[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#600667: marked as done (eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path)



Your message dated Sat, 26 Feb 2011 11:30:41 +0100
with message-id <20110226103041.GC24799@hall.aurel32.net>
and subject line Re: Bug#600667: Fw: re: eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path
has caused the Debian Bug report #600667,
regarding eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
600667: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600667
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
package: eglibc
version: 2.11.2-6
severity: grave
tag: patch

an issue has been disclosed in eglibc.  see:
http://seclists.org/fulldisclosure/2010/Oct/257

patch available:
http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html

best wishes,
mike



--- End Message ---
--- Begin Message ---
On Mon, Feb 07, 2011 at 01:17:54AM +0100, Aurelien Jarno wrote:
> On Tue, Feb 01, 2011 at 09:19:53PM -0500, Michael Gilbert wrote:
> > reopen 600667
> > thanks
> > 
> > Maybe I'm reading things wrong, or maybe Mitre's information is
> > actually incorrect, but it looks like the fixes claimed for
> > CVE-2010-3847 in 2.11.2-8 actually address CVE-2010-3856 [0] instead.
> > It looks like CVE-2010-3847 [1] is still unfixed.  The original fix in
> > -7 may have been correct to begin with?
> > 
> 
> We have removed the fix in -7 because:
> - it has been removed in the new upload to lenny
> - it never went upstream.
> 
> It has been replaced by this commit instead:
> http://sourceware.org/ml/libc-hacker/2010-12/msg00001.html
> 
> So I don't think there is any security issue left with the current 
> patch set.
> 

Given I have got no answer, I guess everybody agrees the bug is really
fixed. Closing it.

-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net


--- End Message ---

Reply to: