Bug#600667: marked as done (eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path)
Your message dated Sun, 31 Oct 2010 08:33:09 +0000
with message-id <E1PCTLh-0004UH-7P@franck.debian.org>
and subject line Bug#600667: fixed in eglibc 2.11.2-7
has caused the Debian Bug report #600667,
regarding eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
600667: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600667
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
package: eglibc
version: 2.11.2-6
severity: grave
tag: patch
an issue has been disclosed in eglibc. see:
http://seclists.org/fulldisclosure/2010/Oct/257
patch available:
http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html
best wishes,
mike
--- End Message ---
--- Begin Message ---
Source: eglibc
Source-Version: 2.11.2-7
We believe that the bug you reported is fixed in the latest version of
eglibc, which is due to be installed in the Debian FTP archive:
eglibc-source_2.11.2-7_all.deb
to main/e/eglibc/eglibc-source_2.11.2-7_all.deb
eglibc_2.11.2-7.diff.gz
to main/e/eglibc/eglibc_2.11.2-7.diff.gz
eglibc_2.11.2-7.dsc
to main/e/eglibc/eglibc_2.11.2-7.dsc
glibc-doc_2.11.2-7_all.deb
to main/e/eglibc/glibc-doc_2.11.2-7_all.deb
libc-bin_2.11.2-7_amd64.deb
to main/e/eglibc/libc-bin_2.11.2-7_amd64.deb
libc-dev-bin_2.11.2-7_amd64.deb
to main/e/eglibc/libc-dev-bin_2.11.2-7_amd64.deb
libc6-dbg_2.11.2-7_amd64.deb
to main/e/eglibc/libc6-dbg_2.11.2-7_amd64.deb
libc6-dev-i386_2.11.2-7_amd64.deb
to main/e/eglibc/libc6-dev-i386_2.11.2-7_amd64.deb
libc6-dev_2.11.2-7_amd64.deb
to main/e/eglibc/libc6-dev_2.11.2-7_amd64.deb
libc6-i386_2.11.2-7_amd64.deb
to main/e/eglibc/libc6-i386_2.11.2-7_amd64.deb
libc6-pic_2.11.2-7_amd64.deb
to main/e/eglibc/libc6-pic_2.11.2-7_amd64.deb
libc6-prof_2.11.2-7_amd64.deb
to main/e/eglibc/libc6-prof_2.11.2-7_amd64.deb
libc6-udeb_2.11.2-7_amd64.udeb
to main/e/eglibc/libc6-udeb_2.11.2-7_amd64.udeb
libc6_2.11.2-7_amd64.deb
to main/e/eglibc/libc6_2.11.2-7_amd64.deb
libnss-dns-udeb_2.11.2-7_amd64.udeb
to main/e/eglibc/libnss-dns-udeb_2.11.2-7_amd64.udeb
libnss-files-udeb_2.11.2-7_amd64.udeb
to main/e/eglibc/libnss-files-udeb_2.11.2-7_amd64.udeb
locales-all_2.11.2-7_amd64.deb
to main/e/eglibc/locales-all_2.11.2-7_amd64.deb
locales_2.11.2-7_all.deb
to main/e/eglibc/locales_2.11.2-7_all.deb
nscd_2.11.2-7_amd64.deb
to main/e/eglibc/nscd_2.11.2-7_amd64.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 600667@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Aurelien Jarno <aurel32@debian.org> (supplier of updated eglibc package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 30 Oct 2010 18:15:54 +0200
Source: eglibc
Binary: libc-bin libc-dev-bin glibc-doc eglibc-source locales locales-all nscd libc6 libc6-dev libc6-dbg libc6-prof libc6-pic libc6-udeb libc6.1 libc6.1-dev libc6.1-dbg libc6.1-prof libc6.1-pic libc6.1-udeb libc0.3 libc0.3-dev libc0.3-dbg libc0.3-prof libc0.3-pic libc0.3-udeb libc0.1 libc0.1-dev libc0.1-dbg libc0.1-prof libc0.1-pic libc0.1-udeb libc6-i386 libc6-dev-i386 libc6-sparc64 libc6-dev-sparc64 libc6-s390x libc6-dev-s390x libc6-amd64 libc6-dev-amd64 libc6-powerpc libc6-dev-powerpc libc6-ppc64 libc6-dev-ppc64 libc6-mipsn32 libc6-dev-mipsn32 libc6-mips64 libc6-dev-mips64 libc0.1-i386 libc0.1-dev-i386 libc6-sparcv9b libc6-i686 libc6-xen libc0.1-i686 libc0.3-i686 libc0.3-xen libc6.1-alphaev67 libnss-dns-udeb libnss-files-udeb
Architecture: source all amd64
Version: 2.11.2-7
Distribution: unstable
Urgency: low
Maintainer: Aurelien Jarno <aurel32@debian.org>
Changed-By: Aurelien Jarno <aurel32@debian.org>
Description:
eglibc-source - Embedded GNU C Library: sources
glibc-doc - Embedded GNU C Library: Documentation
libc-bin - Embedded GNU C Library: Binaries
libc-dev-bin - Embedded GNU C Library: Development binaries
libc0.1 - Embedded GNU C Library: Shared libraries
libc0.1-dbg - Embedded GNU C Library: detached debugging symbols
libc0.1-dev - Embedded GNU C Library: Development Libraries and Header Files
libc0.1-dev-i386 - Embedded GNU C Library: 32bit development libraries for AMD64
libc0.1-i386 - Embedded GNU C Library: 32bit shared libraries for AMD64
libc0.1-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
libc0.1-pic - Embedded GNU C Library: PIC archive library
libc0.1-prof - Embedded GNU C Library: Profiling Libraries
libc0.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libc0.3 - Embedded GNU C Library: Shared libraries
libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
libc0.3-dev - Embedded GNU C Library: Development Libraries and Header Files
libc0.3-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
libc0.3-pic - Embedded GNU C Library: PIC archive library
libc0.3-prof - Embedded GNU C Library: Profiling Libraries
libc0.3-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libc0.3-xen - Embedded GNU C Library: Shared libraries [Xen version]
libc6 - Embedded GNU C Library: Shared libraries
libc6-amd64 - Embedded GNU C Library: 64bit Shared libraries for AMD64
libc6-dbg - Embedded GNU C Library: detached debugging symbols
libc6-dev - Embedded GNU C Library: Development Libraries and Header Files
libc6-dev-amd64 - Embedded GNU C Library: 64bit Development Libraries for AMD64
libc6-dev-i386 - Embedded GNU C Library: 32-bit development libraries for AMD64
libc6-dev-mips64 - Embedded GNU C Library: 64bit Development Libraries for MIPS64
libc6-dev-mipsn32 - Embedded GNU C Library: n32 Development Libraries for MIPS64
libc6-dev-powerpc - Embedded GNU C Library: 32bit powerpc development libraries for p
libc6-dev-ppc64 - Embedded GNU C Library: 64bit Development Libraries for PowerPC64
libc6-dev-s390x - Embedded GNU C Library: 64bit Development Libraries for IBM zSeri
libc6-dev-sparc64 - Embedded GNU C Library: 64bit Development Libraries for UltraSPAR
libc6-i386 - Embedded GNU C Library: 32-bit shared libraries for AMD64
libc6-i686 - Embedded GNU C Library: Shared libraries [i686 optimized]
libc6-mips64 - Embedded GNU C Library: 64bit Shared libraries for MIPS64
libc6-mipsn32 - Embedded GNU C Library: n32 Shared libraries for MIPS64
libc6-pic - Embedded GNU C Library: PIC archive library
libc6-powerpc - Embedded GNU C Library: 32bit powerpc shared libraries for ppc64
libc6-ppc64 - Embedded GNU C Library: 64bit Shared libraries for PowerPC64
libc6-prof - Embedded GNU C Library: Profiling Libraries
libc6-s390x - Embedded GNU C Library: 64bit Shared libraries for IBM zSeries
libc6-sparc64 - Embedded GNU C Library: 64bit Shared libraries for UltraSPARC
libc6-sparcv9b - Embedded GNU C Library: Shared libraries [v9b optimized]
libc6-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libc6-xen - Embedded GNU C Library: Shared libraries [Xen version]
libc6.1 - Embedded GNU C Library: Shared libraries
libc6.1-alphaev67 - Embedded GNU C Library: Shared libraries (EV67 optimized)
libc6.1-dbg - Embedded GNU C Library: detached debugging symbols
libc6.1-dev - Embedded GNU C Library: Development Libraries and Header Files
libc6.1-pic - Embedded GNU C Library: PIC archive library
libc6.1-prof - Embedded GNU C Library: Profiling Libraries
libc6.1-udeb - Embedded GNU C Library: Shared libraries - udeb (udeb)
libnss-dns-udeb - Embedded GNU C Library: NSS helper for DNS - udeb (udeb)
libnss-files-udeb - Embedded GNU C Library: NSS helper for files - udeb (udeb)
locales - Embedded GNU C Library: National Language (locale) data [support]
locales-all - Embedded GNU C Library: Precompiled locale data
nscd - Embedded GNU C Library: Name Service Cache Daemon
Closes: 595403 597348 600667 601085 601531
Changes:
eglibc (2.11.2-7) unstable; urgency=low
.
[ Samuel Thibault ]
* patches/hurd-i386/cvs-sendmsg-leak.diff: New upstream patch from Emilio
Pozuelo Monfort to fix a memory leak on the error path of sendmsg.
* patches/hurd-i386/local-sendmsg-SCM_RIGHTS.diff: New patch from Emilio
Pozuelo Monfort to implement SCM_RIGHTS in sendmsg().
.
[ Aurelien Jarno ]
* Update Portuguese debconf translation, by Pedro Ribeiro. Closes: #597348.
* Add any/submitted-origin.diff from Andreas Schwab to forbid the use
of $ORIGIN in privileged programs. Add any/cvs-audit-suid.diff to
only load SUID audit objects in SUID binaries. Fix CVE-2010-3847.
Closes: #600667.
* Update Catalan debconf translation, by Jordi Mallach. Closes: #601085.
* Update Vietnamese debconf translation, by Clytie Siddall. Closes:
#601531.
* Add arm/local-sigaction.diff to match sigaction with SA_RESTORER
behaviour with other architectures. Closes: #595403.
Checksums-Sha1:
303879f9c33ef57d3ba46807d4a279f889b6411f 2726 eglibc_2.11.2-7.dsc
b4b62aa526b59ee45613687ae281c59836ec3370 873608 eglibc_2.11.2-7.diff.gz
a414f243fef75ad3796e13732430497013c5c128 1842858 glibc-doc_2.11.2-7_all.deb
c1f16a2c5aa3c1997527f5bf9fb6d296946b1063 11058816 eglibc-source_2.11.2-7_all.deb
e0cf98774b8252635a4bc2c81f406266f6b6c766 4756338 locales_2.11.2-7_all.deb
6d6c0060ece3cc40f36ab7f6204e9657aec53804 4272984 libc6_2.11.2-7_amd64.deb
78e99d403b09e244182653906a02192928049422 2587120 libc6-dev_2.11.2-7_amd64.deb
9004d0fc939f6843860abaa74af0875f18425c72 2033008 libc6-prof_2.11.2-7_amd64.deb
54fbb05d74ec8a183eb7306d93ca5bb7494a31c9 1546904 libc6-pic_2.11.2-7_amd64.deb
094bf86c64ced310a0e7543e7876f4c8c2b6a2d2 745900 libc-bin_2.11.2-7_amd64.deb
a5d58d8976b4e92a30f8423ca9e3dd0a52a4135a 206934 libc-dev-bin_2.11.2-7_amd64.deb
6c15c82ecf0db999bf6df621d4c1dd75b921a0ff 3796496 locales-all_2.11.2-7_amd64.deb
447d11f14b44d021b884fb5eac222ef3d3971b37 3804508 libc6-i386_2.11.2-7_amd64.deb
0423cf4cb514c42f27e16f33ac3a6f12df575fa1 1523928 libc6-dev-i386_2.11.2-7_amd64.deb
7f23cf63cb609263734d87731237f649b6843cad 196486 nscd_2.11.2-7_amd64.deb
d1e704567a6e6fd398b1f202ad7d5f513e17c227 10424226 libc6-dbg_2.11.2-7_amd64.deb
61b65b053a21603c6bc133e9f6357c3802773799 1150618 libc6-udeb_2.11.2-7_amd64.udeb
62f960ad55468de70409e45de073976fd019b9d1 11128 libnss-dns-udeb_2.11.2-7_amd64.udeb
9d3d761f4f4fe116c473e45e286425b89e48f8ae 19686 libnss-files-udeb_2.11.2-7_amd64.udeb
Checksums-Sha256:
26729d9e433df5f388ecc3e0e63ee01c1f3215039f44cdb2a23cf1b74b7f04dc 2726 eglibc_2.11.2-7.dsc
64bfadee2b2a3ff31e095f5d41635620440d0fd330c113312a9ffe580b58d586 873608 eglibc_2.11.2-7.diff.gz
1b15cbd1196d80445c4ff58bf8e4b73e818fbc2c5bb4bf05bbfc95bd18b4132f 1842858 glibc-doc_2.11.2-7_all.deb
7957bd3ac5853a5db9e07701622db17f646e7bc7593e3a70245879c762bb3383 11058816 eglibc-source_2.11.2-7_all.deb
ef58922c9716cf65d1e1b5da6af983621513f574eb41bfed374860d20a9f1eb9 4756338 locales_2.11.2-7_all.deb
640288d260c63a65640abae52d0644c266c79e0a72205a0a4d88a05052df1813 4272984 libc6_2.11.2-7_amd64.deb
ba9d4eb8da65b15982f37f06ecbce5ffea5f191e52b5d6d1757292cc3fa1d97f 2587120 libc6-dev_2.11.2-7_amd64.deb
e80753933dadd2cc527a120a94514d952d3d52090bde179ec80c78d81f785529 2033008 libc6-prof_2.11.2-7_amd64.deb
f3d191cb64a5a4fa3653efc0250e3e9ea1245bb63c8a8efa0017c7f3a69b2eb1 1546904 libc6-pic_2.11.2-7_amd64.deb
a64d645230fb2dfd3431f3617b0abec386da3d36787e78f39aef75668b58f382 745900 libc-bin_2.11.2-7_amd64.deb
6af2909fc780bca6df6f82e9379699b85ff53a6bbfb516c3801369db7824c22b 206934 libc-dev-bin_2.11.2-7_amd64.deb
d5bfc86ae1517703b95d3ef0ca07a3fb358dee160b821263f320434144842349 3796496 locales-all_2.11.2-7_amd64.deb
49c979894277a3721454ff6b8edb8e124e37a9a75a39cb75065823d0d248d9f4 3804508 libc6-i386_2.11.2-7_amd64.deb
14948135ccf6f4357e5db99a40d960a2cbfdd8ae745095b6e0a1c8a6cd72fe99 1523928 libc6-dev-i386_2.11.2-7_amd64.deb
f097fb91d879ad911ea108e7709e141ea9c93abdeda534b747c195ef90e884a5 196486 nscd_2.11.2-7_amd64.deb
378f2a5bc9c48933fe61d0dc45b00bfe4bc8a5be4a53a2ef16c782967dd5f1a6 10424226 libc6-dbg_2.11.2-7_amd64.deb
6b8fbc3aab64423a3441e342ce2f312a6a27b65e4e838709c0698406d558ac36 1150618 libc6-udeb_2.11.2-7_amd64.udeb
d1e1da3cee502eee60d0046196572bc73c014f7997eb28b54ec34d6fb300f9d7 11128 libnss-dns-udeb_2.11.2-7_amd64.udeb
0178a2a84ad6ab6b06a6a084b084d92d62dbeb13050ad5fe0b27ec3e6888dade 19686 libnss-files-udeb_2.11.2-7_amd64.udeb
Files:
1bab8928eaefaae9322e2f3e4f367cfb 2726 libs required eglibc_2.11.2-7.dsc
abcd1589b80a431169e0c0dc7ed9cbf5 873608 libs required eglibc_2.11.2-7.diff.gz
92a10ac5360f5f465a31af1b9cdcf695 1842858 doc optional glibc-doc_2.11.2-7_all.deb
b96594e6724488480d293b4c8553ad28 11058816 devel optional eglibc-source_2.11.2-7_all.deb
b317aff6c80697358b374857097b6a2f 4756338 localization standard locales_2.11.2-7_all.deb
408bd6a7e67cd59d1c3f03f6f399f653 4272984 libs required libc6_2.11.2-7_amd64.deb
a90fe01576b1853d7bd1d97f22bb4a2d 2587120 libdevel optional libc6-dev_2.11.2-7_amd64.deb
3244f20810aebc299918fce5ace2a912 2033008 libdevel extra libc6-prof_2.11.2-7_amd64.deb
fe6c8f2b91004239312b63ab0dec8871 1546904 libdevel optional libc6-pic_2.11.2-7_amd64.deb
9d54f17649e96ba42a83ae9cef0625b8 745900 libs required libc-bin_2.11.2-7_amd64.deb
0560f0ae4c1eba87fb23a1271f72162b 206934 libdevel optional libc-dev-bin_2.11.2-7_amd64.deb
3a801d2a272f685b9d897bf9c14fcc25 3796496 localization extra locales-all_2.11.2-7_amd64.deb
d7a05c45de95b7892b384bbe9a1d3af6 3804508 libs optional libc6-i386_2.11.2-7_amd64.deb
ed265945546b5a57326868fc32df8595 1523928 libdevel optional libc6-dev-i386_2.11.2-7_amd64.deb
89db60ac654f36a0455bd2ea1926418d 196486 admin optional nscd_2.11.2-7_amd64.deb
06abc2cae8f827836e85238e9bd5f02f 10424226 debug extra libc6-dbg_2.11.2-7_amd64.deb
1fb61feda4613f20e7074fbf0bf34887 1150618 debian-installer extra libc6-udeb_2.11.2-7_amd64.udeb
1f9d1e80438291c70e568e17fe9b1d23 11128 debian-installer extra libnss-dns-udeb_2.11.2-7_amd64.udeb
1b9fbf15e42b668b6fcff970fbc66e7d 19686 debian-installer extra libnss-files-udeb_2.11.2-7_amd64.udeb
Package-Type: udeb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iD8DBQFMzSTmw3ao2vG823MRAi71AJ4p2V5p7QcG4zAtOJ/6HaY+lZ9ZZACfREAW
P3DMThYJ1AWjcxwPYJvpL6o=
=JVBa
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: