Re: apt-cacher: TEMP-0000000-62D57E
On Saturday 06 August 2011, Henri Salo wrote:
> Does someone have more information about this issue than:
>
> Committed by stef-guest at 2008-01-22 23:47:35 +0200 (Tue, 22 Jan
> 2008): """
> CVE-2008-XXXX [apt-cacher arbitrary command execution]
> - apt-cacher 1.6.1
> [etch] - apt-cacher <not-affected> (vulnerable code
> introduced in 1.6.0) [sarge] - apt-cacher <not-affected>
> (vulnerable code introduced in 1.6.0) """
The changelog has it:
* Security fix -- only use red to apply pdiffs (hence urgency)
If pdiffs are applied using ed, 'e' and '!' commands in the pdiffs
allow to execute arbitrary shell commands on the local host.
> What is the correct change in version control? How about
> changelog-entry? There seems to be old similar issue:
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1854
>
> """
> [03 Aug 2005] DSA-772-1 apt-cacher - missing input sanitising
> {CVE-2005-1854}
> [sarge] - apt-cacher 0.9.4sarge1 (high)
> NOTE: not fixed in testing at time of DSA (not uploaded to
> unstable yet) """
I don't know anything about that. But IMHO pdiffs are newer, so it
can't be the same. Maybe it's this change:
apt-cacher (0.9.10) unstable; urgency=high
* SECURITY: replaces execution of curl in a shell environment (with
possibly
tainted command line parts) with a safe pipe construct
Reply to: