Your message dated Sat, 05 Feb 2005 13:47:47 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Bug has been closed by the last upload
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 22 Jan 2005 10:52:10 +0000
>From [EMAIL PROTECTED] Sat Jan 22 02:52:10 2005
Return-path: <[EMAIL PROTECTED]>
Received: from canyonero.dot.net.au [202.147.68.14]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CsIsD-0001Mc-00; Sat, 22 Jan 2005 02:52:10 -0800
Received: from [202.147.82.65] (helo=democritus.tekno.house)
by canyonero.dot.net.au with esmtp (Exim 3.35 #1 (Debian))
id 1CsIri-0004yV-00
for <[EMAIL PROTECTED]>; Sat, 22 Jan 2005 21:51:38 +1100
Received: from yosamite (yosamite.tekno.house [10.1.75.21])
by democritus.tekno.house (Postfix) with SMTP id 9FB9B19387
for <[EMAIL PROTECTED]>; Sat, 22 Jan 2005 21:51:32 +1100 (EST)
Received: by yosamite (sSMTP sendmail emulation); Sat, 22 Jan 2005 21:51:32
+1100
Date: Sat, 22 Jan 2005 21:51:32 +1100
From: Sam Couter <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: firehol: insecure temporary directory handling
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="0IvGJv3f9h+YhkrH"
Content-Disposition: inline
X-Operating-System: Linux 2.6.10-1-k7 on a i686
X-Debbugs-Cc: [EMAIL PROTECTED]
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
--0IvGJv3f9h+YhkrH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: firehol
Version: 1.214-1
Severity: critical
Tags: security sarge
Both firehol and firehol-wizard use known temporary file names in a
predictably named temporary directory (PID-based).
Neither program ensures that those directories are safe before blasting
the contents of files within. An attacker can place carefully named
symlinks in the directory and overwrite or corrupt many files on the
system.
I have exploited this (it's trivial if even I can do it).
Security team says:
"You may add that if the author/maintainer doesn't know how to fix
the problem either, they should not hesitate to contact us."
--=20
Sam "Eddie" Couter | mailto:[EMAIL PROTECTED]
Debian Developer | mailto:[EMAIL PROTECTED]
| jabber:[EMAIL PROTECTED]
OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C
--0IvGJv3f9h+YhkrH
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFB8jA0hTADrt6Jx1wRAkMdAJ9b2d+hdggD4bmG71MlclHBsZXH/QCfanin
ZaO9KITbJsmUdLHBawkyPic=
=QUY4
-----END PGP SIGNATURE-----
--0IvGJv3f9h+YhkrH--
---------------------------------------
Received: (at 291680-done) by bugs.debian.org; 5 Feb 2005 12:48:11 +0000
>From [EMAIL PROTECTED] Sat Feb 05 04:48:11 2005
Return-path: <[EMAIL PROTECTED]>
Received: from ned.snow-crash.org [80.190.251.24] (postfix)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CxPMA-00011F-00; Sat, 05 Feb 2005 04:48:11 -0800
Received: from [192.168.0.5] (p508F2F81.dip.t-dialin.net [80.143.47.129])
by ned.snow-crash.org (Postfix) with ESMTP id 79B82179CB
for <[EMAIL PROTECTED]>; Sat, 5 Feb 2005 13:48:00 +0100 (CET)
Message-ID: <[EMAIL PROTECTED]>
Date: Sat, 05 Feb 2005 13:47:47 +0100
From: Alexander Wirt <[EMAIL PROTECTED]>
User-Agent: Debian Thunderbird 1.0 (X11/20050117)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: [EMAIL PROTECTED]
Subject: Bug has been closed by the last upload
X-Enigmail-Version: 0.86.1.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-ned.snow-crash.org-MailScanner: Found to be clean
X-ned.snow-crash.org-MailScanner-SpamCheck: not spam,
SpamAssassin (Wertung=-0.523, benoetigt 4.5, BAYES_00 -2.60,
RCVD_IN_NJABL_DUL 0.09, RCVD_IN_SORBS_DUL 1.99, SPF_HELO_FAIL 0.00)
X-MailScanner-From: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
I have fixed the Bug in firehol-1.214-3, but I have forgotten
to add the closeline in the changelog. So I close it manually
here.
Sorry for the inconvience
Alex
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
