Bug#635548: CVE-2011-2716

To: 635548@bugs.debian.org
Cc: "Nico Golde" <nico@ngolde.de>
Subject: Bug#635548: CVE-2011-2716
From: "Thijs Kinkhorst" <thijs@debian.org>
Date: Sun, 3 Jun 2012 11:43:33 +0200
Message-id: <[🔎] b99e2706eefb67ccfe98a9ad93c01881.squirrel@wm.kinkhorst.nl>
Reply-to: "Thijs Kinkhorst" <thijs@debian.org>, 635548@bugs.debian.org

Hi all,

Reading the bug about CVE-2011-2716, I think the only question left is this:

> > So, in all cases the variable is enclosed in double quotes.
>
> Yes this look secure. What about the udeb script?
> /debian/tree/busybox-udeb/usr/share/udhcpc/default.script:
> do_resolv_conf() {
>         local cfg=/etc/resolv.conf
>
>         if [ -n "$domain" ] || [ -n "$dns" ]; then
>                 echo -n > $cfg
>                 if [ -n "$domain" ]; then
>                         echo search $domain >> $cfg
>                 fi
>
>                 for i in $dns ; do
>                         echo nameserver $i >> $cfg
>                 done
>         fi
> }
>
> Not quoted in thsi case.

Does this still need to be fixed? If it is fixed then I think we can
consider this issue done.


Cheers,
Thijs

Reply to:

Follow-Ups:
- Bug#635548: CVE-2011-2716
  - From: Michael Tokarev <mjt@tls.msk.ru>

Prev by Date: Bug#675749: iso-scan stops during installation
Next by Date: Bug#635548: CVE-2011-2716
Previous by thread: Bug#675749: iso-scan stops during installation
Next by thread: Bug#635548: CVE-2011-2716
Index(es):
- Date
- Thread