Multiple security vulnerabilities were recently discovered in the Tool Shed
that allow malicious actors to read and write files on the Tool Shed server
outside of normal Tool Shed repository directories.
1. A write vulnerability exists in the Tool Shed tarball and capsule upload
functionality. It is possible to create a tar archive that contains files
with parent directory components in the file path (e.g. "foo/../../bar"
would extract to "../bar"), and these archive members would be written if
the user running the Tool Shed had write permission to the given path. The
Tool Shed tarball handling code checked for invalid characters ('/' or
'..') at the beginning of the path but not for '..' in the middle of a path.
2. A read vulnerability exists in multiple places. The first is in the (now
deprecated) `hg push` functionality for updating Tool Shed repositories.
This method allows malicious actors to push symlinks whose targets are
outside the repository (either via an absolute or relative path). The
contents of the targets would then be visible in the Tool Shed repository
contents viewer, if the Tool Shed user has read permission on the target.
3. A second read vulnerability exists in the Tool Shed repository contents
viewer. The viewer would allow a malicious actor to specify a path outside
the repository, and if the Tool Shed system user had read permissions on
that path, it would be displayed. The viewer also did not check to ensure
that the targets of symlinks in a repository did not point outside the
The repository contents viewer read vulnerability also exists in Galaxy,
but is only reachable/exploitable by admin users.
The Galaxy Committers would like to thank Youri Hoogstrate at the Erasmus
MC, Rotterdam, who initially reported the `hg push` vulnerability. Through
additional auditing based on this attack vector, we discovered the other
These issues affect all known releases of the Tool Shed and Galaxy in at
least the last 3 years.
This vulnerability can be exploited to read any file available on the
system that is readable by the user running the Tool Shed or Galaxy server,
including Galaxy/Tool Shed config files, data, system config files,
contents of /proc, etc. As such, Tool Shed administrators are strongly
encouraged to update immediately. For Galaxy administrators, the impact is
not as great, unless Galaxy administrators do not have access to the Galaxy
server command line.
Fixes for these vulnerabilities have been applied to the 15.01 and newer
(14.10 in the case of the portion of the vulnerability affecting Galaxy)
release branches in the public GitHub and Bitbucket repositories. Tool Shed
versions older than 15.01 should upgrade (preferably to 16.01). To apply
the fix, first identify your current Galaxy release version using the `git
branch` or `hg branch` commands. If you are on a 'release_YY.MM' branch,
you can update with:
% git pull
% hg pull -u
The process above can also be used to update to the 16.01 release if you
are on the 'master' git branch or the 'stable' hg branch. If you are on the
'master'/'stable' branch and wish to remain on your current Galaxy major
release, check the 'lib/galaxy/version.py' file to determine your major
release version, then update to the appropriate branch:
% git checkout -b release_YY.MM origin/release_YY.MM
% git pull
% hg pull
% hg update release_YY.MM
For the changes to take effect, *YOU MUST RESTART ALL GALAXY SERVER
On behalf of the Galaxy Committers,
Please keep all replies on the list by using "reply all"
in your mail client. To manage your subscriptions to this
and other Galaxy lists, please use the interface at:
To search Galaxy mailing lists use the unified search at: