Bug#600667: marked as done (eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path)

To: Aurelien Jarno <aurelien@aurel32.net>
Subject: Bug#600667: marked as done (eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Sat, 26 Feb 2011 10:33:06 +0000
Message-id: <handler.600667.D600667.1298716243596.ackdone@bugs.debian.org>
References: <20110226103041.GC24799@hall.aurel32.net> <20101018185845.cb4f8bfa.michael.s.gilbert@gmail.com>

Your message dated Sat, 26 Feb 2011 11:30:41 +0100
with message-id <20110226103041.GC24799@hall.aurel32.net>
and subject line Re: Bug#600667: Fw: re: eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path
has caused the Debian Bug report #600667,
regarding eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
600667: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600667
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: submit@bugs.debian.org

Subject: eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path

From: Michael Gilbert <michael.s.gilbert@gmail.com>

Date: Mon, 18 Oct 2010 18:58:45 -0400

Message-id: <20101018185845.cb4f8bfa.michael.s.gilbert@gmail.com>
package: eglibc
version: 2.11.2-6
severity: grave
tag: patch

an issue has been disclosed in eglibc.  see:
http://seclists.org/fulldisclosure/2010/Oct/257

patch available:
http://sourceware.org/ml/libc-hacker/2010-10/msg00007.html

best wishes,
mike
--- End Message ---

--- Begin Message ---

To: Michael Gilbert <michael.s.gilbert@gmail.com>, 600667-done@bugs.debian.org

Subject: Re: Bug#600667: Fw: re: eglibc: cve-2010-3847 dynamic linker expands $ORIGIN in setuid library search path

From: Aurelien Jarno <aurelien@aurel32.net>

Date: Sat, 26 Feb 2011 11:30:41 +0100

Message-id: <20110226103041.GC24799@hall.aurel32.net>

In-reply-to: <20110207001754.GC17924@volta.aurel32.net>

References: <20110201211953.751c3040.michael.s.gilbert@gmail.com> <20110207001754.GC17924@volta.aurel32.net>
On Mon, Feb 07, 2011 at 01:17:54AM +0100, Aurelien Jarno wrote:
> On Tue, Feb 01, 2011 at 09:19:53PM -0500, Michael Gilbert wrote:
> > reopen 600667
> > thanks
> > 
> > Maybe I'm reading things wrong, or maybe Mitre's information is
> > actually incorrect, but it looks like the fixes claimed for
> > CVE-2010-3847 in 2.11.2-8 actually address CVE-2010-3856 [0] instead.
> > It looks like CVE-2010-3847 [1] is still unfixed.  The original fix in
> > -7 may have been correct to begin with?
> > 
> 
> We have removed the fix in -7 because:
> - it has been removed in the new upload to lenny
> - it never went upstream.
> 
> It has been replaced by this commit instead:
> http://sourceware.org/ml/libc-hacker/2010-12/msg00001.html
> 
> So I don't think there is any security issue left with the current 
> patch set.
> 

Given I have got no answer, I guess everybody agrees the bug is really
fixed. Closing it.

-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net
--- End Message ---

Reply to:

Prev by Date: Bug#615120: eglibc: alloca memory corruption
Next by Date: Bug#611195: vlc-nox: generating plugin cache at postinst segfaults on PaX kernel
Previous by thread: Bug#615120: marked as done (eglibc: alloca memory corruption)
Next by thread: Bug#611195: vlc-nox: generating plugin cache at postinst segfaults on PaX kernel
Index(es):
- Date
- Thread