Debian Bug report logs -
#748766
scheme48: CVE-2014-4150: Insecure use of temporary file for communication
Reported by: Steve Kemp <steve@steve.org.uk>
Date: Tue, 20 May 2014 15:45:02 UTC
Severity: important
Tags: security
Found in version scheme48/1.8+dfsg-1
Fixed in versions scheme48/1.9-4, scheme48/1.8+dfsg-1+deb6u1, scheme48/1.8+dfsg-1+deb7u1
Done: Thorsten Alteholz <debian@alteholz.de>
Bug is archived. No further changes may be made.
Forwarded to upstream
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, Thorsten Alteholz <debian@alteholz.de>:
Bug#748766; Package scheme48.
(Tue, 20 May 2014 15:45:07 GMT) (full text, mbox, link).
Acknowledgement sent
to Steve Kemp <steve@steve.org.uk>:
New Bug report received and forwarded. Copy sent to Thorsten Alteholz <debian@alteholz.de>.
(Tue, 20 May 2014 15:45:07 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: scheme48
Version: 1.8+dfsg-1
Severity: important
Tags: security
The function `scheme48-send-definition` in cmuscheme48.el blindly
overwrites the file /tmp/s48lose.tmp prior to sending it to
the inferior scheme process.
This action will blindly overwrite files the user has permission
to modify, causing data-loss.
The function should be modified to generate a secure and non-predictable
filename, perhaps via `make-temp-file` or similar.
-- System Information:
Debian Release: 7.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.12-0.bpo.1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF8, LC_CTYPE=en_US.UTF8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF8)
Shell: /bin/sh linked to /bin/dash
Steve
--
http://steve.org.uk/
Set Bug forwarded-to-address to 'upstream'.
Request was from Thorsten Alteholz <debian@alteholz.de>
to control@bugs.debian.org.
(Tue, 20 May 2014 20:18:04 GMT) (full text, mbox, link).
Reply sent
to Thorsten Alteholz <debian@alteholz.de>:
You have taken responsibility.
(Tue, 27 May 2014 21:48:13 GMT) (full text, mbox, link).
Notification sent
to Steve Kemp <steve@steve.org.uk>:
Bug acknowledged by developer.
(Tue, 27 May 2014 21:48:13 GMT) (full text, mbox, link).
Message #12 received at 748766-close@bugs.debian.org (full text, mbox, reply):
Source: scheme48
Source-Version: 1.9-4
We believe that the bug you reported is fixed in the latest version of
scheme48, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 748766@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thorsten Alteholz <debian@alteholz.de> (supplier of updated scheme48 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 27 May 2014 19:00:00 +0200
Source: scheme48
Binary: scheme48 scheme48-doc cmuscheme48-el
Architecture: source amd64 all
Version: 1.9-4
Distribution: unstable
Urgency: medium
Maintainer: Thorsten Alteholz <debian@alteholz.de>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
cmuscheme48-el - Emacs mode specialized for Scheme48
scheme48 - simple, modular, and lightweight Scheme implementation
scheme48-doc - Documentation for the Scheme48 implementation of Scheme
Closes: 748766
Changes:
scheme48 (1.9-4) unstable; urgency=medium
.
* patch for insecure use of tmpfile (Closes: #748766)
(reported by Steve Kemp, patch by Michael Sperber)
Checksums-Sha1:
389aaa0cf101bc2aaf2c6e8b795cb47edee98099 1301 scheme48_1.9-4.dsc
8fd78d328a8c39ecd848e849ade094c30c2bb4ba 3945425 scheme48_1.9.orig.tar.gz
ffee1fbf97d339153bfb24c881aeab8778cb8a97 18364 scheme48_1.9-4.debian.tar.xz
3712a047894ed8746c5e20e070ed5da4aa0d3c12 1120550 scheme48_1.9-4_amd64.deb
7017aba9a1fa97eea2706d556aa3df754a307379 735554 scheme48-doc_1.9-4_all.deb
c71a2a1418366be5378f657c458f4e3dc0f7d659 34178 cmuscheme48-el_1.9-4_all.deb
Checksums-Sha256:
d24a176bc79a160aa5ad6eaf8895cbcbe450d56360b315a293e3393a0bf0a2eb 1301 scheme48_1.9-4.dsc
dcba91d150b7490e6170ef4fbd45a065ba0d8d6e228946379da0d1d7cba78267 3945425 scheme48_1.9.orig.tar.gz
109c5c2c02502078c44449a884d8eececdbf93a71460ef3a636c88e6ffbca784 18364 scheme48_1.9-4.debian.tar.xz
cee456d83a4900a97a2e37da95795fd1990c78524bbb32e603cf1d06f1ea795c 1120550 scheme48_1.9-4_amd64.deb
9bf51a4e870c1c6262edd5e335fbf2ee0d40583bd2757bfaed03d7542e86b8fa 735554 scheme48-doc_1.9-4_all.deb
8886978d9eca3384981185c8b12293013117a95a436ba5c20697a66290e70089 34178 cmuscheme48-el_1.9-4_all.deb
Files:
f36105c403bc2e06c88aa07c9a983f05 1120550 lisp optional scheme48_1.9-4_amd64.deb
951cfdd3f0fdb4a62239b9ad0d7ea811 735554 doc optional scheme48-doc_1.9-4_all.deb
0fd2b4425571b19064f01a210e1bcab0 34178 lisp optional cmuscheme48-el_1.9-4_all.deb
00f39ed7fd27977ef70a6070f965227e 1301 lisp optional scheme48_1.9-4.dsc
b4c20057f92191d05a61fac1372878ad 3945425 lisp optional scheme48_1.9.orig.tar.gz
f4809c09954a5550976b85d8fcfc78ba 18364 lisp optional scheme48_1.9-4.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlOE9uwACgkQ02K2KlS5mJA3QgCfUnCxsOaULmZni4mQcKPlry+l
TasAn3WJEDG/bT8GAnAiBzRFwHRt/Q+k
=tIy1
-----END PGP SIGNATURE-----
Changed Bug title to 'scheme48: CVE-2014-4150: Insecure use of temporary file for communication' from 'scheme48: Insecure use of temporary file for communication.'
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Fri, 13 Jun 2014 06:21:06 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Thorsten Alteholz <debian@alteholz.de>:
Bug#748766; Package scheme48.
(Fri, 13 Jun 2014 06:57:09 GMT) (full text, mbox, link).
Acknowledgement sent
to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Thorsten Alteholz <debian@alteholz.de>.
(Fri, 13 Jun 2014 06:57:10 GMT) (full text, mbox, link).
Message #19 received at 748766@bugs.debian.org (full text, mbox, reply):
Hi
CVE-2014-4150 was assigned for this issue.
Regards,
Salvatore
Reply sent
to Thorsten Alteholz <debian@alteholz.de>:
You have taken responsibility.
(Mon, 16 Jun 2014 17:24:09 GMT) (full text, mbox, link).
Notification sent
to Steve Kemp <steve@steve.org.uk>:
Bug acknowledged by developer.
(Mon, 16 Jun 2014 17:24:09 GMT) (full text, mbox, link).
Message #24 received at 748766-close@bugs.debian.org (full text, mbox, reply):
Source: scheme48
Source-Version: 1.8+dfsg-1+deb6u1
We believe that the bug you reported is fixed in the latest version of
scheme48, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 748766@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thorsten Alteholz <debian@alteholz.de> (supplier of updated scheme48 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sun, 14 Jun 2014 16:00:00 +0200
Source: scheme48
Binary: scheme48 scheme48-doc cmuscheme48-el
Architecture: source amd64 all
Version: 1.8+dfsg-1+deb6u1
Distribution: squeeze-lts
Urgency: medium
Maintainer: Daniel Moerner <dmoerner@gmail.com>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
cmuscheme48-el - Emacs mode specialized for Scheme48
scheme48 - A simple, modular, and lightweight Scheme implementation
scheme48-doc - Documentation for the Scheme48 implementation of Scheme
Closes: 748766
Changes:
scheme48 (1.8+dfsg-1+deb6u1) squeeze-lts; urgency=medium
.
* patch for insecure use of tmpfile (Closes: #748766)
(reported by Steve Kemp, patch by Michael Sperber)
(CVE-2014-4150)
Checksums-Sha1:
bc4d544151263a9b5fadc4f694fd57bd1ed90dea 1215 scheme48_1.8+dfsg-1+deb6u1.dsc
affcedd7a01c1c8a8f9430e1edf137e2b72f0c30 3221528 scheme48_1.8+dfsg.orig.tar.gz
74b1bb21b5aa70335b2996e07d48639f55ef1f46 17875 scheme48_1.8+dfsg-1+deb6u1.diff.gz
e5e394cc042e43ad0549e3d2dcc06a2ec4843867 1420162 scheme48_1.8+dfsg-1+deb6u1_amd64.deb
8af1f211c33aa0f465c377d4f5790bb646d3172d 558722 scheme48-doc_1.8+dfsg-1+deb6u1_all.deb
6afc0423f815f2f74f03ff5c960177c6fe108bbe 13440 cmuscheme48-el_1.8+dfsg-1+deb6u1_all.deb
Checksums-Sha256:
5bb8a7d246adbfbebf01f17b2ad54fe8bed25a872c9d4e76d956b4ff3833d185 1215 scheme48_1.8+dfsg-1+deb6u1.dsc
b3911b32237b1be4d1e41b235f6178711546f0ec12a9d2ce7163e58dc0ddf685 3221528 scheme48_1.8+dfsg.orig.tar.gz
6ce511714e6c7fa18397e1356f5611c9dfd411ea234dc4c46e3f9e911be6dc73 17875 scheme48_1.8+dfsg-1+deb6u1.diff.gz
cc8aa693bad1e87f215ddc3406ea52abf6909ca267deb3fceef3fa82d5a66855 1420162 scheme48_1.8+dfsg-1+deb6u1_amd64.deb
c09fa914ce26b85d84ac18c914fdfdc20da488ea9b149b8462055f82394c0114 558722 scheme48-doc_1.8+dfsg-1+deb6u1_all.deb
fdfa9b253f4edcc537b40195581b7b40c097bb56b84ff952ef75b19821762741 13440 cmuscheme48-el_1.8+dfsg-1+deb6u1_all.deb
Files:
cbd47b9644ed48a96777aec72d8c285e 1215 lisp optional scheme48_1.8+dfsg-1+deb6u1.dsc
64c08c1702c6a385b0577be5f90b97ee 3221528 lisp optional scheme48_1.8+dfsg.orig.tar.gz
dbed31fa76ce02af4ca3e370bc0968e3 17875 lisp optional scheme48_1.8+dfsg-1+deb6u1.diff.gz
dd4380eb47d90572405ddcb99271dcbe 1420162 lisp optional scheme48_1.8+dfsg-1+deb6u1_amd64.deb
acf29813f666e152287bf3800b6d62b9 558722 doc optional scheme48-doc_1.8+dfsg-1+deb6u1_all.deb
948c8b5d6ffa934879a51691f6248e8c 13440 lisp optional cmuscheme48-el_1.8+dfsg-1+deb6u1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlOfI9kACgkQ02K2KlS5mJAcFACdHXpNGz7uwb0cG9A21hlystkw
DooAn2ASOr1veR6MG9lpNUP9UoGKN1gS
=VSvu
-----END PGP SIGNATURE-----
Reply sent
to Thorsten Alteholz <debian@alteholz.de>:
You have taken responsibility.
(Sat, 21 Jun 2014 18:51:05 GMT) (full text, mbox, link).
Notification sent
to Steve Kemp <steve@steve.org.uk>:
Bug acknowledged by developer.
(Sat, 21 Jun 2014 18:51:05 GMT) (full text, mbox, link).
Message #29 received at 748766-close@bugs.debian.org (full text, mbox, reply):
Source: scheme48
Source-Version: 1.8+dfsg-1+deb7u1
We believe that the bug you reported is fixed in the latest version of
scheme48, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 748766@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thorsten Alteholz <debian@alteholz.de> (supplier of updated scheme48 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 14 Jun 2014 15:00:00 +0200
Source: scheme48
Binary: scheme48 scheme48-doc cmuscheme48-el
Architecture: source amd64 all
Version: 1.8+dfsg-1+deb7u1
Distribution: wheezy
Urgency: medium
Maintainer: Daniel Moerner <dmoerner@gmail.com>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
cmuscheme48-el - Emacs mode specialized for Scheme48
scheme48 - A simple, modular, and lightweight Scheme implementation
scheme48-doc - Documentation for the Scheme48 implementation of Scheme
Closes: 748766
Changes:
scheme48 (1.8+dfsg-1+deb7u1) wheezy; urgency=medium
.
* patch for insecure use of tmpfile (Closes: #748766)
(reported by Steve Kemp, patch by Michael Sperber)
(CVE-2014-4150)
Checksums-Sha1:
46b3fa9722a3b01555f3073ed5327caa7868ab1a 1327 scheme48_1.8+dfsg-1+deb7u1.dsc
affcedd7a01c1c8a8f9430e1edf137e2b72f0c30 3221528 scheme48_1.8+dfsg.orig.tar.gz
7253aa955a668f8457ec6e62a21e51962d5aa4cd 17627 scheme48_1.8+dfsg-1+deb7u1.diff.gz
dc5e86ebad2ce61c3a48f8cd107a63d07e453636 1419018 scheme48_1.8+dfsg-1+deb7u1_amd64.deb
6f4c2a5d70c5c9317186b1cc1938d6fe090017b9 558720 scheme48-doc_1.8+dfsg-1+deb7u1_all.deb
b59aeffa43d502a04a45437cb3bfd568bf30e773 13434 cmuscheme48-el_1.8+dfsg-1+deb7u1_all.deb
Checksums-Sha256:
aa5c749c131dec4fb2f8f363e6858081f2318c8611bb0945632fca1f2265a0c1 1327 scheme48_1.8+dfsg-1+deb7u1.dsc
b3911b32237b1be4d1e41b235f6178711546f0ec12a9d2ce7163e58dc0ddf685 3221528 scheme48_1.8+dfsg.orig.tar.gz
7d4c134d31b756ec3c883fe9a33d2dbe3affebf2c91554788de8934ba17b77d8 17627 scheme48_1.8+dfsg-1+deb7u1.diff.gz
5c5dc2dca059c3cf3232f84d0f4df3fe755f916d019b0d40471d0623ea923bba 1419018 scheme48_1.8+dfsg-1+deb7u1_amd64.deb
affe52018873734371b64fcae4d0e99195bc55c1a9e9f0d1782642752ccb1821 558720 scheme48-doc_1.8+dfsg-1+deb7u1_all.deb
6d0ab500b14f220c931535f0768543cc1a6e48bbde84f006e18b0374859a5c3e 13434 cmuscheme48-el_1.8+dfsg-1+deb7u1_all.deb
Files:
73ebee0091b39378aff081e95a43fddf 1327 lisp optional scheme48_1.8+dfsg-1+deb7u1.dsc
64c08c1702c6a385b0577be5f90b97ee 3221528 lisp optional scheme48_1.8+dfsg.orig.tar.gz
a69f84a7b0833f94f2545be4444c50a4 17627 lisp optional scheme48_1.8+dfsg-1+deb7u1.diff.gz
a64ce02f25d4f44bfb88eee450b05ac2 1419018 lisp optional scheme48_1.8+dfsg-1+deb7u1_amd64.deb
94147428f318c3b09cd2fa508c4efbab 558720 doc optional scheme48-doc_1.8+dfsg-1+deb7u1_all.deb
bb1ca81ea19e159e5e8dac3301eb0fc1 13434 lisp optional cmuscheme48-el_1.8+dfsg-1+deb7u1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlOkgjwACgkQ02K2KlS5mJCw6ACcCZv6704VPA8Pbs7XoF3KCrpJ
LNgAn0wQexNCJzj7XQ5KfsfG4h4348lc
=HKmN
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Sun, 20 Jul 2014 07:31:30 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Sun Jul 2 03:00:39 2023;
Machine Name:
bembo
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.