Your message dated Sat, 06 Oct 2007 15:47:02 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#445308: fixed in guilt 0.27-1.1 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: guilt Version: 0.27-1 Severity: critical Tags: security guilt makes extensive use of the '$$' shell variable for temporary files in /tmp. This is a serious security vulnerability; on multi-user systems it allows an attacker to clobber files with something like the following: for i in `seq 1 32768`; do ln -sf /etc/passwd /tmp/guilt.log.$i; done (In this example, if root does e.g. 'guilt push', /etc/passwd will get clobbered.) Please use mktemp(1) to create temporary files. For reference: guilt-0.27$ grep '$$' * guilt: $reject "$p" > /dev/null 2> /tmp/guilt.log.$$ guilt: rm -f /tmp/guilt.log.$$ /tmp/guilt.msg.\ $$ guilt: do_get_header "$p" > /tmp/guilt.msg.$$ guilt: [ ! -s /tmp/guilt.msg.$$ ] && echo "patch $pname" > /tmp/guilt.\ msg.$$ guilt: rm -f /tmp/guilt.msg.$$ /tmp/guilt.log.$$ guilt: do_get_full_header "$p" > /tmp/guilt.diff.$$ guilt: ) >> /tmp/guilt.diff.$$ guilt: git-diff $diffopts "$2" >> /tmp/guilt.diff.$$ guilt-header: do_get_full_header "$GUILT_DIR/$branch/$patch" > /tmp/guilt.msg\ .$$ guilt-header: do_get_patch "$GUILT_DIR/$branch/$patch" > /tmp/guilt.diff.$$ guilt-header: cat /tmp/guilt.msg.$$ guilt-header: cat /tmp/guilt.diff.$$ guilt-0.27$ Thanks, -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.22-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages guilt depends on: ii git-core 1:1.5.3.3-1 fast, scalable, distributed revisi guilt recommends no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: guilt Source-Version: 0.27-1.1 We believe that the bug you reported is fixed in the latest version of guilt, which is due to be installed in the Debian FTP archive: guilt_0.27-1.1.diff.gz to pool/main/g/guilt/guilt_0.27-1.1.diff.gz guilt_0.27-1.1.dsc to pool/main/g/guilt/guilt_0.27-1.1.dsc guilt_0.27-1.1_all.deb to pool/main/g/guilt/guilt_0.27-1.1_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Nico Golde <[EMAIL PROTECTED]> (supplier of updated guilt package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 06 Oct 2007 12:47:08 +0200 Source: guilt Binary: guilt Architecture: source all Version: 0.27-1.1 Distribution: unstable Urgency: high Maintainer: Brandon Philips <[EMAIL PROTECTED]> Changed-By: Nico Golde <[EMAIL PROTECTED]> Description: guilt - quilt for git; similar to Mercurial queues Closes: 445308 Changes: guilt (0.27-1.1) unstable; urgency=high . * Non-maintainer upload by testing security team. * Included CVE-2007-5207.patch to fix insecure handling of temporary files (CVE-2007-5207) (Closes: #445308). Files: 3b604a6fe58b49f6d12eaa0493f58087 602 devel optional guilt_0.27-1.1.dsc 2e4ee15f25e00a62ef949938abad090f 3768 devel optional guilt_0.27-1.1.diff.gz 7f5da465c852866124c476292c852a20 38976 devel optional guilt_0.27-1.1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHB6r7HYflSXNkfP8RAulXAJ9T0DOIoHkonP2lz/Gp6LKw8GLCfACbB3nN Nr6bhZDCgJBxuxjnsN40wzo= =7BSV -----END PGP SIGNATURE-----
--- End Message ---
