_PATH" ] ++then ++ export LD_LIBRARY_PATH="$QTDIR/lib:$LD_LIBRARY_PATH" ++else ++ export LD_LIBRARY_PATH="$QTDIR/lib" ++fi + export PATH=/sbin:/usr/sbin:/bin:/usr/bin:$PATH + getmousetype + diff -Nru qtparted-0.4.5/debian/patches/series qtparted-0.4.5/debian/patches/series --- qtparted-0.4.5/debian/patches/series 2010-08-26 09:32:09.000000000 +1000 +++ qtparted-0.4.5/debian/patches/series 2010-09-28 16:28:30.000000000 +1000 @@ -1,3 +1,4 @@ debian-changes-0.4.5-6 modified-r252.diff debian-changes-0.4.5-7 +CVE-2010-3375_insecure_library_loading
Attachment:
signature.asc
Description: Digital signature