Explore top 10 tips to secure your open-source projects now. Read More
×
Mono is vulnerable to linking attacks, potentially allowing a local user to overwrite arbitrary files.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200611-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: Mono: Insecure temporary file creation Date: November 28, 2006 Bugs: #150264 ID: 200611-23 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Mono is vulnerable to linking attacks, potentially allowing a local user to overwrite arbitrary files. Background ========= Mono provides the necessary software to develop and run .NET client and server applications. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-lang/mono < 1.1.13.8.1 > = 1.1.13.8.1 Description ========== Sebastian Krahmer of the SuSE Security Team discovered that the System.CodeDom.Compiler classes of Mono create temporary files with insecure permissions. Impact ===== A local attacker could create links in the temporary file directory, pointing to a valid file somewhere on the filesystem. When an affected class is called, this could result in the file being overwritten with the rights of the user running the script. Workaround ========= There is no known workaround at this time. Resolution ========= All Mono users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =dev-lang/mono-1.1.13.8.1" References ========= [ 1 ] CVE-2006-5072 https://www.cve.org/CVERecord?id=CVE-2006-5072 Availability =========== ThisGLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200611-23 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to
Update to 1.14.7 release, which also fixes CAN-2004-0422.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2004-546 2004-12-15 ---------------------------------------------------------------------Product : Fedora Core 2 Name : flim Version : 1.14.7 Release : 0.FC2 Summary : Basic library for handling email messages for Emacs Description : FLIM is a library to provide basic features about message representation and encoding for Emacs. ---------------------------------------------------------------------Update Information: Update to 1.14.7 release, which also fixes CAN-2004-0422. ---------------------------------------------------------------------* Fri Dec 10 2004 Jens Petersen - 1.14.7-0.FC2 - backport FC3 package: - update to 1.14.7 release - includes fix for CAN-2004-0422 temp file vulnerability (124395) - drop requirements on emacs/xemacs for -nox users (Lars Hupfeldt Nielsen, 134479) - better url and summary - remove redundant docs, large changelog and tests (Warren Togami) ---------------------------------------------------------------------This update can be downloaded from: 07853817dad670bc579823fcd6da5b2e SRPMS/flim-1.14.7-0.FC2.src.rpm 12d318c9aa08ff9cacb9adb18ac7004f x86_64/flim-1.14.7-0.FC2.noarch.rpm 09f68ea43c5ada22faf6335b4cf580cc x86_64/flim-xemacs-1.14.7-0.FC2.noarch.rpm 12d318c9aa08ff9cacb9adb18ac7004f i386/flim-1.14.7-0.FC2.noarch.rpm 09f68ea43c5ada22faf6335b4cf580cc i386/flim-xemacs-1.14.7-0.FC2.noarch.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list
Zack Weinberg discovered that os._execvpe from os.py in Python
This additional advisory only announces a recompile of the package forthe Intel ia32 architecture.. - ---------------------------------------------------------------------------- Debian Security Advisory DSA-016-2
Topi Miettinen audited elvis-tiny and raised an issue covering the useand creation of temporary files.. - ------------------------------------------------------------------------ Debian Security Advisory
ghostscript makes use of mktemp instead of mkstemp to create temp files.. ` --------------------------------------------------------------------- Red Hat, Inc. Security Advisory Synopsis: ghostscript uses mktemp instead of mkstemp, and uses an improper LD_RUN_PATH Advisory ID: RHSA-2000:114-03 Issue date: 2000-11-22 Updated on: 2000-11-22 Product: Red Hat Linux Keywords: ghostscript mktemp LD_RUN_PATH Cross references: N/A --------------------------------------------------------------------- 1. Topic: ghostscript makes use of mktemp instead of mkstemp to create temp files; and also uses improper LD_RUN_PATH values, causing it to search for libraries in the current directory. 2. Relevant releases/architectures: Red Hat Linux 5.0 - i386, alpha, sparc Red Hat Linux 5.1 - i386, alpha, sparc Red Hat Linux 5.2 - i386, alpha, sparc Red Hat Linux 6.0 - i386, alpha, sparc Red Hat Linux 6.1 - i386, alpha, sparc Red Hat Linux 6.2 - i386, alpha, sparc Red Hat Linux 7.0 - i386 3. Problem description: ghostscript makes use of mktemp to create temp files, which is an insecure and predictable apporoach, it is now patched to use mkstemp, which avoid the race condition on the name. It also uses improper LD_RUN_PATH values, causing ghostscript to search for libraries to load in current directorys. 4. Solution: For each RPM for your particular architecture, run: rpm -Fvh [filename] where filename is the name of the RPM. 5. Bug IDs fixed ( for more info): 20924 - gs reads libraries from current directory 6. RPMs required: Red Hat Linux 5.2: alpha: sparc: i386: sources: Red Hat Linux 6.2: alpha: sparc: i386: sources: Red Hat Linux 7.0: i386: sources: 7. Verification: MD5 sum Package Name -------------------------------------------------------------------------- d44d8436655d25ca53d0c4a87c5c7c77 5.2/SRPMS/ghostscript-4.03-2.src.rpm 1c8363a912a6f538312b3e457664d0eb 5.2/alpha/ghostscript-4.03-2.alpha.rpm e11e7ec51f8e6051e50c5a93738f49ed 5.2/i386/ghostscript-4.03-2.i386.rpm d3550b9fa695207b1405ce12a848eae2 5.2/sparc/ghostscript-4.03-2.sparc.rpm e8c166031f02c9659f41a7e83ff4c97e 6.2/SRPMS/ghostscript-5.50-8_6.x.src.rpm 2e2944851c391f4ef50394d6b0c4a76a 6.2/alpha/ghostscript-5.50-8_6.x.alpha.rpm 9a4b61ddea7d18722198b772d6164619 6.2/i386/ghostscript-5.50-8_6.x.i386.rpm fba7b417faaf19629642325ec6f34b84 6.2/sparc/ghostscript-5.50-8_6.x.sparc.rpm 6ad7beeb79d23f32ad320a659f5591d6 7.0/SRPMS/ghostscript-5.50-8.src.rpm 0d5f4448d5245721b1e2762f360791f2 7.0/i386/ghostscript-5.50-8.i386.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: N/A Copyright(c) 2000 Red Hat, Inc. `. Analyzing the Ghostscript security alert for Red Hat distributions, we must assess mktemp vulnerabilities that may result in file race conditions and the risk of exposing confidential data. ghostscript security, Red Hat advisory, temp file issues, software patching. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.