Debian Bug report logs - #335188
mgdiff: Insecure /tmp usage in viewpatch example script

version graph

Package: mgdiff; Maintainer for mgdiff is Debian QA Group <packages@qa.debian.org>; Source for mgdiff is src:mgdiff (PTS, buildd, popcon).

Reported by: Javier Fernández-Sanguino Peña <jfs@computer.org>

Date: Sat, 22 Oct 2005 13:33:04 UTC

Severity: minor

Tags: moreinfo, security

Found in version mgdiff/1.0-27

Fixed in version mgdiff/1.0-28

Done: Edelhard Becker <edelhard@debian.org>

Bug is archived. No further changes may be made.

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Edelhard Becker <edelhard@debian.org>:
Bug#335188; Package mgdiff. (full text, mbox, link).


Acknowledgement sent to Javier Fernández-Sanguino Peña <jfs@computer.org>:
New Bug report received and forwarded. Copy sent to Edelhard Becker <edelhard@debian.org>. (full text, mbox, link).


Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Javier Fernández-Sanguino Peña <jfs@computer.org>
To: submit@bugs.debian.org
Subject: mgdiff: Insecure /tmp usage in viewpatch example script
Date: Sat, 22 Oct 2005 15:27:34 +0200
[Message part 1 (text/plain, inline)]
Package: mgdiff
Version: 1.0-27
Priority: minor
Tags: security

While doing a source code audit looking for security bugs I've found that the
viewpatch script (distributed by mgdiff in /usr/share/doc/mgdiff/ and thus,
not provided as a binary) does not use /tmp safely and can, consequentely,
be used to conduct symlink attacks.

Attached is a patch fixing that issue.

Regards

Javier
[mgdiff_viewpatch.diff (text/plain, attachment)]
[signature.asc (application/pgp-signature, inline)]

Reply sent to Edelhard Becker <edelhard@debian.org>:
You have taken responsibility. (full text, mbox, link).


Notification sent to Javier Fernández-Sanguino Peña <jfs@computer.org>:
Bug acknowledged by developer. (full text, mbox, link).


Message #10 received at 335188-close@bugs.debian.org (full text, mbox, reply):

From: Edelhard Becker <edelhard@debian.org>
To: 335188-close@bugs.debian.org
Subject: Bug#335188: fixed in mgdiff 1.0-28
Date: Tue, 25 Oct 2005 14:17:19 -0700
Source: mgdiff
Source-Version: 1.0-28

We believe that the bug you reported is fixed in the latest version of
mgdiff, which is due to be installed in the Debian FTP archive:

mgdiff_1.0-28.diff.gz
  to pool/main/m/mgdiff/mgdiff_1.0-28.diff.gz
mgdiff_1.0-28.dsc
  to pool/main/m/mgdiff/mgdiff_1.0-28.dsc
mgdiff_1.0-28_i386.deb
  to pool/main/m/mgdiff/mgdiff_1.0-28_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 335188@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Edelhard Becker <edelhard@debian.org> (supplier of updated mgdiff package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 25 Oct 2005 22:48:37 +0200
Source: mgdiff
Binary: mgdiff
Architecture: source i386
Version: 1.0-28
Distribution: unstable
Urgency: low
Maintainer: Edelhard Becker <edelhard@debian.org>
Changed-By: Edelhard Becker <edelhard@debian.org>
Description: 
 mgdiff     - xdiff clone
Closes: 335188 335191
Changes: 
 mgdiff (1.0-28) unstable; urgency=low
 .
   * bug fixes by Javier Fernández-Sanguino Peña <jfs@debian.org>
     - Insecure /tmp usage in viewpatch example script (Closes: #335188)
     - mgdiff: Allows user to set both input as '-' (Closes: #335191)
     Thanks Javier!
Files: 
 7c876ade0f3c096114650f6efb81fc83 575 text optional mgdiff_1.0-28.dsc
 27d0664b81e045a08a639fdf6ec244bc 41077 text optional mgdiff_1.0-28.diff.gz
 649a96a9b6ee3387ae519a9fb15cdd3f 58242 text optional mgdiff_1.0-28_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDXqBPlByGkm8iLx8RAvMDAJ43Egega8J92G8nfSDy3S0U+6OCgACdFPYT
bawfcSX69s2p6Z+3NeZWO/8=
=kWf3
-----END PGP SIGNATURE-----




Tags added: moreinfo Request was from Rene Engelhard <rene@debian.org> to control@bugs.debian.org. (full text, mbox, link).


Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Wed, 27 Jun 2007 00:23:14 GMT) (full text, mbox, link).


Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 18 23:37:29 2025; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU General Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.