[Group.of.nepali.translators] [Bug 1655507] Re: CVE-2017-5330 - Ark: unintended execution of scripts and executable files

[Launchpad Bug Tracker]

This bug was fixed in the package ark - 4:16.04.3a-0ubuntu2.2

---
ark (4:16.04.3a-0ubuntu2.2) yakkety-security; urgency=medium

  * SECURITY UPDATE:unintended execution of scripts and executable files
  - debian/patches/no-exec-during-url-open.patch
  - Thanks to Fabian Vogt for reporting this issue, Elvis Angelaccio for 
fixing this issue.
  - CVE-2017-5330
  - fixes (LP: #1655507)

 -- Vishnu Vardhan Reddy Naini   Thu, 19 Jan
2017 03:10:04 +0530

** Changed in: ark (Ubuntu Yakkety)
   Status: In Progress => Fix Released

** Changed in: ark (Ubuntu Xenial)
   Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5530

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1655507

Title:
  CVE-2017-5330 - Ark: unintended execution of scripts and executable
  files

Status in ark package in Ubuntu:
  Fix Released
Status in ark source package in Xenial:
  Fix Released
Status in ark source package in Yakkety:
  Fix Released
Status in ark source package in Zesty:
  Fix Released

Bug description:
  KDE Project Security Advisory
  =

  Title:  Ark: unintended execution of scripts and executable files
  Risk Rating:Important
  CVE:CVE-2017-5330
  Versions:   ark >= 15.12
  Author: Elvis Angelaccio 
  Date:   12 January 2017

  Overview
  

  Through a (possibly malicious) tar archive that contains an
  executable shell script or binary, it was possible to execute
  arbitrary code on target machines.
  KRun::runUrl() has a runExecutable argument which defaults to true.
  Ark was using this default value and was also not checking
  whether an extracted file was executable before passing it to the
  runUrl() function.

  Impact
  ==

  An attacker can send legitimate tar archives with executable scripts or
  binaries disguised as normal files (say, with README or LICENSE as filenames).
  The attacker then can trick a user to select those files and click
  the Open button in the Ark toolbar, which triggers the affected code.

  Workaround
  ==

  Don't use the File -> Open functionality of Ark.
  You can still open archives (Archive->Open) and extract them.

  Solution
  

  Update to Ark >= 16.12.1

  For older releases of Ark, apply the following patches:

  Applications/16.08 branch: 
https://commits.kde.org/ark/49ce94df19607e234525afda5ad4190ce35300c3
  Applications/16.04 branch: 
https://commits.kde.org/ark/6b6da3f2e6ac5ca12b46d208d532948c1dbb8776
  Applications/15.12 branch: 
https://commits.kde.org/ark/e2448360eca1b81eb59fffca9584b0fc5fbd8e5b

  Credits
  ===

  Thanks to Fabian Vogt for reporting this issue, Elvis Angelaccio for
  fixing this issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ark/+bug/1655507/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp

[Group.of.nepali.translators] [Bug 1655507] Re: CVE-2017-5330 - Ark: unintended execution of scripts and executable files

[Rik Mills]

** Changed in: ark (Ubuntu Zesty)
   Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1655507

Title:
  CVE-2017-5330 - Ark: unintended execution of scripts and executable
  files

Status in ark package in Ubuntu:
  Fix Released
Status in ark source package in Xenial:
  Confirmed
Status in ark source package in Yakkety:
  Confirmed
Status in ark source package in Zesty:
  Fix Released

Bug description:
  KDE Project Security Advisory
  =

  Title:  Ark: unintended execution of scripts and executable files
  Risk Rating:Important
  CVE:CVE-2017-5330
  Versions:   ark >= 15.12
  Author: Elvis Angelaccio 
  Date:   12 January 2017

  Overview
  

  Through a (possibly malicious) tar archive that contains an
  executable shell script or binary, it was possible to execute
  arbitrary code on target machines.
  KRun::runUrl() has a runExecutable argument which defaults to true.
  Ark was using this default value and was also not checking
  whether an extracted file was executable before passing it to the
  runUrl() function.

  Impact
  ==

  An attacker can send legitimate tar archives with executable scripts or
  binaries disguised as normal files (say, with README or LICENSE as filenames).
  The attacker then can trick a user to select those files and click
  the Open button in the Ark toolbar, which triggers the affected code.

  Workaround
  ==

  Don't use the File -> Open functionality of Ark.
  You can still open archives (Archive->Open) and extract them.

  Solution
  

  Update to Ark >= 16.12.1

  For older releases of Ark, apply the following patches:

  Applications/16.08 branch: 
https://commits.kde.org/ark/49ce94df19607e234525afda5ad4190ce35300c3
  Applications/16.04 branch: 
https://commits.kde.org/ark/6b6da3f2e6ac5ca12b46d208d532948c1dbb8776
  Applications/15.12 branch: 
https://commits.kde.org/ark/e2448360eca1b81eb59fffca9584b0fc5fbd8e5b

  Credits
  ===

  Thanks to Fabian Vogt for reporting this issue, Elvis Angelaccio for
  fixing this issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ark/+bug/1655507/+subscriptions

___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help   : https://help.launchpad.net/ListHelp