Information forwarded
to debian-bugs-dist@lists.debian.org, Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>: Bug#508597; Package gpsdrive.
(Mon, 15 Dec 2008 20:42:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Andreas Putzo <andreas@putzo.net>:
Extra info received and forwarded to list. Copy sent to Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>.
(Mon, 15 Dec 2008 20:42:02 GMT) (full text, mbox, link).
Hi,
On Dec 12 16:27, Raphael Geissert wrote:
> Package: gpsdrive
> Version: 2.10~pre4-6.dfsg-1
> Tags: security
> Severity: important
> I have found three other attack vectors:
>
> /usr/share/doc/gpsdrive/examples/gpssmswatch:
> src/splash.c
i think this was used to e.g. dump the current position to
a file and send a sms to a mobile phone. It requires the user
to send SIGUSR1 to the gpsdrive process which makes this attack vector
more unlikely to be successful. In my opinion this functionality is
obsolete anyway and should be removed from gpsdrive.
Regarding splash.c there's already a bug in the gpsdrive bug tracker
(set forward accordingly).
> src/unit_test.c:
> > g_snprintf (dir_proc, sizeof (dir_proc), "/tmp/gpsdrive-unit-test");
> > g_snprintf (dir_proc, sizeof (dir_proc), "/tmp/gpsdrive-unit-test/proc");
Will look into this.
Cheers,
Andreas
Information forwarded
to debian-bugs-dist@lists.debian.org, Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>: Bug#508597; Package gpsdrive.
(Tue, 16 Dec 2008 16:21:02 GMT) (full text, mbox, link).
Acknowledgement sent
to Hamish <hamish_b@yahoo.com>:
Extra info received and forwarded to list. Copy sent to Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>.
(Tue, 16 Dec 2008 16:21:02 GMT) (full text, mbox, link).
Subject: Re: gpsdrive: allows local users to overwrite arbitrary files via a
symlink attack
Date: Wed, 17 Dec 2008 05:19:42 +1300
[1,2]
> scripts/gpssmswatch and src/splash.c
rewritten upstream not to use /tmp/gpsdrivepos anymore (now directly polls
position from gpsd), and /tmp/.smswatch is now created with `tempfile`, in
a secure way.
-done-
[3]
> src/unit_test.c + /tmp/gpsdrive-unit-test
still needs work.
-open-
Hamish
Tags added: fixed-upstream
Request was from bts-link-upstream@lists.alioth.debian.org
to control@bugs.debian.org.
(Fri, 16 Jan 2009 21:27:35 GMT) (full text, mbox, link).
Reply sent
to Andreas Putzo <andreas@putzo.net>:
You have taken responsibility.
(Mon, 19 Jan 2009 22:09:04 GMT) (full text, mbox, link).
Notification sent
to Raphael Geissert <atomo64@gmail.com>:
Bug acknowledged by developer.
(Mon, 19 Jan 2009 22:09:04 GMT) (full text, mbox, link).
Subject: Bug#508597: fixed in gpsdrive 2.10~pre4-6.dfsg-2
Date: Mon, 19 Jan 2009 21:47:08 +0000
Source: gpsdrive
Source-Version: 2.10~pre4-6.dfsg-2
We believe that the bug you reported is fixed in the latest version of
gpsdrive, which is due to be installed in the Debian FTP archive:
gpsdrive-data_2.10~pre4-6.dfsg-2_all.deb
to pool/main/g/gpsdrive/gpsdrive-data_2.10~pre4-6.dfsg-2_all.deb
gpsdrive-scripts_2.10~pre4-6.dfsg-2_all.deb
to pool/main/g/gpsdrive/gpsdrive-scripts_2.10~pre4-6.dfsg-2_all.deb
gpsdrive_2.10~pre4-6.dfsg-2.diff.gz
to pool/main/g/gpsdrive/gpsdrive_2.10~pre4-6.dfsg-2.diff.gz
gpsdrive_2.10~pre4-6.dfsg-2.dsc
to pool/main/g/gpsdrive/gpsdrive_2.10~pre4-6.dfsg-2.dsc
gpsdrive_2.10~pre4-6.dfsg-2_i386.deb
to pool/main/g/gpsdrive/gpsdrive_2.10~pre4-6.dfsg-2_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 508597@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Putzo <andreas@putzo.net> (supplier of updated gpsdrive package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 29 Dec 2008 16:08:22 +0000
Source: gpsdrive
Binary: gpsdrive gpsdrive-data gpsdrive-scripts
Architecture: source i386 all
Version: 2.10~pre4-6.dfsg-2
Distribution: unstable
Urgency: low
Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>
Changed-By: Andreas Putzo <andreas@putzo.net>
Description:
gpsdrive - Car navigation system
gpsdrive-data - Car navigation system
gpsdrive-scripts - Various scripts for gpsdrive
Closes: 508596508597
Changes:
gpsdrive (2.10~pre4-6.dfsg-2) unstable; urgency=low
.
* Remove example script gpssmswatch. Prone to symlink attacks
and removed upstream.
* Added 101-signalposreq.dpatch to remove signalposreq() from
gpsdrive to fix a potential symlink vulnerability. Removed
unused unlinks of temporary files (Closes: #508597,#508596).
* Added 102-unittest.dpatch to use mkdtemp in src/unit_test.c to
fix a symlink vulnerability.
* Updated patch for geo-code to avoid a potential race condition
(CVE-2008-5380).
Checksums-Sha1:
bbe259716dfd75dd011edf77a485b373e3cb911f 1579 gpsdrive_2.10~pre4-6.dfsg-2.dsc
2a90ad8bef2f7714d58ccb25e6a605bb26866fca 55332 gpsdrive_2.10~pre4-6.dfsg-2.diff.gz
e3c77ad451d56e231bdeb230d0a90bca762a9eb6 273176 gpsdrive_2.10~pre4-6.dfsg-2_i386.deb
ba84ead1c165029934b60cf1bd1b02770f1ec045 2576832 gpsdrive-data_2.10~pre4-6.dfsg-2_all.deb
b6c8ed24604d67d0696d5f84c51717ae71d247ea 150964 gpsdrive-scripts_2.10~pre4-6.dfsg-2_all.deb
Checksums-Sha256:
f783d9f5d360d0d0782acbfde261b5268a89c05ebd6895ce592faa0fc24127f5 1579 gpsdrive_2.10~pre4-6.dfsg-2.dsc
a37c463dd7321433d5b9a5d6e2b001c644db2d640d65abfa5a3f586e87d59c47 55332 gpsdrive_2.10~pre4-6.dfsg-2.diff.gz
8f3264f930b0d400a65883029415560bce9e7e308a277dc422e9ce7f306b86db 273176 gpsdrive_2.10~pre4-6.dfsg-2_i386.deb
b731cf1beb59332f09be6b9b9c983156ec34b03d001007a561207a840223281f 2576832 gpsdrive-data_2.10~pre4-6.dfsg-2_all.deb
76af7541235838a1fb9d895c96e524942106bde4e7e75c8beb73747ef690b9fa 150964 gpsdrive-scripts_2.10~pre4-6.dfsg-2_all.deb
Files:
ad9910d8b340782a3f321c669ab3b30b 1579 utils optional gpsdrive_2.10~pre4-6.dfsg-2.dsc
c907aecb4d70e4cfbeb28a6d7d353322 55332 utils optional gpsdrive_2.10~pre4-6.dfsg-2.diff.gz
97b10dbf5d7bf2df87538f44332f59ed 273176 utils optional gpsdrive_2.10~pre4-6.dfsg-2_i386.deb
5ac89302c024a98decdde2355b36489f 2576832 utils optional gpsdrive-data_2.10~pre4-6.dfsg-2_all.deb
e759ee095d76e32c6e4ae13703ffe20b 150964 utils optional gpsdrive-scripts_2.10~pre4-6.dfsg-2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkl08hUACgkQHyt6sgW5ndYMxgCgxLla/LDw0teJH5XlpUl3bHY3
R9AAnRj4nBA1blyVagvE5Eh3PG1nrVCR
=Ba0x
-----END PGP SIGNATURE-----
Reply sent
to Andreas Putzo <andreas@putzo.net>:
You have taken responsibility.
(Mon, 02 Feb 2009 21:57:06 GMT) (full text, mbox, link).
Notification sent
to Raphael Geissert <atomo64@gmail.com>:
Bug acknowledged by developer.
(Mon, 02 Feb 2009 21:57:06 GMT) (full text, mbox, link).
Subject: Bug#508597: fixed in gpsdrive 2.10~pre4-6.dfsg-1+lenny1
Date: Mon, 02 Feb 2009 21:47:10 +0000
Source: gpsdrive
Source-Version: 2.10~pre4-6.dfsg-1+lenny1
We believe that the bug you reported is fixed in the latest version of
gpsdrive, which is due to be installed in the Debian FTP archive:
gpsdrive-data_2.10~pre4-6.dfsg-1+lenny1_all.deb
to pool/main/g/gpsdrive/gpsdrive-data_2.10~pre4-6.dfsg-1+lenny1_all.deb
gpsdrive-scripts_2.10~pre4-6.dfsg-1+lenny1_all.deb
to pool/main/g/gpsdrive/gpsdrive-scripts_2.10~pre4-6.dfsg-1+lenny1_all.deb
gpsdrive_2.10~pre4-6.dfsg-1+lenny1.diff.gz
to pool/main/g/gpsdrive/gpsdrive_2.10~pre4-6.dfsg-1+lenny1.diff.gz
gpsdrive_2.10~pre4-6.dfsg-1+lenny1.dsc
to pool/main/g/gpsdrive/gpsdrive_2.10~pre4-6.dfsg-1+lenny1.dsc
gpsdrive_2.10~pre4-6.dfsg-1+lenny1_i386.deb
to pool/main/g/gpsdrive/gpsdrive_2.10~pre4-6.dfsg-1+lenny1_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 508597@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Putzo <andreas@putzo.net> (supplier of updated gpsdrive package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Mon, 29 Dec 2008 16:08:22 +0000
Source: gpsdrive
Binary: gpsdrive gpsdrive-data gpsdrive-scripts
Architecture: source i386 all
Version: 2.10~pre4-6.dfsg-1+lenny1
Distribution: testing-proposed-updates
Urgency: low
Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org>
Changed-By: Andreas Putzo <andreas@putzo.net>
Description:
gpsdrive - Car navigation system
gpsdrive-data - Car navigation system
gpsdrive-scripts - Various scripts for gpsdrive
Closes: 508596508597
Changes:
gpsdrive (2.10~pre4-6.dfsg-1+lenny1) testing-proposed-updates; urgency=low
.
* Remove example script gpssmswatch. Prone to symlink attacks
and removed upstream.
* Added 101-signalposreq.dpatch to remove signalposreq() from
gpsdrive to fix a potential symlink vulnerability. Removed
unused unlinks of temporary files (Closes: #508597,#508596).
* Added 102-unittest.dpatch to use mkdtemp in src/unit_test.c to
fix a symlink vulnerability.
* Updated patch for geo-code to avoid a potential race condition
(CVE-2008-5380).
Checksums-Sha1:
b4230f83fbb04b87fce960bbea2103eabb0b9cb2 1607 gpsdrive_2.10~pre4-6.dfsg-1+lenny1.dsc
6e3ece77e70883b80cdf57caac10a7861ac7aa7c 54233 gpsdrive_2.10~pre4-6.dfsg-1+lenny1.diff.gz
48020fe79c9ab20763c92c32c78106d753ded402 273202 gpsdrive_2.10~pre4-6.dfsg-1+lenny1_i386.deb
b119d99dd94c94d99d7bccc931a2438e1b46a81b 2576844 gpsdrive-data_2.10~pre4-6.dfsg-1+lenny1_all.deb
237dc2fa465c2aecb6fcf7a266204084e103e7d9 150972 gpsdrive-scripts_2.10~pre4-6.dfsg-1+lenny1_all.deb
Checksums-Sha256:
c2692743c6771028ab10f8e8e4900b354ce7ca9be98fe5a4c4e8de1ddcc8674c 1607 gpsdrive_2.10~pre4-6.dfsg-1+lenny1.dsc
167939f9499734382e0479251f6a8804c3f51ce96b9e981e912b516a548673dc 54233 gpsdrive_2.10~pre4-6.dfsg-1+lenny1.diff.gz
f1e80dde001d901e5e64f8cdc9276830c976bce5b051a965a7ac549d78bf7eb1 273202 gpsdrive_2.10~pre4-6.dfsg-1+lenny1_i386.deb
c60b08ff4239593113a5dce58e8d247c63febf701c8676474fddcb6ea88fdf10 2576844 gpsdrive-data_2.10~pre4-6.dfsg-1+lenny1_all.deb
e6919d5924810da66fac2a82f27b6a3758489d323de85a1462a536ff1a333528 150972 gpsdrive-scripts_2.10~pre4-6.dfsg-1+lenny1_all.deb
Files:
09533fdc74a102ea3b5ce02c7851eae6 1607 utils optional gpsdrive_2.10~pre4-6.dfsg-1+lenny1.dsc
7d94a0a30dcb19b8ac2651532b74b9d5 54233 utils optional gpsdrive_2.10~pre4-6.dfsg-1+lenny1.diff.gz
f2022f502ea978393894bd8e52e98421 273202 utils optional gpsdrive_2.10~pre4-6.dfsg-1+lenny1_i386.deb
c84db0ce41425c7c5c9fcd0a3b4e35a5 2576844 utils optional gpsdrive-data_2.10~pre4-6.dfsg-1+lenny1_all.deb
7b091c7322c98cf4ec80154868975d3e 150972 utils optional gpsdrive-scripts_2.10~pre4-6.dfsg-1+lenny1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkmHaHUACgkQHyt6sgW5nda0sQCfSFrYjvJtlhX/jnZvTS00WsN0
xp0Anjs4JdpuM2/WEIVRLrTM8o/gFcMv
=X+Ru
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Wed, 11 Mar 2009 07:35:06 GMT) (full text, mbox, link).
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.