Debian Bug report logs - #279229
CAN-2004-0972: Insecure temporary directory

version graph

Package: lvm10; Maintainer for lvm10 is (unknown);

Reported by: Martin Schulze <joey@infodrom.org>

Date: Mon, 1 Nov 2004 15:48:04 UTC

Severity: grave

Tags: patch, sarge, security, sid

Found in version 1.0.8-7

Fixed in version lvm10/1:1.0.8-8

Done: Patrick Caulfield <patrick@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Patrick Caulfield <patrick@debian.org>:
Bug#279229; Package lvm10. Full text and rfc822 format available.

Acknowledgement sent to Martin Schulze <joey@infodrom.org>:
New Bug report received and forwarded. Copy sent to Patrick Caulfield <patrick@debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Martin Schulze <joey@infodrom.org>
To: submit@bugs.debian.org
Subject: CAN-2004-0972: Insecure temporary directory
Date: Mon, 1 Nov 2004 16:37:59 +0100
Package: lvm10
Version: 1.0.8-7
Severity: grave
Tags: sarge, sid, patch, security

Trustix developers discovered insecure temporary file creation in a
supplemental script in the lvm10 package that didn't check for
existing temporary directories, allowing local users to overwrite
files via a symlink attack.

I'm attaching the patch we're using for the woody update.

Please let me know the version number of the fixed package.  Please stick
the CVE Id from the subject to the changelog entry and upload with prio
set to high.

Regards,

	Joey

-- 
This is GNU/Linux Country.  On a quiet night, you can hear Windows reboot.

Please always Cc to me when replying to me on the lists.



Information forwarded to debian-bugs-dist@lists.debian.org, Patrick Caulfield <patrick@debian.org>:
Bug#279229; Package lvm10. Full text and rfc822 format available.

Acknowledgement sent to Martin Michlmayr <tbm@cyrius.com>:
Extra info received and forwarded to list. Copy sent to Patrick Caulfield <patrick@debian.org>. Full text and rfc822 format available.

Message #10 received at 279229@bugs.debian.org (full text, mbox):

From: Martin Michlmayr <tbm@cyrius.com>
To: Martin Schulze <joey@infodrom.org>, 279229@bugs.debian.org
Subject: Re: Bug#279229: CAN-2004-0972: Insecure temporary directory
Date: Tue, 2 Nov 2004 17:59:49 +0000
* Martin Schulze <joey@infodrom.org> [2004-11-01 16:37]:
> Package: lvm10
> Version: 1.0.8-7
> Severity: grave
> 
> I'm attaching the patch we're using for the woody update.

FWIW, no patch was attached.
-- 
Martin Michlmayr
http://www.cyrius.com/



Information forwarded to debian-bugs-dist@lists.debian.org, Patrick Caulfield <patrick@debian.org>:
Bug#279229; Package lvm10. Full text and rfc822 format available.

Acknowledgement sent to Martin Schulze <joey@infodrom.org>:
Extra info received and forwarded to list. Copy sent to Patrick Caulfield <patrick@debian.org>. Full text and rfc822 format available.

Message #15 received at 279229@bugs.debian.org (full text, mbox):

From: Martin Schulze <joey@infodrom.org>
To: Martin Michlmayr <tbm@cyrius.com>
Cc: 279229@bugs.debian.org
Subject: Re: Bug#279229: CAN-2004-0972: Insecure temporary directory
Date: Tue, 2 Nov 2004 19:28:48 +0100
[Message part 1 (text/plain, inline)]
Martin Michlmayr wrote:
> * Martin Schulze <joey@infodrom.org> [2004-11-01 16:37]:
> > Package: lvm10
> > Version: 1.0.8-7
> > Severity: grave
> > 
> > I'm attaching the patch we're using for the woody update.
> 
> FWIW, no patch was attached.

*sigh*  here it is.

I should really open a grave bug against mutt for not reminding me to
add the promised attachments.  *grr*

Regards,

	Joey

-- 
Given enough thrust pigs will fly, but it's not necessarily a good idea.

Please always Cc to me when replying to me on the lists.
[patch.CAN-2004-0972.lvm10 (text/plain, attachment)]

Reply sent to Patrick Caulfield <patrick@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Martin Schulze <joey@infodrom.org>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #20 received at 279229-close@bugs.debian.org (full text, mbox):

From: Patrick Caulfield <patrick@debian.org>
To: 279229-close@bugs.debian.org
Subject: Bug#279229: fixed in lvm10 1:1.0.8-8
Date: Wed, 03 Nov 2004 04:47:04 -0500
Source: lvm10
Source-Version: 1:1.0.8-8

We believe that the bug you reported is fixed in the latest version of
lvm10, which is due to be installed in the Debian FTP archive:

lvm10-udeb_1.0.8-8_i386.udeb
  to pool/main/l/lvm10/lvm10-udeb_1.0.8-8_i386.udeb
lvm10_1.0.8-8.diff.gz
  to pool/main/l/lvm10/lvm10_1.0.8-8.diff.gz
lvm10_1.0.8-8.dsc
  to pool/main/l/lvm10/lvm10_1.0.8-8.dsc
lvm10_1.0.8-8_i386.deb
  to pool/main/l/lvm10/lvm10_1.0.8-8_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 279229@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Patrick Caulfield <patrick@debian.org> (supplier of updated lvm10 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Wed,  3 Nov 2004 09:06:48 +0000
Source: lvm10
Binary: lvm10 lvm10-udeb
Architecture: source i386
Version: 1:1.0.8-8
Distribution: unstable
Urgency: high
Maintainer: Patrick Caulfield <patrick@debian.org>
Changed-By: Patrick Caulfield <patrick@debian.org>
Description: 
 lvm10      - The Logical Volume Manager for Linux
 lvm10-udeb - The Logical Volume Manager for Linux (udeb)
Closes: 279229
Changes: 
 lvm10 (1:1.0.8-8) unstable; urgency=high
 .
   * Applied Trustix patch to correct insecure temporary directory creation
     [1.0.4/tools/lvmcreate_initrd, CAN-2004-0972]
     Closes: #279229
Files: 
 a5dbc35a8300821f5c41f1aa7887237b 574 admin optional lvm10_1.0.8-8.dsc
 e24fd20861335120f223a1c5eaed47a6 28362 admin optional lvm10_1.0.8-8.diff.gz
 420eb7812a968f5b9187b69860ce27bf 2585010 admin optional lvm10_1.0.8-8_i386.deb
 51bb36eb52f3a35ea3e24c03e88f294e 140074 debian-installer extra lvm10-udeb_1.0.8-8_i386.udeb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFBiKMUhej7/PCycRMRAnkYAJ0c/3fw17ko7jeYMWiQSCJzltFBLQCgqfL9
GnhcDQhJFRl7QA2ACcNoMZQ=
=UKiJ
-----END PGP SIGNATURE-----




Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Apr 16 08:28:39 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.