Your message dated Tue, 23 Aug 2005 23:02:04 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#321446: fixed in clamav-getfiles 0.5-1
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 5 Aug 2005 15:36:59 +0000
>From [EMAIL PROTECTED] Fri Aug 05 08:36:59 2005
Return-path: <[EMAIL PROTECTED]>
Received: from 148.red-213-96-98.pooles.rima-tde.net (silicio) [213.96.98.148]
(Debian-exim)
by spohr.debian.org with esmtp (Exim 3.36 1 (Debian))
id 1E14Fn-000801-00; Fri, 05 Aug 2005 08:36:59 -0700
Received: from jfs by silicio with local (Exim 4.52)
id 1E14Fk-0005az-FT
for [EMAIL PROTECTED]; Fri, 05 Aug 2005 17:36:56 +0200
Date: Fri, 5 Aug 2005 17:36:56 +0200
From: Javier =?iso-8859-1?Q?Fern=E1ndez-Sanguino_Pe=F1a?= <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: clamav-getfile: Insecure use of temporary files
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="O5XBE6gyVG5Rl6Rj"
Content-Disposition: inline
User-Agent: Mutt/1.5.9i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-3.0 required=4.0 tests=BAYES_00 autolearn=no
version=2.60-bugs.debian.org_2005_01_02
--O5XBE6gyVG5Rl6Rj
Content-Type: multipart/mixed; boundary="YZ5djTAD1cGYuMQK"
Content-Disposition: inline
--YZ5djTAD1cGYuMQK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: clamav-getfiles=20
Version: 0.4-2
Priority: important
Tags: security
The clamav-getfiles script is vulnerable to symlink attacks since it
creates a temporary file in an insecure manner (the process PID is not
suffient to avoid an attack) and does not check if the temporary file
exists before using it.
The attached patch is an attempt to fix this behaviour using the
mktemp tool.
Regards
Javier
--YZ5djTAD1cGYuMQK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="clamav-getfiles.in.diff"
Content-Transfer-Encoding: quoted-printable
--- clamav-getfiles.in.orig 2005-08-05 17:30:09.000000000 +0200
+++ clamav-getfiles.in 2005-08-05 17:31:44.000000000 +0200
@@ -114,7 +114,8 @@
fi
cd ..
=20
-OUTPUTFILE=3D"/tmp/clamscanoutput.$$"
+OUTPUTFILE=3D`mktemp -t clamscanoutput.XXXXXX` || { echo "$0: Cannot creat=
e temporary file" >&2; exit 1; }
+trap " [ -f \"$OUTPUTFILE\" ] && /bin/rm -f -- \"$OUTPUTFILE\"" 0 1 2 3 13=
15
=20
if [ -x "$CLAMSCAN" ]; then
[ "$CLAMAVTESTFILES" ] ||
CLAMAVTESTFILES=3D"/usr/share/clamav-testfiles"
@@ -125,13 +126,11 @@
cat $OUTPUTFILE
if [ $RET -ne 1 ] ; then
echo >&2 "An error ($RET) occured while scanning clamav test files."
- rm $OUTPUTFILE
exit 2
fi
NUMBADFILES=3D`< $OUTPUTFILE grep 'ClamAV-Test-File FOUND' | wc -l`
if [ $NUMBADFILES -ne $REFNUMBADFILES ]; then
echo >&2 "Wrong number ($NUMBADFILES/$REFNUMBADFILES) of 'infected'
f=
iles detected while scanning clamav test files"
- rm $OUTPUTFILE
exit 2
fi
=20
@@ -143,13 +142,11 @@
cat $OUTPUTFILE
if [ $RET -ne 1 ] ; then
echo >&2 "An error ($RET) occured while scanning the EICAR
Anti-V=
irus test file."
- rm $OUTPUTFILE
exit 2
fi
NUMBADFILES=3D`< $OUTPUTFILE grep 'Eicar-Test-Signature FOUND' | wc
-=
l`
if [ $NUMBADFILES -ne 1 ]; then
echo >&2 "Wrong number ($NUMBADFILES/1) of 'infected' files
detec=
ted while scanning EICAR Anti-Virus test file"
- rm $OUTPUTFILE
exit 2
fi
else
@@ -157,7 +154,6 @@
echo "You might want to install eicar-testfile or manually put
eicar.=
com"
echo "to $EICAR"
fi
- rm $OUTPUTFILE
else
echo 'No test scan with new databases done, no clamscan in path.'
fi
--YZ5djTAD1cGYuMQK--
--O5XBE6gyVG5Rl6Rj
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFC84eYsandgtyBSwkRAvpnAJ4x7rWpEI8VLsZq8TCSHsUppb+r6wCeNVMY
4zl17FOP4oVgKnGJeRprp+E=
=WHrU
-----END PGP SIGNATURE-----
--O5XBE6gyVG5Rl6Rj--
---------------------------------------
Received: (at 321446-close) by bugs.debian.org; 24 Aug 2005 06:10:12 +0000
>From [EMAIL PROTECTED] Tue Aug 23 23:10:12 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 3.36 1 (Debian))
id 1E7oKq-0004Lj-00; Tue, 23 Aug 2005 23:02:04 -0700
From: Marc Haber <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#321446: fixed in clamav-getfiles 0.5-1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Tue, 23 Aug 2005 23:02:04 -0700
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level:
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
Source: clamav-getfiles
Source-Version: 0.5-1
We believe that the bug you reported is fixed in the latest version of
clamav-getfiles, which is due to be installed in the Debian FTP archive:
clamav-getfiles_0.5-1.diff.gz
to pool/main/c/clamav-getfiles/clamav-getfiles_0.5-1.diff.gz
clamav-getfiles_0.5-1.dsc
to pool/main/c/clamav-getfiles/clamav-getfiles_0.5-1.dsc
clamav-getfiles_0.5-1_all.deb
to pool/main/c/clamav-getfiles/clamav-getfiles_0.5-1_all.deb
clamav-getfiles_0.5.orig.tar.gz
to pool/main/c/clamav-getfiles/clamav-getfiles_0.5.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Marc Haber <[EMAIL PROTECTED]> (supplier of updated clamav-getfiles package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 23 Aug 2005 15:12:47 +0000
Source: clamav-getfiles
Binary: clamav-getfiles
Architecture: source all
Version: 0.5-1
Distribution: unstable
Urgency: low
Maintainer: Marc Haber <[EMAIL PROTECTED]>
Changed-By: Marc Haber <[EMAIL PROTECTED]>
Description:
clamav-getfiles - Update script for clamav
Closes: 321446
Changes:
clamav-getfiles (0.5-1) unstable; urgency=low
.
* improve temp file creation by using mktemp. Thanks to Javier
Fernández-Sanguino Peña for the patch. Closes: #321446
* reload database in clamav-data postinst
Files:
3513177092ff6b3f784ace00d1bcc20b 613 utils optional clamav-getfiles_0.5-1.dsc
3367dee5f7119581143123fccfe85c1e 13750 utils optional
clamav-getfiles_0.5.orig.tar.gz
6d10dbbfd653ee316f9fd77fa0aaddcf 15394 utils optional
clamav-getfiles_0.5-1.diff.gz
441cd30d4b928cfbca9e8fc6969e8d49 27444 utils optional
clamav-getfiles_0.5-1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iEYEARECAAYFAkMLP58ACgkQgZalRGu6PIRoOACgt8RgbOtMhRXtsIdrVt84m1nL
kogAn3I2GnVH2ihKUF8LuGDJmaFVDCN0
=PDgV
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
