Your message dated Sun, 16 Dec 2007 19:32:05 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#448319: fixed in vobcopy 1.0.2-1 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: vobcopy Version: 0.5.14-2 Severity: important Tags: security vobcopy -q opens /tmp/vobcopy.bla insecurely: open("/tmp/vobcopy.bla", O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0666) = 2 Similarly, vopbcopy -v -v opens /tmp/vobcopy_0.5.14.log insecurely: open("/tmp/vobcopy_0.5.14.log", O_WRONLY|O_CREAT|O_APPEND|O_LARGEFILE, 0666) = 2 Since there's no O_EXCL /tmp/vobcopy.bla can already exist as a symlink and will be followed, appending to an arbitrary file. Thankfully it is an append, so there's no direct data loss. The log files also tend to be empty so the best attack I can think of ATM is that If vobvopy is run as root, it can at be used to create /etc/nologin. The fix is simply to open the file with O_EXCL, or better, to use a standard, safe temp file function. (Which would have the benefit of also making it respect the TMPDIR environment variable.) -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.22-2-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages vobcopy depends on: ii libc6 2.6.1-6 GNU C Library: Shared libraries ii libdvdread3 0.9.7-3 library for reading DVDs vobcopy recommends no packages. -- no debconf information -- see shy jo
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---Source: vobcopy Source-Version: 1.0.2-1 We believe that the bug you reported is fixed in the latest version of vobcopy, which is due to be installed in the Debian FTP archive: vobcopy_1.0.2-1.diff.gz to pool/main/v/vobcopy/vobcopy_1.0.2-1.diff.gz vobcopy_1.0.2-1.dsc to pool/main/v/vobcopy/vobcopy_1.0.2-1.dsc vobcopy_1.0.2-1_i386.deb to pool/main/v/vobcopy/vobcopy_1.0.2-1_i386.deb vobcopy_1.0.2.orig.tar.gz to pool/main/v/vobcopy/vobcopy_1.0.2.orig.tar.gz A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stephen Birch <[EMAIL PROTECTED]> (supplier of updated vobcopy package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 14 Dec 2007 16:23:25 +0000 Source: vobcopy Binary: vobcopy Architecture: source i386 Version: 1.0.2-1 Distribution: unstable Urgency: low Maintainer: Stephen Birch <[EMAIL PROTECTED]> Changed-By: Stephen Birch <[EMAIL PROTECTED]> Description: vobcopy - A tool to copy DVD VOBs to hard disk Closes: 319721 341734 341735 341742 345324 345326 349682 367142 381553 448319 449534 451144 451145 Changes: vobcopy (1.0.2-1) unstable; urgency=low . * Fix possible symlink attack caused by insecure temporary file handling by using mkstemp (CVE-2007-5718; closes: #448319). * Bump standards Version to 3.7.3, no changes needed * Build dependency from "libdvdread3-dev | libdvdread2-dev" to libdvdread-dev * Fix man page typo s/pipeing/piping/ (closes: #367142) * Add upstream TODO file to docs * Add upstream Release-Notes to docs * Change to debhelper compatibility level 5 * Tidy up rules file * New upstream release (closes: #381553, #449534) - wrong device name from /etc/fstab instead of /etc/mtab (closes: #345324) - -L option documented in man page (closes: #451144) - -F produces files that are too big (closes: #349682) - inconsistent regarding default of -n (closes: #341742) - checks for free space but it doesn't warn (closes: #341734) - vobcopy: German manual page corrections (closes: #345326) - -m and -n mutually exclusive (closes: #341735) - Off by one error fixed (closes: #451145) - Fix error when filenames end with ;? (closes: #319721) Files: c7c523b1d64cfef08108cde99ec44452 574 utils optional vobcopy_1.0.2-1.dsc 9fcac3e1f143a236e1e5593e61a37bc8 47504 utils optional vobcopy_1.0.2.orig.tar.gz 38ef618a13e94e468f0a797006177110 5990 utils optional vobcopy_1.0.2-1.diff.gz bdce2123c583a72bd91196b558311203 35720 utils optional vobcopy_1.0.2-1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHZXsnHYflSXNkfP8RAu9LAJ99nwVFsk5vil4Kap1qkJSjqM1UAQCgrRP2 Ur9rd4oBsn9SfgD+VVWxdk8= =R0Vc -----END PGP SIGNATURE-----
--- End Message ---
