Bug#993034: buster-pu: package sabnzbdplus/2.3.6+dfsg-1+deb10u1

To: Jeroen Ploemen <jcfp@debian.org>, 993034@bugs.debian.org
Subject: Bug#993034: buster-pu: package sabnzbdplus/2.3.6+dfsg-1+deb10u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sun, 19 Sep 2021 11:21:58 +0100
Message-id: <[🔎] 4eb2b3766704d80046b3e3d8eeec9cd68dc5e714.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 993034@bugs.debian.org
In-reply-to: <20210826173830.51f450df@vip.jcf.pm>
References: <20210826173830.51f450df@vip.jcf.pm> <20210826173830.51f450df@vip.jcf.pm>

Control: tags -1 + confirmed

On Thu, 2021-08-26 at 17:38 +0200, Jeroen Ploemen wrote:
> The sabnzbdplus package has a security vulnerability, allowing a
> directory escape in the renamer() function through malicious par2
> files.
> 
> An attacker can create new files anywhere the privileges of the
> sabnzbdplus process permit, but not overwrite or delete existing
> files.
> 
> The attached debdiff fixes the problem by backporting the upstream
> fix.
> Tested in buster by downloading a proof-of-concept job designed to
> trigger the bug.
> 

Please go ahead.

Regards,

Adam

Reply to:

Prev by Date: Processed: Re: Bug#993034: buster-pu: package sabnzbdplus/2.3.6+dfsg-1+deb10u1
Next by Date: Bug#993228: buster-pu: package gthumb/3:3.6.2-4+deb10u1
Previous by thread: Processed: Re: Bug#992863: buster-pu: package modsecurity-crs/3.1.0-1
Next by thread: Processed: Re: Bug#993034: buster-pu: package sabnzbdplus/2.3.6+dfsg-1+deb10u1
Index(es):
- Date
- Thread